Merge pull request #738 from buchdag/github-actions

Migrate CI to GitHub Actions as Travis CI is ending their free OSS builds
2024-06-06 18:56:04 +02:00 · 2020-12-23 19:51:40 +01:00 · 2020-12-23 19:51:40 +01:00 · 5e40af0d6d
parent cc66f42bae 3ac0f260e9
commit 5e40af0d6d
25 changed files with 349 additions and 138 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -0,0 +1,164 @@
+name: Tests
+
+on:
+  push:
+    paths-ignore:
+    - 'docs/**'
+    - '*.md'
+  pull_request:
+    paths-ignore:
+    - 'docs/**'
+    - '*.md'
+
+
+env:
+  DOCKER_GEN_CONTAINER_NAME: nginx-proxy-gen
+  IMAGE: jrcs/letsencrypt-nginx-proxy-companion
+  NGINX_CONTAINER_NAME: nginx-proxy
+  TEST_DOMAINS: le1.wtf,le2.wtf,le3.wtf
+
+jobs:
+  companion-build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v2
+      - name: Patch the Dockerfile's docker-gen
+        run: |
+          sed -i 's#DOCKER_GEN_VERSION=.*$#DOCKER_GEN_VERSION=fix-current-container-id#g' Dockerfile
+          sed -i 's#go get github.com/jwilder/docker-gen#go get github.com/buchdag/docker-gen \&\& mv /go/src/github.com/buchdag /go/src/github.com/jwilder#g' Dockerfile
+      - name: Build Image
+        run: docker build -t "$IMAGE" .
+      - name: Inspect Image
+        run: docker inspect "$IMAGE"
+      - name: Get acme.sh Version
+        run: docker run --rm "$IMAGE" acme.sh --version
+      - name: List Docker Images
+        run: docker images
+      - name: Export Image Artifact
+        run: docker save $IMAGE > companion.tar
+      - name: Upload Image Artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: companion.tar
+          path: companion.tar
+
+  nginx-proxy-build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v2
+      - name: Build patched nginx-proxy Image
+        run: docker build -t "jwilder/nginx-proxy:latest" ./test/setup/nginx-proxy
+      - name: Build patched docker-gen Image
+        run: docker build -t "jwilder/docker-gen:latest" ./test/setup/docker-gen
+      - name: List Docker Images
+        run: docker images
+      - name: Export Images Artifacts
+        run: |
+          docker save jwilder/nginx-proxy:latest > nginx-proxy.tar
+          docker save jwilder/docker-gen:latest > docker-gen.tar
+      - name: Upload nginx-proxy Image Artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: nginx-proxy.tar
+          path: nginx-proxy.tar
+      - name: Upload docker-gen Image Artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: docker-gen.tar
+          path: docker-gen.tar
+
+  docker-specs-testing:
+    needs: companion-build
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v2
+        with:
+          repository: docker-library/official-images
+          path: official-images
+      - name: Download Builded Image
+        uses: actions/download-artifact@v2
+        with:
+          name: companion.tar
+      - name: Import Builded Image
+        run: docker load < companion.tar
+      - name: Docker Specifications Testing
+        run: official-images/test/run.sh "$IMAGE"
+      - if: ${{ failure() }}
+        run: test/github_actions/containers-logs.sh
+
+  integration-testing:
+    needs: 
+      - companion-build
+      - nginx-proxy-build
+    strategy:
+      fail-fast: false
+      matrix:
+        setup: [2containers, 3containers]
+        test-name:
+          [
+            docker_api,
+            location_config,
+            default_cert,
+            certs_single,
+            certs_san,
+            certs_single_domain,
+            certs_standalone,
+            force_renew,
+            acme_accounts,
+            private_keys,
+            container_restart,
+            permissions_default,
+            permissions_custom,
+            symlinks,
+          ]
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v2
+      # PREPARE RUNNER ENV
+      - name: Add Test Domains in /etc/hosts
+        run: |
+          test_domains=$(echo $TEST_DOMAINS | tr "," "\n")
+          for domain in $test_domains
+          do
+              echo "127.0.0.1 $domain" | sudo tee -a /etc/hosts
+          done
+      - name: Setup Boulder
+        run: test/setup/setup-boulder.sh
+      - name: Download nginx-proxy Patched Image
+        uses: actions/download-artifact@v2
+        with:
+          name: nginx-proxy.tar
+      - name: Download docker-gen Patched Image
+        uses: actions/download-artifact@v2
+        with:
+          name: docker-gen.tar
+      - name: Import nginx-proxy patched Images
+        run: |
+          docker load < nginx-proxy.tar
+          docker load < docker-gen.tar
+      - name: Setup NGINX Proxy
+        env:
+          SETUP: ${{ matrix.setup }}
+        run: test/setup/setup-nginx-proxy.sh
+      # ADD BUILDED IMAGE
+      - name: Download Builded Image
+        uses: actions/download-artifact@v2
+        with:
+          name: companion.tar
+      - name: Import Builded Image
+        run: docker load < companion.tar
+      # TEST
+      - name: Integration Testing
+        env:
+          SETUP: ${{ matrix.setup }}
+        run: test/run.sh -t ${{ matrix.test-name }} "$IMAGE"
+      - if: ${{ failure() }}
+        run: test/github_actions/containers-logs.sh
--- a/.travis.yml
+++ b/.travis.yml
@ -1,49 +0,0 @@
-os: linux
-dist: focal
-
-language: shell
-
-branches:
-  only:
-  - master
-
-addons:
-  hosts:
-    - le1.wtf
-    - le2.wtf
-    - le3.wtf
-
-env:
-  global:
-    - IMAGE=jrcs/letsencrypt-nginx-proxy-companion
-    - NGINX_CONTAINER_NAME=nginx-proxy
-    - DOCKER_GEN_CONTAINER_NAME=nginx-proxy-gen
-    - TEST_DOMAINS=le1.wtf,le2.wtf,le3.wtf
-    - DOCKER_COMPOSE_VERSION=1.24.0
-
-jobs:
-  include:
-    - env: SETUP=2containers
-    - env: SETUP=3containers
-
-before_install:
-  - test/travis/update-docker-compose.sh
-
-install:
-  - docker build -t "$IMAGE" .
-  - docker inspect "$IMAGE"
-  - docker run --rm "$IMAGE" acme.sh --version
-  - docker images
-
-before_script:
-  - git clone https://github.com/docker-library/official-images.git official-images
-  - test/setup/setup-boulder.sh
-  - test/setup/setup-nginx-proxy.sh
-  - docker pull nginx:alpine
-
-script:
-  - official-images/test/run.sh "$IMAGE"
-  - test/run.sh "$IMAGE"
-
-after_failure:
-  - test/travis/containers-logs.sh
--- a/test/github_actions/containers-logs.sh
+++ b/test/github_actions/containers-logs.sh
@ -0,0 +1,24 @@
+#!/bin/bash
+
+bold_echo() {
+  echo -e "\033[33;1m$1\033[0m"
+}
+
+if [[ -f "$GITHUB_WORKSPACE/test/github_actions/failed_tests.txt" ]]; then
+  mapfile -t containers < "$GITHUB_WORKSPACE/test/github_actions/failed_tests.txt"
+fi
+
+containers+=("$NGINX_CONTAINER_NAME")
+[[ $SETUP = "3containers" ]] && containers+=("$DOCKER_GEN_CONTAINER_NAME")
+containers+=("boulder")
+
+for container in "${containers[@]}"; do
+  bold_echo "Docker container output for $container"
+  docker logs "$container"
+  docker inspect "$container"
+  if [[ "$container" == "acme_accounts" ]]; then
+    bold_echo "Docker container output for ${container}_default"
+    docker logs "${container}_default"
+    docker inspect "${container}_default"
+  fi
+done
--- a/test/run.sh
+++ b/test/run.sh
@ -203,7 +203,7 @@ dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 self="$(basename "$0")"
 failed_tests=()

-if [[ -z $TRAVIS ]] && [[ -f "$dir/local_test_env.sh" ]]; then
+if [[ -z $GITHUB_ACTIONS ]] && [[ -f "$dir/local_test_env.sh" ]]; then
 	# shellcheck source=/dev/null
 	source "$dir/local_test_env.sh"
 fi
@ -448,9 +448,9 @@ done

 if [ "$didFail" ]; then
 	## Next five lines were added by jrcs/docker-letsencrypt-nginx-proxy-companion
-	if [[ $TRAVIS == 'true' ]]; then
+	if [[ $GITHUB_ACTIONS == 'true' ]]; then
 		for test in "${failed_tests[@]}"; do
-			echo "$test" >> "$dir/travis/failed_tests.txt"
+			echo "$test" >> "$dir/github_actions/failed_tests.txt"
 		done
 	fi
 	## End of additional code
--- a/test/setup/docker-gen/Dockerfile
+++ b/test/setup/docker-gen/Dockerfile
@ -0,0 +1,37 @@
+FROM golang:1.15-alpine AS build-docker-gen
+
+ARG DOCKER_GEN_VERSION=fix-current-container-id
+
+LABEL stage=intermediate
+
+# Install build dependencies for docker-gen
+RUN apk add --update \
+	curl \
+	gcc \
+	git \
+	make \
+	musl-dev
+
+# Build docker-gen
+RUN go get github.com/buchdag/docker-gen \
+    && mv /go/src/github.com/buchdag /go/src/github.com/jwilder \
+    && cd /go/src/github.com/jwilder/docker-gen \
+    && git -c advice.detachedHead=false checkout $DOCKER_GEN_VERSION \
+    && make get-deps \
+    && make all
+
+FROM alpine:3.8
+
+LABEL maintainer="Nicolas Duchon <nicolas.duchon@gmail.com>"
+
+# DOCKER_GEN_VERSION environment variable is required by letsencrypt-nginx-proxy-companion
+ENV DOCKER_GEN_VERSION=0.7.4 \
+    DOCKER_HOST=unix:///tmp/docker.sock
+
+# Copy docker-gen binary from build stage
+COPY --from=build-docker-gen /go/src/github.com/jwilder/docker-gen/docker-gen /usr/local/bin/
+
+# Get latest nginx.tmpl
+ADD https://raw.githubusercontent.com/jwilder/nginx-proxy/master/nginx.tmpl /etc/docker-gen/templates/
+
+ENTRYPOINT ["/usr/local/bin/docker-gen"]
--- a/test/setup/nginx-proxy/Dockerfile
+++ b/test/setup/nginx-proxy/Dockerfile
@ -0,0 +1,71 @@
+FROM golang:1.15-alpine AS go-builder
+
+ARG DOCKER_GEN_VERSION=fix-current-container-id
+ARG FOREGO_VERSION=20180216151118
+
+LABEL stage=intermediate
+
+# Install build dependencies for docker-gen and forego
+RUN apk add --update \
+	curl \
+	gcc \
+	git \
+	make \
+	musl-dev
+
+# Build forego
+RUN go get github.com/ddollar/forego \
+    && cd /go/src/github.com/ddollar/forego \
+    && git -c advice.detachedHead=false checkout $FOREGO_VERSION \
+    && make all
+
+# Build docker-gen
+RUN go get github.com/buchdag/docker-gen \
+    && mv /go/src/github.com/buchdag /go/src/github.com/jwilder \
+    && cd /go/src/github.com/jwilder/docker-gen \
+    && git -c advice.detachedHead=false checkout $DOCKER_GEN_VERSION \
+    && make get-deps \
+    && make all
+
+FROM nginx:1.19-alpine
+
+LABEL maintainer="Nicolas Duchon <nicolas.duchon@gmail.com>"
+
+# DOCKER_GEN_VERSION environment variable is required by letsencrypt-nginx-proxy-companion
+ENV DOCKER_GEN_VERSION=0.7.4 \
+    DOCKER_HOST=unix:///tmp/docker.sock
+
+# Install/update run dependencies
+RUN apk add --update \
+    bash \
+    ca-certificates \
+    curl \
+    openssl \
+    && rm -rf /var/cache/apk/*
+
+# Configure Nginx and apply fix for very long server names
+RUN echo "daemon off;" >> /etc/nginx/nginx.conf \
+    && sed -i 's/worker_processes  1/worker_processes  auto/' /etc/nginx/nginx.conf
+
+# Copy forego and docker-gen binaries from build stage
+COPY --from=go-builder /go/src/github.com/ddollar/forego/forego /usr/local/bin/
+COPY --from=go-builder /go/src/github.com/jwilder/docker-gen/docker-gen /usr/local/bin/
+
+# Install nginx-proxy
+RUN mkdir /src /app \
+    && curl -sSL https://github.com/jwilder/nginx-proxy/archive/master.tar.gz \
+    | tar -C /src -xz \
+    && cp /src/nginx-proxy-master/Procfile /app/ \
+    && cp /src/nginx-proxy-master/dhparam.pem.default /app/ \
+    && cp /src/nginx-proxy-master/docker-entrypoint.sh /app/ \
+    && cp /src/nginx-proxy-master/generate-dhparam.sh /app/ \
+    && cp /src/nginx-proxy-master/nginx.tmpl /app/ \
+    && cp /src/nginx-proxy-master/network_internal.conf /etc/nginx/ \
+    && rm -rf /src
+
+WORKDIR /app
+
+VOLUME ["/etc/nginx/certs", "/etc/nginx/dhparam"]
+
+ENTRYPOINT ["/app/docker-entrypoint.sh"]
+CMD ["forego", "start", "-r"]
--- a/test/setup/setup-boulder.sh
+++ b/test/setup/setup-boulder.sh
@ -5,7 +5,7 @@ set -e
 acme_endpoint='http://boulder:4001/directory'

 setup_boulder() {
-  export GOPATH=${TRAVIS_BUILD_DIR}/go
+  export GOPATH=${GITHUB_WORKSPACE}/go
  [[ ! -d $GOPATH/src/github.com/letsencrypt/boulder ]] \
    && git clone https://github.com/letsencrypt/boulder \
      "$GOPATH/src/github.com/letsencrypt/boulder"
--- a/test/setup/setup-local.sh
+++ b/test/setup/setup-local.sh
@ -6,22 +6,23 @@ function get_environment {
  dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

  LOCAL_BUILD_DIR="$(cd "$dir/../.." && pwd)"
-  export TRAVIS_BUILD_DIR="$LOCAL_BUILD_DIR"
+  export GITHUB_WORKSPACE="$LOCAL_BUILD_DIR"

  # shellcheck source=/dev/null
-  [[ -f "${TRAVIS_BUILD_DIR}/test/local_test_env.sh" ]] && \
-    source "${TRAVIS_BUILD_DIR}/test/local_test_env.sh"
+  [[ -f "${GITHUB_WORKSPACE}/test/local_test_env.sh" ]] && \
+    source "${GITHUB_WORKSPACE}/test/local_test_env.sh"

-  # Get the environment variables from the .travis.yml file with sed
-  declare -a travis_yml
-  travis_yml[0]="$(sed -n 's/.*- NGINX_CONTAINER_NAME=//p' "$LOCAL_BUILD_DIR/.travis.yml")"
-  travis_yml[1]="$(sed -n 's/.*- DOCKER_GEN_CONTAINER_NAME=//p' "$LOCAL_BUILD_DIR/.travis.yml")"
-  travis_yml[2]="$(sed -n 's/.*- TEST_DOMAINS=//p' "$LOCAL_BUILD_DIR/.travis.yml")"
+  # Get the environment variables from the .github/workflows/test.yml file with sed
+  declare -a ci_test_yml
+  ci_test_yml[0]="$(sed -n 's/.* NGINX_CONTAINER_NAME: //p' "$LOCAL_BUILD_DIR/.github/workflows/test.yml")"
+  ci_test_yml[1]="$(sed -n 's/.* DOCKER_GEN_CONTAINER_NAME: //p' "$LOCAL_BUILD_DIR/.github/workflows/test.yml")"
+  ci_test_yml[2]="$(sed -n 's/.* TEST_DOMAINS: //p' "$LOCAL_BUILD_DIR/.github/workflows/test.yml")"

-  # If environment variable where sourced or manually set use them, else use those from .travis.yml
-  export NGINX_CONTAINER_NAME="${NGINX_CONTAINER_NAME:-${travis_yml[0]}}"
-  export DOCKER_GEN_CONTAINER_NAME="${DOCKER_GEN_CONTAINER_NAME:-${travis_yml[1]}}"
-  export TEST_DOMAINS="${TEST_DOMAINS:-${travis_yml[2]}}"
+  # If environment variable where sourced or manually set use them, else use those from 
+  # .github/workflows/test.yml
+  export NGINX_CONTAINER_NAME="${NGINX_CONTAINER_NAME:-${ci_test_yml[0]}}"
+  export DOCKER_GEN_CONTAINER_NAME="${DOCKER_GEN_CONTAINER_NAME:-${ci_test_yml[1]}}"
+  export TEST_DOMAINS="${TEST_DOMAINS:-${ci_test_yml[2]}}"

  # Build the array containing domains to add to /etc/hosts
  IFS=',' read -r -a domains <<< "$TEST_DOMAINS"
@ -57,8 +58,8 @@ case $1 in
    get_environment

    # Prepare the env file that run.sh will source
-    cat > "${TRAVIS_BUILD_DIR}/test/local_test_env.sh" <<EOF
-export TRAVIS_BUILD_DIR="$LOCAL_BUILD_DIR"
+    cat > "${GITHUB_WORKSPACE}/test/local_test_env.sh" <<EOF
+export GITHUB_WORKSPACE="$LOCAL_BUILD_DIR"
 export NGINX_CONTAINER_NAME="$NGINX_CONTAINER_NAME"
 export DOCKER_GEN_CONTAINER_NAME="$DOCKER_GEN_CONTAINER_NAME"
 export TEST_DOMAINS="$TEST_DOMAINS"
@ -77,8 +78,8 @@ EOF
    docker pull nginx:alpine

    # Prepare the test setup using the setup scripts
-    "${TRAVIS_BUILD_DIR}/test/setup/setup-boulder.sh"
-    "${TRAVIS_BUILD_DIR}/test/setup/setup-nginx-proxy.sh"
+    "${GITHUB_WORKSPACE}/test/setup/setup-boulder.sh"
+    "${GITHUB_WORKSPACE}/test/setup/setup-nginx-proxy.sh"
    ;;

  --teardown)
@ -92,14 +93,14 @@ EOF

    # Stop and remove boulder
    docker-compose --project-name 'boulder' \
-      --file "${TRAVIS_BUILD_DIR}/go/src/github.com/letsencrypt/boulder/docker-compose.yml" \
+      --file "${GITHUB_WORKSPACE}/go/src/github.com/letsencrypt/boulder/docker-compose.yml" \
      down --volumes

    # Cleanup files created by the setup
-    if [[ -n "${TRAVIS_BUILD_DIR// }" ]]; then
-      [[ -f "${TRAVIS_BUILD_DIR}/nginx.tmpl" ]]&& rm "${TRAVIS_BUILD_DIR}/nginx.tmpl"
-      rm "${TRAVIS_BUILD_DIR}/test/local_test_env.sh"
-      echo "The ${TRAVIS_BUILD_DIR}/go folder require superuser permission to fully remove."
+    if [[ -n "${GITHUB_WORKSPACE// }" ]]; then
+      [[ -f "${GITHUB_WORKSPACE}/nginx.tmpl" ]]&& rm "${GITHUB_WORKSPACE}/nginx.tmpl"
+      rm "${GITHUB_WORKSPACE}/test/local_test_env.sh"
+      echo "The ${GITHUB_WORKSPACE}/go folder require superuser permission to fully remove."
      echo "Doing sudo rm -rf in scripts is dangerous, so the folder won't be automatically removed."
    fi

--- a/test/setup/setup-nginx-proxy.sh
+++ b/test/setup/setup-nginx-proxy.sh
@ -18,7 +18,7 @@ case $SETUP in
    ;;

  3containers)
-    curl https://raw.githubusercontent.com/jwilder/nginx-proxy/master/nginx.tmpl > "${TRAVIS_BUILD_DIR}/nginx.tmpl"
+    curl https://raw.githubusercontent.com/jwilder/nginx-proxy/master/nginx.tmpl > "${GITHUB_WORKSPACE}/nginx.tmpl"

    docker run -d -p 80:80 -p 443:443 \
      --name "$NGINX_CONTAINER_NAME" \
@ -33,7 +33,7 @@ case $SETUP in
    docker run -d \
      --name "$DOCKER_GEN_CONTAINER_NAME" \
      --volumes-from "$NGINX_CONTAINER_NAME" \
-      -v "${TRAVIS_BUILD_DIR}/nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro" \
+      -v "${GITHUB_WORKSPACE}/nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro" \
      -v /var/run/docker.sock:/tmp/docker.sock:ro \
      --label com.github.jrcs.letsencrypt_nginx_proxy_companion.test_suite \
      --network boulder_bluenet \
--- a/test/tests/acme_accounts/run.sh
+++ b/test/tests/acme_accounts/run.sh
@ -2,7 +2,7 @@

 ## Test for ACME accounts handling.

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
--- a/test/tests/certs_san/run.sh
+++ b/test/tests/certs_san/run.sh
@ -2,7 +2,7 @@

 ## Test for SAN (Subject Alternative Names) certificates.

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
@ -90,8 +90,7 @@ for hosts in "${letsencrypt_hosts[@]}"; do
  done

  docker stop "$container" &> /dev/null
-  docker exec "$le_container_name" rm -rf /etc/nginx/certs/le?.wtf*
-  docker exec "$le_container_name" rm -rf /etc/acme.sh/default/le?.wtf*
+  docker exec "$le_container_name" /app/cleanup_test_artifacts
  i=$(( i + 1 ))

 done
--- a/test/tests/certs_single/run.sh
+++ b/test/tests/certs_single/run.sh
@ -2,7 +2,7 @@

 ## Test for single domain certificates.

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
--- a/test/tests/certs_single_domain/run.sh
+++ b/test/tests/certs_single_domain/run.sh
@ -2,7 +2,7 @@

 ## Test for spliting SAN certificates into single domain certificates by NGINX container env variables

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
@ -107,8 +107,7 @@ for hosts in "${letsencrypt_hosts[@]}"; do
  done

  docker stop "$container" &> /dev/null
-  docker exec "$le_container_name" rm -rf /etc/nginx/certs/le?.wtf*
-  docker exec "$le_container_name" rm -rf /etc/acme.sh/default/le?.wtf*
+  docker exec "$le_container_name" /app/cleanup_test_artifacts --default-cert
  i=$(( i + 1 ))

 done
--- a/test/tests/certs_standalone/run.sh
+++ b/test/tests/certs_standalone/run.sh
@ -2,7 +2,7 @@

 ## Test for standalone certificates.

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
@ -24,7 +24,7 @@ function cleanup {
 trap cleanup EXIT

 # Create letsencrypt_user_data with a single domain cert
-cat > "${TRAVIS_BUILD_DIR}/test/tests/certs_standalone/letsencrypt_user_data" <<EOF
+cat > "${GITHUB_WORKSPACE}/test/tests/certs_standalone/letsencrypt_user_data" <<EOF
 LETSENCRYPT_STANDALONE_CERTS=('single')
 LETSENCRYPT_single_HOST=('${domains[0]}')
 EOF
@ -43,7 +43,7 @@ elif [[ "${DRY_RUN:-}" == 1 ]]; then
 fi

 run_le_container "${1:?}" "$le_container_name" \
-  "--volume ${TRAVIS_BUILD_DIR}/test/tests/certs_standalone/letsencrypt_user_data:/app/letsencrypt_user_data"
+  "--volume ${GITHUB_WORKSPACE}/test/tests/certs_standalone/letsencrypt_user_data:/app/letsencrypt_user_data"

 # Wait for a file at /etc/nginx/conf.d/standalone-cert-${domains[0]}.conf
 wait_for_standalone_conf "${domains[0]}" "$le_container_name"
@ -66,7 +66,7 @@ docker exec "$le_container_name" bash -c "[[ -f /etc/nginx/conf.d/standalone-cer
  && echo "Standalone configuration for ${domains[0]} wasn't correctly removed."

 # Add another (SAN) certificate to letsencrypt_user_data
-cat > "${TRAVIS_BUILD_DIR}/test/tests/certs_standalone/letsencrypt_user_data" <<EOF
+cat > "${GITHUB_WORKSPACE}/test/tests/certs_standalone/letsencrypt_user_data" <<EOF
 LETSENCRYPT_STANDALONE_CERTS=('single' 'san')
 LETSENCRYPT_single_HOST=('${domains[0]}')
 LETSENCRYPT_san_HOST=('${domains[1]}' '${domains[2]}')
--- a/test/tests/container_restart/run.sh
+++ b/test/tests/container_restart/run.sh
@ -2,7 +2,7 @@

 ## Test for LETSENCRYPT_RESTART_CONTAINER variable.

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
@ -15,7 +15,7 @@ IFS=',' read -r -a domains <<< "$TEST_DOMAINS"
 # Listen for Docker restart events
 docker events \
  --filter event=restart \
-  --format 'Container {{.Actor.Attributes.name}} restarted' > "${TRAVIS_BUILD_DIR}/test/tests/container_restart/docker_event_out.txt" &
+  --format 'Container {{.Actor.Attributes.name}} restarted' > "${GITHUB_WORKSPACE}/test/tests/container_restart/docker_event_out.txt" &
 docker_events_pid=$!

 # Cleanup function with EXIT trap
@ -23,7 +23,7 @@ function cleanup {
  # Kill the Docker events listener
  kill $docker_events_pid && wait $docker_events_pid 2>/dev/null
  # Remove temporary files
-  rm -f "${TRAVIS_BUILD_DIR}/test/tests/container_restart/docker_event_out.txt"
+  rm -f "${GITHUB_WORKSPACE}/test/tests/container_restart/docker_event_out.txt"
  # Remove any remaining Nginx container(s) silently.
  for domain in "${domains[@]}"; do
    docker rm --force "$domain" &> /dev/null
@ -53,7 +53,7 @@ for domain in "${domains[@]}"; do
  # Check if container restarted
  timeout="$(date +%s)"
  timeout="$((timeout + 60))"
-  until grep "$domain" "${TRAVIS_BUILD_DIR}"/test/tests/container_restart/docker_event_out.txt; do
+  until grep "$domain" "${GITHUB_WORKSPACE}"/test/tests/container_restart/docker_event_out.txt; do
    if [[ "$(date +%s)" -gt "$timeout" ]]; then
      echo "Container $domain didn't restart in under one minute."
      break
--- a/test/tests/default_cert/run.sh
+++ b/test/tests/default_cert/run.sh
@ -2,7 +2,7 @@

 ## Test for default certificate creation.

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
@ -57,7 +57,7 @@ done
 # the certificate or private key file are deleted
 for file in 'default.key' 'default.crt'; do
  old_default_cert_fingerprint="$(default_cert_fingerprint)"
-  docker exec "$le_container_name" rm -f /etc/nginx/certs/$file
+  docker exec "$le_container_name" /app/cleanup_test_artifacts --default-cert
  docker restart "$le_container_name" > /dev/null
  timeout="$(date +%s)"
  timeout="$((timeout + 60))"
--- a/test/tests/docker_api/run.sh
+++ b/test/tests/docker_api/run.sh
@ -78,7 +78,7 @@ case $SETUP in
    "$1" \
    bash -c "$commands" 2>&1

-  cat > "${TRAVIS_BUILD_DIR}/test/tests/docker_api/expected-std-out.txt" <<EOF
+  cat > "${GITHUB_WORKSPACE}/test/tests/docker_api/expected-std-out.txt" <<EOF
 Container $nginx_vol received exec_start: sh -c /app/docker-entrypoint.sh /usr/local/bin/docker-gen /app/nginx.tmpl /etc/nginx/conf.d/default.conf; /usr/sbin/nginx -s reload
 $nginx_vol
 Container $nginx_env received exec_start: sh -c /app/docker-entrypoint.sh /usr/local/bin/docker-gen /app/nginx.tmpl /etc/nginx/conf.d/default.conf; /usr/sbin/nginx -s reload
@ -220,7 +220,7 @@ EOF
    "$1" \
    bash -c "$commands" 2>&1

-    cat > "${TRAVIS_BUILD_DIR}/test/tests/docker_api/expected-std-out.txt" <<EOF
+    cat > "${GITHUB_WORKSPACE}/test/tests/docker_api/expected-std-out.txt" <<EOF
 Container $docker_gen received signal 1
 Container $nginx_vol received signal 1
 $docker_gen
--- a/test/tests/force_renew/run.sh
+++ b/test/tests/force_renew/run.sh
@ -2,7 +2,7 @@

 ## Test for the /app/force_renew script.

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
--- a/test/tests/location_config/run.sh
+++ b/test/tests/location_config/run.sh
@ -7,7 +7,7 @@ test_comment='### This is a test comment'
 vhost_path='/etc/nginx/vhost.d'

 # Create custom location configuration file to be bind mounted
-location_file="${TRAVIS_BUILD_DIR}/test/tests/location_config/le2.wtf"
+location_file="${GITHUB_WORKSPACE}/test/tests/location_config/le2.wtf"
 echo "$test_comment" > "$location_file"

 # Create le1.wtf configuration file, *.le3.wtf and test.* from inside the nginx container
@ -18,7 +18,7 @@ docker exec "$NGINX_CONTAINER_NAME" sh -c "echo '### This is a test comment' > /
 # Zero the default configuration file.
 docker exec "$NGINX_CONTAINER_NAME" sh -c "echo '' > /etc/nginx/vhost.d/default"

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
--- a/test/tests/permissions_custom/run.sh
+++ b/test/tests/permissions_custom/run.sh
@ -7,7 +7,7 @@ files_gid=1001
 files_perms=640
 folders_perms=750

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
--- a/test/tests/permissions_default/run.sh
+++ b/test/tests/permissions_default/run.sh
@ -2,7 +2,7 @@

 ## Test for sensitive files and folders permissions

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
--- a/test/tests/private_keys/run.sh
+++ b/test/tests/private_keys/run.sh
@ -2,7 +2,7 @@

 ## Test for private keys types

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
--- a/test/tests/symlinks/run.sh
+++ b/test/tests/symlinks/run.sh
@ -2,7 +2,7 @@

 ## Test for symlink creation / removal.

-if [[ -z $TRAVIS ]]; then
+if [[ -z $GITHUB_ACTIONS ]]; then
  le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")"
 else
  le_container_name="$(basename "${0%/*}")"
--- a/test/travis/containers-logs.sh
+++ b/test/travis/containers-logs.sh
@ -1,28 +0,0 @@
-#!/bin/bash
-
-fold_start() {
-  echo -e "travis_fold:start:$1\033[33;1m$2\033[0m"
-}
-
-fold_end() {
-  echo -e "\ntravis_fold:end:$1\r"
-}
-
-if [[ -f "$TRAVIS_BUILD_DIR/test/travis/failed_tests.txt" ]]; then
-  mapfile -t containers < "$TRAVIS_BUILD_DIR/test/travis/failed_tests.txt"
-fi
-
-containers+=("$NGINX_CONTAINER_NAME")
-[[ $SETUP = "3containers" ]] && containers+=("$DOCKER_GEN_CONTAINER_NAME")
-containers+=("boulder")
-
-for container in "${containers[@]}"; do
-  fold_start "$container" "Docker container output for $container"
-  docker logs "$container"
-  fold_end "$container"
-  if [[ "$container" == "acme_accounts" ]]; then
-    fold_start "${container}_default" "Docker container output for ${container}_default"
-    docker logs "${container}_default"
-    fold_end "${container}_default"
-  fi
-done
--- a/test/travis/update-docker-compose.sh
+++ b/test/travis/update-docker-compose.sh
@ -1,7 +0,0 @@
-#!/bin/bash
-
-sudo rm /usr/local/bin/docker-compose
-curl -L "https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION/docker-compose-$(uname -s)-$(uname -m)" > docker-compose.temp
-chmod +x docker-compose.temp
-sudo mv docker-compose.temp /usr/local/bin/docker-compose
-docker-compose --version