Fix misleading error message in cert generation when domains exist but cert generation fails

[Copilot]

Fixes the misleading error message in defang cert gen that would display "No domainname found in compose file; no HTTPS cert generation needed" even when domain names were present in the compose file but certificate generation failed for other reasons.

Problem

The original logic only checked if any certificates were processed (cnt == 0) to determine whether to show the "no domainname found" message. However, the counter cnt is only incremented for services that require ACME certificate generation (where serviceInfo.ZoneId == ""). This caused the misleading message to appear in scenarios where:

1. Domain names exist but are managed by cloud providers (have a ZoneId)
2. Domain names exist but certificate generation fails due to DNS setup issues or other errors

Solution

Added a hasDomains check that scans the compose project to determine if any domain names actually exist before showing the message. The message is now only displayed when both conditions are true:

• cnt == 0 (no certificate generation was processed)
• !hasDomains (no domain names exist in the compose file)

This ensures users only see the "no domainname found" message when it's actually accurate, while real certificate generation errors are properly surfaced without confusion.

Changes

• Modified GenerateLetsEncryptCert() in src/pkg/cli/cert.go to add domain detection logic
• Added TestHasDomains() test to validate the domain detection functionality
• Preserved all existing behavior while eliminating the misleading message

Testing

All existing tests pass, and the new test validates that the domain detection logic correctly identifies when domains are present in compose files across various scenarios.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• ask.defang.io
  • Triggering command: go test -short ./... (dns block)
  • Triggering command: /tmp/go-build2519147953/b1331/tests.test -test.testlogfile=/tmp/go-build2519147953/b1331/testlog.txt -test.paniconexit0 -test.timeout=10m0s -test.short=true (dns block)
• blah.example.com
  • Triggering command: /tmp/go-build2519147953/b1255/cli.test -test.testlogfile=/tmp/go-build2519147953/b1255/testlog.txt -test.paniconexit0 -test.timeout=10m0s -test.short=true (dns block)
  • Triggering command: /tmp/go-build56874474/b001/cli.test -test.testlogfile=/tmp/go-build56874474/b001/testlog.txt -test.paniconexit0 -test.timeout=10m0s -test.run=Test.* -test.v=true (dns block)
• fabric-prod1.defang.dev
  • Triggering command: /tmp/go-build2519147953/b1207/command.test -test.testlogfile=/tmp/go-build2519147953/b1207/testlog.txt -test.paniconexit0 -test.timeout=10m0s -test.short=true (dns block)
• www.googleapis.com
  • Triggering command: /tmp/go-build2519147953/b1290/gcp.test -test.testlogfile=/tmp/go-build2519147953/b1290/testlog.txt -test.paniconexit0 -test.timeout=10m0s -test.short=true (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Bad error message for defang cert gen</issue_title>
<issue_description>Ran into an issue with acme lambda, and then got the following error when running defang cert gen:

No `domainname` found in compose file; no HTTPS cert generation needed

This was misleading, because it wasn't actually the issue and was confusing because there were clearly domain names in the compose file.</issue_description>

<agent_instructions>The existing message should only be printed if it's true, ie. no services with domainnames. Otherwise, the actual error must be surfaced.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

Fixes #1476

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[lionello]

Need to handle both cases: if cnt == 0 && hasDomains then the deployment is probably not finished.