From c2a8d0c91ed7bee87f986a8f5700af174ba237a6 Mon Sep 17 00:00:00 2001
From: Michael Kuzmin <mkuzmin@gmail.com>
Date: Tue, 24 Apr 2018 22:11:33 +0300
Subject: [PATCH] VPN to the test lab

---
 .gitignore                        |   1 -
 clone/builder_acc_test.go         |   2 +-
 teamcity-services.yml             |   4 ++--
 test/lab.ovpn                     |  38 ++++++++++++++++++++++++++++++
 test/lab.p12                      | Bin 0 -> 4141 bytes
 test-key.pem => test/test-key.pem |   0
 test-key.pub => test/test-key.pub |   0
 7 files changed, 41 insertions(+), 4 deletions(-)
 create mode 100644 test/lab.ovpn
 create mode 100644 test/lab.p12
 rename test-key.pem => test/test-key.pem (100%)
 rename test-key.pub => test/test-key.pub (100%)

diff --git a/.gitignore b/.gitignore
index 95ba90c78..ecf9eb819 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,4 +4,3 @@ packer-builder-vsphere*
 bin/
 test*.json
 crash.log
-vpn/
diff --git a/clone/builder_acc_test.go b/clone/builder_acc_test.go
index 6b2015c8f..dfece3151 100644
--- a/clone/builder_acc_test.go
+++ b/clone/builder_acc_test.go
@@ -441,7 +441,7 @@ func sshKeyConfig() string {
 	config := defaultConfig()
 	config["communicator"] = "ssh"
 	config["ssh_username"] = "root"
-	config["ssh_private_key_file"] = "../test-key.pem"
+	config["ssh_private_key_file"] = "../test/test-key.pem"
 	return commonT.RenderConfig(config)
 }
 
diff --git a/teamcity-services.yml b/teamcity-services.yml
index ab018745f..dfdc70f83 100644
--- a/teamcity-services.yml
+++ b/teamcity-services.yml
@@ -4,10 +4,10 @@ services:
     container_name: vpn
     image: jetbrainsinfra/openvpn
     volumes:
-      - ./vpn:/vpn:ro
+      - ./test:/vpn:ro
     cap_add:
       - NET_ADMIN
     devices:
       - /dev/net/tun:/dev/net/tun
     dns: 10.0.0.1
-    command: --config /vpn/jetbrains-vsphere-lab.ovpn --script-security 2 --auth-user-pass /vpn/creds.txt
+    entrypoint: "sh -c 'echo ${VPN_PASSWORD} | openvpn --cd /vpn/ --config lab.ovpn --askpass /dev/stdin'"
diff --git a/test/lab.ovpn b/test/lab.ovpn
new file mode 100644
index 000000000..313d027f5
--- /dev/null
+++ b/test/lab.ovpn
@@ -0,0 +1,38 @@
+dev tun
+persist-tun
+persist-key
+cipher AES-256-CBC
+ncp-ciphers AES-256-GCM:AES-128-GCM
+auth SHA1
+tls-client
+client
+resolv-retry infinite
+remote 81.3.129.9 2000 tcp-client
+remote-cert-tls server
+
+pkcs12 lab.p12
+
+<tls-auth>
+#
+# 2048 bit OpenVPN static key
+#
+-----BEGIN OpenVPN Static key V1-----
+6c9efab783fc2ee1a558bcedeaf92f8d
+85322bc05432fbb00745fcd00bb48857
+77cbf0c82462726a848657c56b62f6fd
+b9b1622c633188e848ce78c1b4476e9f
+938338532c79784f36d80156e3b29bcf
+493e64c393ee216b776c7a5d62c03aa8
+5fc5fea73990612f07660988da133b61
+34c847e67f65b8af407ae0b2761de402
+49ede990747659a878acaaf8fa1a6201
+1aa8ec5aeb01ccf50d1dc6e675dea291
+8d4c199c1c126fee9c112ce16c736159
+3234d5eaea167f5e60d01ad618fd33bb
+c262fb3d5227933d6149e45ab0246d58
+5f5d66d835fbfc8e8d51e0462194d835
+8f66f166ccef5616abba26dd38046a87
+9476359e2dc7a5b4dc045e3fbe39d6e6
+-----END OpenVPN Static key V1-----
+</tls-auth>
+key-direction 1
diff --git a/test/lab.p12 b/test/lab.p12
new file mode 100644
index 0000000000000000000000000000000000000000..e628d471c1566966c8d66deadfa728888015faa6
GIT binary patch
literal 4141
zcmY+GXD}R!yN4}yb<S#G_1;<H=px#xQ6fUrV2R#^V<T9-trjh6bkVKeqeqPvT{aR{
z^d)+`IWza(|GgjHd1s#A%scO=-#k#{Ujq050w|K|5JVyvsTp}r0U!btAgM5fNUGI8
zcoB*uP5e&;DnOEk{6TN<0eF9w-+vMSlo>?&-xtUMASfjvv75f3hPq__Pkel0ybvU*
zrhdePU;}`9{#T!3#&oK)7T&z^(xaluj26y5kDkijX*4k~6rjN`3D&yZZp!V@G9?Xh
zIVc%-yJhu%JF}`J7iD{_w&}Fy<-GWkA}e8=R2{~qn(m&aBC0D8mzp36uz#c;&I<g!
zd8V@Z1lGIXBjc`#v94n-0A-wP3wAz+^i5cCKa-+6+g>_rZeXm9!MhHvmUvONG-Ns&
z3?3eC9*$8f2K`p1>+2Vr+xi5Nx3f2y(B#xsfOA&oVcfHDANv2k<{uDg-5|{UD@A6S
ze<d0nO`x!G8qDW!=9t~N3K$_<6OArMIcez71bb>>Ps5p3PWTs#UbRxK{UFVn0VjRt
zcn->rxZAwG_4gU48;c$MF5&PE;vyW)+Aw=~8^Uga|4OKAy(6AIrAFduV2TiyAjh9C
zZNndCd#WjSi4W|pEGTV~S*3BM;_T$Ha@8zVr)wKC9^G4Pn9wPeo}=3ZD5HI_w`8py
zv&4;IpWg<H{d&-}pj~IcBp9qTqD=el_NsKoT*Ti?Qd@EVLbN*%z-40^)7k}E0r>UG
ziE~M*F#V)UEbhfnlBWJLSywj%VK30<^5lSLTCG-t496r0Vp2O_S-cM%V9`ZA0C(A5
z)xk9{NX(m3PTNn+(A9W)Ovnngb1t~I8Q@2-(?6#96g)4u2kGYP>vV%(IE+PW$lWzx
zDiJY_{XPV|;l3WGGSg2#(B=KsGa^k=acviCu=!bZfo$r=#_A%@PUMRc>_^+q#-4*F
zeWamY7;WFHfjAobk37aY#*!IhMygf>1ef&q!<Up_1~2!gCkbUpxOnyGk~Y-PCAde^
z5(}2ldAMCzJfXyTdoX_Wws9`Y(<Q73s_tAQ&i|+P<}ZL2Ikuk98JselKZUErh{g`8
zw|`b~33;Uxo(nH!_lyN*8oaIGI*}tbUVPr}3F-DqZGcpUF;vbvRlQHAIq23nS7hk2
zUwLihXTdTiRX6XnER(G3e<Y=lyNN+&;tt|cly(vx#U|8>jt9AaL_`ciRwp>38eR^x
zRVN~lWBF2745eXB998RLiXAL7Fy#ow+HLcFZd-v0^Xmg9oGiBq#U%)Euc#NhJd1NX
z;FS#Ia9pgUFlS2hS&ud*_+&h2cB(`o^G4vl^&ge~9<A(->9Z#rU#C-f2-iK4PnXey
zClfEeCquKePyLooxxL(}-zb=H6f&eADXVK9%2U&Pf27`7OQBP8b4C(Fcu~4$5C!9x
z_AcD^ux$C5b5}?c72WLdWV14FW%_&0C#b%COtUmH<-qXM`WkMNhYA#Dq{XU`xy-L_
zpz%@GE{+U%BgKuUfwSYf=4J~s!7$RC*`^)x^dK&^CASKr>v(WGuxNm>{K1jA;51@%
zd=i&rS8Q>WnfT#UG}Wh^2MeQmw|+Jl$cpoD2x<$cHEb1+-3otJXGoomi>E<SN`mO>
z;s#81*Pt3^&V1e6=+o=1;nFvX_gl8R(&~88#ZypI6&r_RVRksR*Q|}Wuhye{GpF<0
zc8{+Dc|vfJ_sUZcbN~v@NEsEzPnkvq7L|*P?{f05&5)HHKWn!RBhc+}7_|iTq`QF;
zu8d+_<X%ZO<#MdZawqL;NAqjhAG0pqD3`sd+L}AfpQ^qbvZrZofjp_^Ktmuans);3
z&Se|G_hd*(uAw6>vh3|fV~seMHK#-2a?ZOz!|&}Y=}xR=MIwa?zJHg<3n<|W0~jCI
z{BCf1oc?T&S_Xrw|G98eMYJ~o`tw<C$yt^?&Tm7F%cNl^+M0}bnyH^7uq&rxi67i6
zo8SStyNF-%rlNvk;5%mS8Uj6dv@&bSl!>z#;OU$@&ojzaV#9rkcIOX+Mqb%Tx4ubq
z1Wx)bWmUoU_IX2z4|Ebo#_tR&f%^-uA`I!kH4|+$A{-kmR1+^pakE}yIY?2A|IN3d
zs`K?<n}m{38&Rdi&TpOiFC5q*ccFdNuc4MO8gDUuyh~jajKY8z^o~Z>Kx$v2CM8yz
zGS@husnYKSWFbp9uQ`$YXp{7iYp|2T8O*)OA8MVpoUrjcy7yvj2j8I`Vq~B`ihpK#
zX!w538{GmTLJVUpb;}%AUc#jnZ&p9r7PrC<tEj6gMtnLq;obC}%1h9t$nxR=-tJOb
zF8#y1AQ^O}LWdhcTQ%*{$dq-r-T9dLKVSKAL#iIp(s`Mh!D%F2`$}}kspa3-5;C8_
zVZ>1NbVvItoF|>6s%j(h@awVYdTn3a5h@H8m5^hMzCIo;PEAYlU##-sT<65sTD&Va
zCnaqRwN7Yy>Y`bV?w%IDH#Vou%C%0MLKUR#RIxV#E0X4J&l(oWX9j{lHGlm(@Ju`R
zW5sg5iBE$Wn_wC1MqZ|M&fFlNsKvcR?-<+5_bGJd#=B#Pu`*h%zC*~*=mDL`gU&c@
z?rPYF`o``Q;|<%`wB>r7)@&6fi?C(iA;C&FK83?Z`!vzQTH&>aSJ`e)(8PDD%f3@4
zlG3lX=kJsZ4V@W=t!C8Zay0$vO*$K@MqNrVQDVn!59TR_9?!ktaE_yM-%6IB`9%Yb
z1Y1OnMqVM}gnJYcr8zb8GOiqjdQRiv#C#Eh&IALYdlo|zVxHU?3z(oI=r3P*G5E_t
zQZiu^bJO0dP#T|<<kBqWCCRw)iS*r!id{+%3F&K;yis-L^$*Kx58>pA6XyN3Z;au%
zxIC+&Y*d1idTx6_ZU_0n*INNvR`eCc7v^U-Ly^#YdN<PLP5*!`#;(!Bk5GK{7f2t2
zR5f=BkMv*6N4k#~-<pn2wOzi_6P6p0oJTP%8y%mpI;FT4^$BF{yu_K$*1{%1Hyn9~
zQb)~^IYK)iM<pf2Q}xxH;m3-3=#J0(tLIyTGFvuRW5YYP^p;!X;WdK}vKO*+9P-b)
z7MG34dS)+=%&KuhdXA!IiQ=S%c;}6QUU(DpHM`GuaMSm-)-xQQwqvU+b3aaRmoM_(
zFPlr4w~&ZrVMQFGbP*>qjdX~0<JUqj*6Lj&<QSQaUHII&B-p*j6&U@Ig&|6P#C`Fz
z?;m3HG^lpJ2MYw(-CmY=9pQNz1=tG$@f!|+a-9Q968JwBP}j$AV?Jw?Sj=gJF;BYQ
z3RwyApN>(P<JELP#E`#d9<HfXO{q68zI=wcbH68eCQZ)&6yje7avMo$dfPpH6(7Zl
zG!gnnx7zS#MJ0lIFFSoTrSDDPHWdggw%M{gE(nHnG&@?nc#av((`8Dypl2`Q|7|L#
zY){M!Y4SBFxW`?KoOpvPGE7R$qD0I#90RRj4s_ybNQzKh@Ym3dEt1Aij>6mKAXYb4
z&dBI`s+`@yKt+m-dF?}=osYCnJ|%6iefc&8-5tr%-BmSqK%;aV<|nx;=eC(tTfZj}
zu{tE(#2kO~O|F2acCvR`FR0l+#!LL$#g@TNjh?r+3yl<l;KB#2u&adOSuhcj&B>p!
z=XtWR<tp!0l2;JYDsZc*`f3sCYzw3F(mggP5~%!t#IpbilpsU`MgL&IKf?<m`yUM@
z1>hGT2@jx1!kzzTrv(4n>Bfw6k7rwT*S~g3h$I~8FYb?0Rt5H#NadbY$j;&SWHQH?
zJ`GwkZ0H*it;rXs)ec)g;g`s<Lf`@wHj3^U2o}!EDd+9<XQ;E`wALhjmY?t?8Y0a7
zX9It`>j$0z<K5{9bFYi)vZ4g_4d+VhuU32`$T$Av{@-aL_M{L$OwILw#>TsqP?zA*
z>PpNdWuE)<VqX@QC;KtlQorD5*6g;L|CJp*WC)AlGt6eG_Wtk*#2y|+7W^!irby9I
z3s<y}mW(1J%8X3N(xthu71}{m5S51<(QpNYFFqwW7DIVj`Q3bv)BoUHS1AxZN!(7!
zZ?Tu(5l6+vme~)%e$i4V&5}fT+}xDGSJ(IemlT-%1aaAE_$_lwcd1FsT_n?W=LFhH
ziLfvLtfYldcRz44L6r4~u-y1=XIxKKBIZ$^(Kwrjn(>B-S_Khp2vtt`c{Bp%m|n|V
z#kN52W+oVR_@Ek9{1f}iRy5AdS*Pp`f$95Oh2os&R*?%i-(p+%7EQ@wf{N>zVl;z%
zL7cT-A9t`@jpFDZby}L~gQaTHHe`u*Gc^ztQbv!i7CGGk)?(4G2En@%glPw<^R)2R
zt$E?TnIZx&Uc>ss1@p4HmVGAv%8OhU%nL0QuiZVR?vIt*wk1uY4DG$r&eW0KRwCLi
z!hVJlvhAl-4}f7e2~pb&9SL6g2{DS=F3OdiA#-@CRg7x}Ch*1~JquBSH8%%lSkvJ4
zD_-QLZh8_>PA<Gtf^}lmmlQcsVeoaTGv7y0X^2aCVlpvtoVlT(FRa{|$gN|4_(`J>
z_bH29MB1Gb=9b;PGRAoO<E4U|ZHDp`K-rZiuEq5Vrq8$0DCCA_U}LGgYs*i{lrDKO
zi9b9~dsMvxcI&Hmvb1{c_5S+P%(i5eP+b<rftBcSeSQy`1;AKhysL*pV3`c4l#W%*
z={M{<8X7j`@rKJmF6<SeDFM_9ObmsB*n1r+4beMO>((GHwkD<YF8h>%;ihnFj-!O_
zndGkfe+mSOq)PA>nROv0p+JhA>9)m3x5DG3@}pFTJYzA9510h9Eqjuis{Td{LZA8(
zRr|RAE_DxikV68H$x-G6T<UpveZFVcue_Z4V3~UPjhvjQ+((!+5bNx7pVgz9z9L-M
zH&kL_lNvmF-t5gr5VBUjPc2g{i%MZmq->*U`p|dAKQ;C+xcT^gDy`PG<s;a$ur*sb
zqQKNbioAMNKa&uDA$2!U5xz;lQu_rLdSHYiTJ2?e6_&XN#1fI(`&&veJ7!!Bsd48E
z1daRRPTn$67bkqk?#34lX0M1j8z|{KS?z|Ayn@p`Fr-I>myi4f(z)V@EQ<0sDYPAS
z=fzeKSg{bi&WKyVackG#%f5^CcGkgT5)Tqi|4<kA({{O44cqua?w6dC9yOMgXT8xj
zD49CN6)ImMm&i6=+?K4-FdJb{A#j*{d?ZAhMW_p;4P$5T&-zWApShTzJiEUp5z&F1
zd<&xv`5FpQ;oA`$e;+|j62=~RaqD!I3{36N81US`I|-Lg=7};EN<?OhcFo(2I`TfI
z$6ys7O4h0kJ_PO#IK)b2&b&Ukpw0y>II8-8ITFDWd^lgixG>x+&$Iphr}c9Gyz3J>
zlK|fEE^!_x*Z;O737t4SAuX#d%Tm|*Y5Q5Z;UJ2p^nfLGMII^+<$#iafI^f6_z)l-
nA#J|)!OE23(Ua}T!MlHm;~}uz(myQ;uh8C`^y9()+minU{|(y8

literal 0
HcmV?d00001

diff --git a/test-key.pem b/test/test-key.pem
similarity index 100%
rename from test-key.pem
rename to test/test-key.pem
diff --git a/test-key.pub b/test/test-key.pub
similarity index 100%
rename from test-key.pub
rename to test/test-key.pub