Pin boringtun image tag (#319)

* Pin boringtun image tag

Pin the image to a tag before boringtun's cli changed.
Specifically the --disable-drop-privileges flag need a boolean param.

* Fix image name

e2e/kilo-kind-userspace.yaml

@@ -136,7 +136,7 @@ spec:
           mountPath: /etc/kubernetes
           readOnly: true
       - name: boringtun
-        image: leonnicolas/boringtun:alpine
+        image: leonnicolas/boringtun:cc19859
         args:
         - --disable-drop-privileges=true
         - --foreground

e2e/lib.sh

@@ -54,7 +54,7 @@ build_kind_config() {
 	export API_SERVER_PORT="${2:-6443}"
 	export POD_SUBNET="${3:-10.42.0.0/16}"
 	export SERVICE_SUBNET="${4:-10.43.0.0/16}"
-	export WORKERS="" 
+	export WORKERS=""
 	local i=0
 	while [ "$i" -lt "$WORKER_COUNT" ]; do
 		WORKERS="$(printf "%s\n- role: worker" "$WORKERS")"
@@ -65,7 +65,7 @@ build_kind_config() {
 }
 
 create_interface() {
-	docker run -d --name="$1" --rm --network=host --cap-add=NET_ADMIN --device=/dev/net/tun -v /var/run/wireguard:/var/run/wireguard -e WG_LOG_LEVEL=debug leonnicolas/boringtun --foreground --disable-drop-privileges true "$1"
+	docker run -d --name="$1" --rm --network=host --cap-add=NET_ADMIN --device=/dev/net/tun -v /var/run/wireguard:/var/run/wireguard -e WG_LOG_LEVEL=debug leonnicolas/boringtun:cc19859 --foreground --disable-drop-privileges true "$1"
 }
 
 delete_interface() {
@@ -126,7 +126,7 @@ create_cluster() {
 	# Apply Kilo the the cluster.
 	_kubectl apply -f ../manifests/crds.yaml
 	_kubectl apply -f kilo-kind-userspace.yaml
-	block_until_ready_by_name kube-system kilo-userspace 
+	block_until_ready_by_name kube-system kilo-userspace
 	_kubectl wait nodes --all --for=condition=Ready
 	# Wait for CoreDNS.
 	block_until_ready kube_system k8s-app=kube-dns

manifests/kilo-k3s-userspace-heterogeneous.yaml

@@ -298,7 +298,7 @@ spec:
           mountPath: /var/run/wireguard
           readOnly: false
       - name: boringtun
-        image: leonnicolas/boringtun
+        image: leonnicolas/boringtun:cc19859
         args:
         - --disable-drop-privileges=true
         - --foreground
@@ -391,7 +391,7 @@ spec:
 ---
 kind: DaemonSet
 apiVersion: apps/v1
-metadata: 
+metadata:
   name: nkml
   namespace: kube-system
   labels:
@@ -410,7 +410,7 @@ spec:
       containers:
       - name: nkml
         image: leonnicolas/nkml
-        args: 
+        args:
         - --hostname=$(NODE_NAME)
         - --label-mod=wireguard
         - --kubeconfig=/etc/kubernetes/kubeconfig

manifests/kilo-k3s-userspace.yaml

@@ -165,7 +165,7 @@ spec:
           mountPath: /var/run/wireguard
           readOnly: false
       - name: boringtun
-        image: leonnicolas/boringtun
+        image: leonnicolas/boringtun:cc19859
         args:
         - --disable-drop-privileges=true
         - --foreground

manifests/kilo-kubeadm-flannel-userspace.yaml

@@ -67,7 +67,7 @@ spec:
       hostNetwork: true
       containers:
       - name: boringtun
-        image: leonnicolas/boringtun
+        image: leonnicolas/boringtun:cc19859
         args:
           - --disable-drop-privileges=true
           - --foreground

manifests/kilo-kubeadm-userspace.yaml

@@ -101,7 +101,7 @@ spec:
       hostNetwork: true
       containers:
       - name: boringtun
-        image: leonnicolas/boringtun
+        image: leonnicolas/boringtun:cc19859
         imagePullPolicy: IfNotPresent
         args:
           - --disable-drop-privileges=true