Pin boringtun image tag (#319)

* Pin boringtun image tag Pin the image to a tag before boringtun's cli changed. Specifically the --disable-drop-privileges flag need a boolean param. * Fix image name
2022-07-11 23:17:05 +02:00 · 2022-07-11 23:17:05 +02:00 · e328646617
commit e328646617
parent 6ebc914354
6 changed files with 10 additions and 10 deletions
--- a/e2e/kilo-kind-userspace.yaml
+++ b/e2e/kilo-kind-userspace.yaml
@ -136,7 +136,7 @@ spec:
          mountPath: /etc/kubernetes
          readOnly: true
      - name: boringtun
-        image: leonnicolas/boringtun:alpine
+        image: leonnicolas/boringtun:cc19859
        args:
        - --disable-drop-privileges=true
        - --foreground
--- a/e2e/lib.sh
+++ b/e2e/lib.sh
@ -54,7 +54,7 @@ build_kind_config() {
 	export API_SERVER_PORT="${2:-6443}"
 	export POD_SUBNET="${3:-10.42.0.0/16}"
 	export SERVICE_SUBNET="${4:-10.43.0.0/16}"
-	export WORKERS="" 
+	export WORKERS=""
 	local i=0
 	while [ "$i" -lt "$WORKER_COUNT" ]; do
 		WORKERS="$(printf "%s\n- role: worker" "$WORKERS")"
@ -65,7 +65,7 @@ build_kind_config() {
 }
 create_interface() {
-	docker run -d --name="$1" --rm --network=host --cap-add=NET_ADMIN --device=/dev/net/tun -v /var/run/wireguard:/var/run/wireguard -e WG_LOG_LEVEL=debug leonnicolas/boringtun --foreground --disable-drop-privileges true "$1"
+	docker run -d --name="$1" --rm --network=host --cap-add=NET_ADMIN --device=/dev/net/tun -v /var/run/wireguard:/var/run/wireguard -e WG_LOG_LEVEL=debug leonnicolas/boringtun:cc19859 --foreground --disable-drop-privileges true "$1"
 }
 delete_interface() {
@ -126,7 +126,7 @@ create_cluster() {
 	# Apply Kilo the the cluster.
 	_kubectl apply -f ../manifests/crds.yaml
 	_kubectl apply -f kilo-kind-userspace.yaml
-	block_until_ready_by_name kube-system kilo-userspace 
+	block_until_ready_by_name kube-system kilo-userspace
 	_kubectl wait nodes --all --for=condition=Ready
 	# Wait for CoreDNS.
 	block_until_ready kube_system k8s-app=kube-dns
--- a/manifests/kilo-k3s-userspace-heterogeneous.yaml
+++ b/manifests/kilo-k3s-userspace-heterogeneous.yaml
@ -298,7 +298,7 @@ spec:
          mountPath: /var/run/wireguard
          readOnly: false
      - name: boringtun
-        image: leonnicolas/boringtun
+        image: leonnicolas/boringtun:cc19859
        args:
        - --disable-drop-privileges=true
        - --foreground
@ -391,7 +391,7 @@ spec:
 ---
 kind: DaemonSet
 apiVersion: apps/v1
-metadata: 
+metadata:
  name: nkml
  namespace: kube-system
  labels:
@ -410,7 +410,7 @@ spec:
      containers:
      - name: nkml
        image: leonnicolas/nkml
-        args: 
+        args:
        - --hostname=$(NODE_NAME)
        - --label-mod=wireguard
        - --kubeconfig=/etc/kubernetes/kubeconfig
--- a/manifests/kilo-k3s-userspace.yaml
+++ b/manifests/kilo-k3s-userspace.yaml
@ -165,7 +165,7 @@ spec:
          mountPath: /var/run/wireguard
          readOnly: false
      - name: boringtun
-        image: leonnicolas/boringtun
+        image: leonnicolas/boringtun:cc19859
        args:
        - --disable-drop-privileges=true
        - --foreground
--- a/manifests/kilo-kubeadm-flannel-userspace.yaml
+++ b/manifests/kilo-kubeadm-flannel-userspace.yaml
@ -67,7 +67,7 @@ spec:
      hostNetwork: true
      containers:
      - name: boringtun
-        image: leonnicolas/boringtun
+        image: leonnicolas/boringtun:cc19859
        args:
          - --disable-drop-privileges=true
          - --foreground
--- a/manifests/kilo-kubeadm-userspace.yaml
+++ b/manifests/kilo-kubeadm-userspace.yaml
@ -101,7 +101,7 @@ spec:
      hostNetwork: true
      containers:
      - name: boringtun
-        image: leonnicolas/boringtun
+        image: leonnicolas/boringtun:cc19859
        imagePullPolicy: IfNotPresent
        args:
          - --disable-drop-privileges=true