refactor: use openssl to inspect the certificate before deletion

legacy/build-deploy-docker-compose.sh

@@ -1932,7 +1932,10 @@ for TLS_FALSE_INGRESS in $TLS_FALSE_INGRESSES; do
   TLS_SECRETS=$(kubectl -n ${NAMESPACE} get ingress ${TLS_FALSE_INGRESS} -o json | jq -r '.spec.tls[]?.secretName')
   for TLS_SECRET in $TLS_SECRETS; do
     echo ">> Cleaning up certificate for ${TLS_SECRET} as tls-acme is set to false"
-    kubectl -n ${NAMESPACE} delete secret ${TLS_SECRET}-tls
+    # check if it is a lets encrypt certificate
+    if openssl x509 -in <(kubectl -n ${NAMESPACE} get secret ${TLS_SECRET}-tls -o json | jq -r '.data."tls.crt"' | base64 --decode) -text -noout | grep -o -q "Let's Encrypt" s &> /dev/null; then
+      kubectl -n ${NAMESPACE} delete secret ${TLS_SECRET}-tls
+    fi
     if kubectl -n ${NAMESPACE} get certificates.cert-manager.io ${TLS_SECRET} &> /dev/null; then
       kubectl -n ${NAMESPACE} delete certificates.cert-manager.io ${TLS_SECRET}
     fi