fix: download command now requires only keyvault URL.

package.json

@@ -1,6 +1,6 @@
 {
   "name": "azure-acme-provisioner",
-  "version": "0.3.0",
+  "version": "0.3.1",
   "author": {
     "name": "Sławomir Koszewski",
     "url": "https://github.com/skoszewski"

src/lib/config.ts

@@ -2,7 +2,7 @@ export interface Config {
   keyVaultUrl?: string;
   acmeDirectoryUrl: string;
   acmeContactEmail?: string;
-  subscriptionId: string;
+  subscriptionId?: string;
   resourceGroups: string[];
   dnsZones?: string[];
   renewalThresholdDays: number;
@@ -19,12 +19,6 @@ export class ConfigError extends Error {
   }
 }
 
-function requireEnv(name: string): string {
-  const value = process.env[name];
-  if (!value) throw new ConfigError(`Missing required environment variable: ${name}`);
-  return value;
-}
-
 function optionalEnv(name: string, defaultValue: string): string {
   return process.env[name] ?? defaultValue;
 }
@@ -38,11 +32,10 @@ function optionalEnvInt(name: string, defaultValue: number): number {
 }
 
 export function loadConfig(): Config {
-  const resourceGroupsRaw = requireEnv('ACME_RESOURCE_GROUPS');
+  const resourceGroupsRaw = process.env['ACME_RESOURCE_GROUPS'];
-  const resourceGroups = resourceGroupsRaw.split(',').map(s => s.trim()).filter(Boolean);
+  const resourceGroups = resourceGroupsRaw
-  if (resourceGroups.length === 0) {
+    ? resourceGroupsRaw.split(',').map(s => s.trim()).filter(Boolean)
-    throw new ConfigError('ACME_RESOURCE_GROUPS must contain at least one resource group');
+    : [];
-  }
 
   const dnsZonesRaw = process.env['ACME_DNS_ZONES'];
   const dnsZones = dnsZonesRaw
@@ -61,7 +54,7 @@ export function loadConfig(): Config {
       'https://acme-v02.api.letsencrypt.org/directory'
     ),
     acmeContactEmail: process.env['ACME_CONTACT_EMAIL'],
-    subscriptionId: requireEnv('ACME_SUBSCRIPTION_ID'),
+    subscriptionId: process.env['ACME_SUBSCRIPTION_ID'],
     resourceGroups,
     dnsZones,
     renewalThresholdDays: optionalEnvInt('ACME_RENEWAL_THRESHOLD_DAYS', 30),

src/lib/dns.ts

@@ -15,6 +15,7 @@ export async function scanDnsZones(
   credential: TokenCredential,
   config: Config
 ): Promise<DomainRecord[]> {
+  if (!config.subscriptionId) throw new Error('ACME_SUBSCRIPTION_ID is required for DNS zone scanning');
   const client = new DnsManagementClient(credential, config.subscriptionId);
   const results: DomainRecord[] = [];
   const seen = new Set<string>();
@@ -73,6 +74,7 @@ export class DnsChallengeManager implements ChallengeHandler {
     private readonly config: Config,
     private readonly log: (msg: string) => void
   ) {
+    if (!config.subscriptionId) throw new Error('ACME_SUBSCRIPTION_ID is required for DNS challenges');
     this.client = new DnsManagementClient(credential, config.subscriptionId);
   }