lets-encrypt-update (probably) shouldn't die when a certificate issuance fails

[ethanwu10]

Right now, if issuing a single certificate fails, lets-encrypt-update will die with an assertion failure

puppet/modules/ocf_www/files/lets-encrypt-update

Line 129 in f54d123

assert ret == 0, 'ocf-lets-encrypt returned {}'.format(ret)

We should probably log the error and keep going, so we keep updating the remaining certificates (assuming the failure was specific to a host)—also ensuring that if any errors happen, we exit nonzero.

[singingtelegram]

it's failing !!1