Integration and contract tests use credential url for vcenter

- Since we want the stembuild user to be the user with minimal
permissions for running package/construct, and the govc commands that
are run in test set-up for our integration/contract tests require additional permissions,
we need to provide different credentials for these test-setup commands.
- We now take in a VCENTER_ADMIN_CREDENTIAL_URL string to pass to these commands
- VCENTER_ADMIN_CREDENTIAL_URL is in the form of "username:password@url"
- We cannot use GOVC_USERNAME/GOVC_PASSWORD or a full GOVC_URL for
either the stembuild or admin users because govc will always choose
these credentials if provided.

[#166227545](https://www.pivotaltracker.com/story/show/166227545)
 [Pipeline Fix] Fix stembuild integration test permissions issue

Author: mvalliath

iaas_cli/govc_cli_test.go

@@ -15,7 +15,7 @@ var _ = Describe("GovcCli", func() {
 		})
 
 		It("lists the devices for a known VCenter VM", func() {
-			out, _, err := runner.RunWithOutput([]string{"device.ls", "-vm", targetVMPath})
+			out, _, err := runner.RunWithOutput([]string{"device.ls", "-vm", targetVMPath, "-u", vCenterCredentialUrl})
 			Expect(err).NotTo(HaveOccurred())
 			Expect(out).To(Equal(
 				`ide-200            VirtualIDEController          IDE 0
@@ -38,7 +38,7 @@ ethernet-0         VirtualE1000e                 DVSwitch: a7 fa 3a 50 a9 72 57
 		})
 
 		It("returns exit code 1, if VM doesn't exist", func() {
-			out, exitCode, err := runner.RunWithOutput([]string{"device.ls", "-vm", "/vm/does/not/exist"})
+			out, exitCode, err := runner.RunWithOutput([]string{"device.ls", "-vm", "/vm/does/not/exist", "-u", vCenterCredentialUrl})
 			Expect(err).NotTo(HaveOccurred())
 			Expect(exitCode).To(Equal(1))
 			Expect(out).To(Equal(""))

iaas_cli/iaas_cli_suite_test.go

@@ -15,12 +15,18 @@ func TestIaasCli(t *testing.T) {
 }
 
 var targetVMPath string
+var vCenterCredentialUrl string
 
 var _ = BeforeSuite(func() {
+
+	vCenterCredentialUrl = os.Getenv("VCENTER_ADMIN_CREDENTIAL_URL")
+	Expect(vCenterCredentialUrl).NotTo(Equal(""), "VCENTER_ADMIN_CREDENTIAL_URL is required")
+
 	vmFolder := os.Getenv("VM_FOLDER")
 	Expect(vmFolder).NotTo(Equal(""), "VM_FOLDER is required")
 	vmName := os.Getenv("PACKAGE_TEST_BASE_VM_NAME")
 	Expect(vmName).NotTo(Equal(""), "PACKAGE_TEST_BASE_VM_NAME is required")
 
 	targetVMPath = fmt.Sprintf("%s/%s", vmFolder, vmName)
+
 })

integration/construct/construct_suite_test.go

@@ -40,31 +40,30 @@ func TestConstruct(t *testing.T) {
 }
 
 const (
-	NetworkGatewayVariable           = "NETWORK_GATEWAY"
-	SubnetMaskVariable               = "SUBNET_MASK"
-	OvaFileVariable                  = "OVA_FILE"
-	VMNamePrefixVariable             = "VM_NAME_PREFIX"
-	VMFolderVariable                 = "VM_FOLDER"
-	VMUsernameVariable               = "VM_USERNAME"
-	VMPasswordVariable               = "VM_PASSWORD"
-	VMNetworkVariable                = "GOVC_NETWORK"
-	ExistingVmIPVariable             = "EXISTING_VM_IP"
-	UserProvidedIPVariable           = "USER_PROVIDED_IP"
-	LockPrivateKeyVariable           = "LOCK_PRIVATE_KEY"
-	IPPoolGitURIVariable             = "IP_POOL_GIT_URI"
-	IPPoolNameVariable               = "IP_POOL_NAME"
-	OvaSourceS3RegionVariable        = "OVA_SOURCE_S3_REGION"
-	OvaSourceS3BucketVariable        = "OVA_SOURCE_S3_BUCKET"
-	OvaSourceS3FilenameVariable      = "OVA_SOURCE_S3_FILENAME"
-	AwsAccessKeyVariable             = "AWS_ACCESS_KEY_ID"
-	AwsSecretKeyVariable             = "AWS_SECRET_ACCESS_KEY"
-	SkipCleanupVariable              = "SKIP_CLEANUP"
-	vcenterFolderVariable            = "VM_FOLDER"
-	vcenterURLVariable               = "GOVC_URL"
-	vcenterAdminUsernameVariable     = "VCENTER_ADMIN_USERNAME"
-	vcenterAdminPasswordVariable     = "VCENTER_ADMIN_PASSWORD"
-	vcenterStembuildUsernameVariable = "VCENTER_STEMBUILD_USER"
-	vcenterStembuildPasswordVariable = "VCENTER_STEMBUILD_PASSWORD"
+	NetworkGatewayVariable            = "NETWORK_GATEWAY"
+	SubnetMaskVariable                = "SUBNET_MASK"
+	OvaFileVariable                   = "OVA_FILE"
+	VMNamePrefixVariable              = "VM_NAME_PREFIX"
+	VMFolderVariable                  = "VM_FOLDER"
+	VMUsernameVariable                = "VM_USERNAME"
+	VMPasswordVariable                = "VM_PASSWORD"
+	VMNetworkVariable                 = "GOVC_NETWORK"
+	ExistingVmIPVariable              = "EXISTING_VM_IP"
+	UserProvidedIPVariable            = "USER_PROVIDED_IP"
+	LockPrivateKeyVariable            = "LOCK_PRIVATE_KEY"
+	IPPoolGitURIVariable              = "IP_POOL_GIT_URI"
+	IPPoolNameVariable                = "IP_POOL_NAME"
+	OvaSourceS3RegionVariable         = "OVA_SOURCE_S3_REGION"
+	OvaSourceS3BucketVariable         = "OVA_SOURCE_S3_BUCKET"
+	OvaSourceS3FilenameVariable       = "OVA_SOURCE_S3_FILENAME"
+	AwsAccessKeyVariable              = "AWS_ACCESS_KEY_ID"
+	AwsSecretKeyVariable              = "AWS_SECRET_ACCESS_KEY"
+	SkipCleanupVariable               = "SKIP_CLEANUP"
+	vcenterFolderVariable             = "VM_FOLDER"
+	vcenterAdminCredentialUrlVariable = "VCENTER_ADMIN_CREDENTIAL_URL"
+	vcenterBaseURLVariable            = "VCENTER_BASE_URL"
+	vcenterStembuildUsernameVariable  = "VCENTER_STEMBUILD_USER"
+	vcenterStembuildPasswordVariable  = "VCENTER_STEMBUILD_PASSWORD"
 )
 
 var (
@@ -162,13 +161,10 @@ var _ = SynchronizedBeforeSuite(func() []byte {
 	vmPassword := envMustExist(VMPasswordVariable)
 	existingVMIP := os.Getenv(ExistingVmIPVariable)
 	userProvidedIP := os.Getenv(UserProvidedIPVariable)
-	vCenterUrl := envMustExist(vcenterURLVariable)
+	vCenterUrl := envMustExist(vcenterBaseURLVariable)
 	vcenterFolder := envMustExist(vcenterFolderVariable)
 	vmNamePrefix := envMustExist(VMNamePrefixVariable)
-
-	vcenterAdminUsername := envMustExist(vcenterAdminUsernameVariable)
-	vcenterAdminPassword := envMustExist(vcenterAdminPasswordVariable)
-	vcenterAdminCredentialUrl = fmt.Sprintf("%s:%s@%s", vcenterAdminUsername, vcenterAdminPassword, vCenterUrl)
+	vcenterAdminCredentialUrl = envMustExist(vcenterAdminCredentialUrlVariable)
 
 	vCenterStembuildUser := envMustExist(vcenterStembuildUsernameVariable)
 	vCenterStembuildPassword := envMustExist(vcenterStembuildPasswordVariable)

integration/construct/winrm_test.go

@@ -1,10 +1,11 @@
 package construct_test
 
 import (
+	"path/filepath"
+
 	. "github.com/cloudfoundry-incubator/stembuild/remotemanager"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
-	"path/filepath"
 )
 
 var _ = Describe("WinRM Remote Manager", func() {

integration/package/package_test.go

@@ -26,15 +26,14 @@ import (
 
 var _ = Describe("Package", func() {
 	const (
-		baseVMNameEnvVar                 = "PACKAGE_TEST_BASE_VM_NAME"
-		mainVersion                      = "1803.5.3999"
-		vcenterURLVariable               = "GOVC_URL"
-		vcenterAdminUsernameVariable     = "VCENTER_ADMIN_USERNAME"
-		vcenterAdminPasswordVariable     = "VCENTER_ADMIN_PASSWORD"
-		vcenterFolderVariable            = "VM_FOLDER"
-		existingVMVariable               = "EXISTING_SOURCE_VM"
-		vcenterStembuildUsernameVariable = "VCENTER_STEMBUILD_USER"
-		vcenterStembuildPasswordVariable = "VCENTER_STEMBUILD_PASSWORD"
+		baseVMNameEnvVar                  = "PACKAGE_TEST_BASE_VM_NAME"
+		mainVersion                       = "1803.5.3999"
+		vcenterURLVariable                = "VCENTER_BASE_URL"
+		vcenterAdminCredentialUrlVariable = "VCENTER_ADMIN_CREDENTIAL_URL"
+		vcenterFolderVariable             = "VM_FOLDER"
+		existingVMVariable                = "EXISTING_SOURCE_VM"
+		vcenterStembuildUsernameVariable  = "VCENTER_STEMBUILD_USER"
+		vcenterStembuildPasswordVariable  = "VCENTER_STEMBUILD_PASSWORD"
 	)
 
 	var (
@@ -76,21 +75,17 @@ var _ = Describe("Package", func() {
 		baseVMWithPath := fmt.Sprintf(vcenterFolder + "/" + baseVMName)
 		vmPath = strings.Join([]string{vcenterFolder, sourceVMName}, "/")
 
-		vcenterAdminUsername := helpers.EnvMustExist(vcenterAdminUsernameVariable)
-		vcenterAdminPassword := helpers.EnvMustExist(vcenterAdminPasswordVariable)
-
-		vcenterURL = helpers.EnvMustExist(vcenterURLVariable)
-
-		vcenterAdminCredentialUrl = fmt.Sprintf("%s:%s@%s", vcenterAdminUsername, vcenterAdminPassword, vcenterURL)
+		vcenterAdminCredentialUrl = helpers.EnvMustExist(vcenterAdminCredentialUrlVariable)
 
 		cli.Run([]string{
 			"vm.clone",
 			"-vm", baseVMWithPath,
 			"-on=false",
-			"-u=%s", vcenterAdminCredentialUrl,
+			"-u", vcenterAdminCredentialUrl,
 			sourceVMName,
 		})
 
+		vcenterURL = helpers.EnvMustExist(vcenterURLVariable)
 		vcenterStembuildUsername = helpers.EnvMustExist(vcenterStembuildUsernameVariable)
 		vcenterStembuildPassword = helpers.EnvMustExist(vcenterStembuildPasswordVariable)
 
@@ -145,7 +140,7 @@ var _ = Describe("Package", func() {
 	AfterEach(func() {
 		os.RemoveAll(workingDir)
 		if vmPath != "" {
-			cli.Run([]string{"vm.destroy", "-vm.ipath", vmPath, "-u=%s", vcenterAdminCredentialUrl})
+			cli.Run([]string{"vm.destroy", "-vm.ipath", vmPath, "-u", vcenterAdminCredentialUrl})
 		}
 	})
 })

integration/version_test.go

@@ -2,6 +2,7 @@ package integration_test
 
 import (
 	"fmt"
+
 	"github.com/cloudfoundry-incubator/stembuild/test/helpers"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"