Exclude several ARM64 scenarios from Molecule testing

TODO: Starting with systemd version 253 or 254 (I'm not sure which) it
is no longer possible to start systemd-resolved.service under QEMU
emulation.  We support this case, but we cannot test it until we have
native ARM64 runners.

See issue #10 for more details.

Author: jsf9k

.github/workflows/build.yml

@@ -180,6 +180,24 @@ jobs:
         architecture:
           - amd64
           - arm64
+        exclude:
+            # TODO: Starting with systemd version 253 or 254 (I'm not
+            # sure which) it is no longer possible to start
+            # systemd-resolved.service under QEMU emulation.  We
+            # support this case, but we cannot test it until we have
+            # native ARM64 runners.
+            #
+            # See issue #10 for more details.
+            - architecture: arm64
+              platform: debian13-systemd
+            - architecture: arm64
+              platform: fedora39-systemd
+            - architecture: arm64
+              platform: fedora40-systemd
+            - architecture: arm64
+              platform: kali-systemd
+            - architecture: arm64
+              platform: ubuntu-24-systemd
         platform:
           - amazonlinux2023-systemd
           # These platforms do not provide systemd-resolved.

molecule/default/molecule.yml

@@ -86,15 +86,21 @@ platforms:
     privileged: true
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
-  - cgroupns_mode: host
-    command: /lib/systemd/systemd
-    image: docker.io/cisagov/docker-debian13-ansible:latest
-    name: debian13-systemd-arm64
-    platform: arm64
-    pre_build_image: true
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+  # TODO: Starting with systemd version 253 or 254 (I'm not sure
+  # which) it is no longer possible to start systemd-resolved.service
+  # under QEMU emulation.  We support this case, but we cannot test it
+  # until we have native ARM64 runners.
+  #
+  # See issue #10 for more details.
+  # - cgroupns_mode: host
+  #   command: /lib/systemd/systemd
+  #   image: docker.io/cisagov/docker-debian13-ansible:latest
+  #   name: debian13-systemd-arm64
+  #   platform: arm64
+  #   pre_build_image: true
+  #   privileged: true
+  #   volumes:
+  #     - /sys/fs/cgroup:/sys/fs/cgroup:rw
   - cgroupns_mode: host
     command: /lib/systemd/systemd
     image: docker.io/cisagov/docker-kali-ansible:latest
@@ -104,15 +110,21 @@ platforms:
     privileged: true
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
-  - cgroupns_mode: host
-    command: /lib/systemd/systemd
-    image: docker.io/cisagov/docker-kali-ansible:latest
-    name: kali-systemd-arm64
-    platform: arm64
-    pre_build_image: true
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+  # TODO: Starting with systemd version 253 or 254 (I'm not sure
+  # which) it is no longer possible to start systemd-resolved.service
+  # under QEMU emulation.  We support this case, but we cannot test it
+  # until we have native ARM64 runners.
+  #
+  # See issue #10 for more details.
+  # - cgroupns_mode: host
+  #   command: /lib/systemd/systemd
+  #   image: docker.io/cisagov/docker-kali-ansible:latest
+  #   name: kali-systemd-arm64
+  #   platform: arm64
+  #   pre_build_image: true
+  #   privileged: true
+  #   volumes:
+  #     - /sys/fs/cgroup:/sys/fs/cgroup:rw
   - cgroupns_mode: host
     command: /lib/systemd/systemd
     image: docker.io/geerlingguy/docker-fedora39-ansible:latest
@@ -122,15 +134,21 @@ platforms:
     privileged: true
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
-  - cgroupns_mode: host
-    command: /lib/systemd/systemd
-    image: docker.io/geerlingguy/docker-fedora39-ansible:latest
-    name: fedora39-systemd-arm64
-    platform: arm64
-    pre_build_image: true
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+  # TODO: Starting with systemd version 253 or 254 (I'm not sure
+  # which) it is no longer possible to start systemd-resolved.service
+  # under QEMU emulation.  We support this case, but we cannot test it
+  # until we have native ARM64 runners.
+  #
+  # See issue #10 for more details.
+  # - cgroupns_mode: host
+  #   command: /lib/systemd/systemd
+  #   image: docker.io/geerlingguy/docker-fedora39-ansible:latest
+  #   name: fedora39-systemd-arm64
+  #   platform: arm64
+  #   pre_build_image: true
+  #   privileged: true
+  #   volumes:
+  #     - /sys/fs/cgroup:/sys/fs/cgroup:rw
   - cgroupns_mode: host
     command: /lib/systemd/systemd
     image: docker.io/geerlingguy/docker-fedora40-ansible:latest
@@ -140,15 +158,21 @@ platforms:
     privileged: true
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
-  - cgroupns_mode: host
-    command: /lib/systemd/systemd
-    image: docker.io/geerlingguy/docker-fedora40-ansible:latest
-    name: fedora40-systemd-arm64
-    platform: arm64
-    pre_build_image: true
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+  # TODO: Starting with systemd version 253 or 254 (I'm not sure
+  # which) it is no longer possible to start systemd-resolved.service
+  # under QEMU emulation.  We support this case, but we cannot test it
+  # until we have native ARM64 runners.
+  #
+  # See issue #10 for more details.
+  # - cgroupns_mode: host
+  #   command: /lib/systemd/systemd
+  #   image: docker.io/geerlingguy/docker-fedora40-ansible:latest
+  #   name: fedora40-systemd-arm64
+  #   platform: arm64
+  #   pre_build_image: true
+  #   privileged: true
+  #   volumes:
+  #     - /sys/fs/cgroup:/sys/fs/cgroup:rw
   # These platforms do not provide systemd-resolved.
   # - cgroupns_mode: host
   #   command: /lib/systemd/systemd
@@ -195,15 +219,21 @@ platforms:
     privileged: true
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
-  - cgroupns_mode: host
-    command: /lib/systemd/systemd
-    image: docker.io/geerlingguy/docker-ubuntu2404-ansible:latest
-    name: ubuntu-24-systemd-arm64
-    platform: arm64
-    pre_build_image: true
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+  # TODO: Starting with systemd version 253 or 254 (I'm not sure
+  # which) it is no longer possible to start systemd-resolved.service
+  # under QEMU emulation.  We support this case, but we cannot test it
+  # until we have native ARM64 runners.
+  #
+  # See issue #10 for more details.
+  # - cgroupns_mode: host
+  #   command: /lib/systemd/systemd
+  #   image: docker.io/geerlingguy/docker-ubuntu2404-ansible:latest
+  #   name: ubuntu-24-systemd-arm64
+  #   platform: arm64
+  #   pre_build_image: true
+  #   privileged: true
+  #   volumes:
+  #     - /sys/fs/cgroup:/sys/fs/cgroup:rw
 scenario:
   name: default
 verifier:

molecule/disable_stub_resolver/molecule.yml

@@ -86,15 +86,21 @@ platforms:
     privileged: true
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
-  - cgroupns_mode: host
-    command: /lib/systemd/systemd
-    image: docker.io/cisagov/docker-debian13-ansible:latest
-    name: debian13-systemd-arm64
-    platform: arm64
-    pre_build_image: true
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+  # TODO: Starting with systemd version 253 or 254 (I'm not sure
+  # which) it is no longer possible to start systemd-resolved.service
+  # under QEMU emulation.  We support this case, but we cannot test it
+  # until we have native ARM64 runners.
+  #
+  # See issue #10 for more details.
+  # - cgroupns_mode: host
+  #   command: /lib/systemd/systemd
+  #   image: docker.io/cisagov/docker-debian13-ansible:latest
+  #   name: debian13-systemd-arm64
+  #   platform: arm64
+  #   pre_build_image: true
+  #   privileged: true
+  #   volumes:
+  #     - /sys/fs/cgroup:/sys/fs/cgroup:rw
   - cgroupns_mode: host
     command: /lib/systemd/systemd
     image: docker.io/cisagov/docker-kali-ansible:latest
@@ -104,15 +110,21 @@ platforms:
     privileged: true
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
-  - cgroupns_mode: host
-    command: /lib/systemd/systemd
-    image: docker.io/cisagov/docker-kali-ansible:latest
-    name: kali-systemd-arm64
-    platform: arm64
-    pre_build_image: true
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+  # TODO: Starting with systemd version 253 or 254 (I'm not sure
+  # which) it is no longer possible to start systemd-resolved.service
+  # under QEMU emulation.  We support this case, but we cannot test it
+  # until we have native ARM64 runners.
+  #
+  # See issue #10 for more details.
+  # - cgroupns_mode: host
+  #   command: /lib/systemd/systemd
+  #   image: docker.io/cisagov/docker-kali-ansible:latest
+  #   name: kali-systemd-arm64
+  #   platform: arm64
+  #   pre_build_image: true
+  #   privileged: true
+  #   volumes:
+  #     - /sys/fs/cgroup:/sys/fs/cgroup:rw
   - cgroupns_mode: host
     command: /lib/systemd/systemd
     image: docker.io/geerlingguy/docker-fedora39-ansible:latest
@@ -122,15 +134,21 @@ platforms:
     privileged: true
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
-  - cgroupns_mode: host
-    command: /lib/systemd/systemd
-    image: docker.io/geerlingguy/docker-fedora39-ansible:latest
-    name: fedora39-systemd-arm64
-    platform: arm64
-    pre_build_image: true
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+  # TODO: Starting with systemd version 253 or 254 (I'm not sure
+  # which) it is no longer possible to start systemd-resolved.service
+  # under QEMU emulation.  We support this case, but we cannot test it
+  # until we have native ARM64 runners.
+  #
+  # See issue #10 for more details.
+  # - cgroupns_mode: host
+  #   command: /lib/systemd/systemd
+  #   image: docker.io/geerlingguy/docker-fedora39-ansible:latest
+  #   name: fedora39-systemd-arm64
+  #   platform: arm64
+  #   pre_build_image: true
+  #   privileged: true
+  #   volumes:
+  #     - /sys/fs/cgroup:/sys/fs/cgroup:rw
   - cgroupns_mode: host
     command: /lib/systemd/systemd
     image: docker.io/geerlingguy/docker-fedora40-ansible:latest
@@ -140,15 +158,21 @@ platforms:
     privileged: true
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
-  - cgroupns_mode: host
-    command: /lib/systemd/systemd
-    image: docker.io/geerlingguy/docker-fedora40-ansible:latest
-    name: fedora40-systemd-arm64
-    platform: arm64
-    pre_build_image: true
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+  # TODO: Starting with systemd version 253 or 254 (I'm not sure
+  # which) it is no longer possible to start systemd-resolved.service
+  # under QEMU emulation.  We support this case, but we cannot test it
+  # until we have native ARM64 runners.
+  #
+  # See issue #10 for more details.
+  # - cgroupns_mode: host
+  #   command: /lib/systemd/systemd
+  #   image: docker.io/geerlingguy/docker-fedora40-ansible:latest
+  #   name: fedora40-systemd-arm64
+  #   platform: arm64
+  #   pre_build_image: true
+  #   privileged: true
+  #   volumes:
+  #     - /sys/fs/cgroup:/sys/fs/cgroup:rw
   # These platforms do not provide systemd-resolved.
   # - cgroupns_mode: host
   #   command: /lib/systemd/systemd
@@ -195,15 +219,21 @@ platforms:
     privileged: true
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:rw
-  - cgroupns_mode: host
-    command: /lib/systemd/systemd
-    image: docker.io/geerlingguy/docker-ubuntu2404-ansible:latest
-    name: ubuntu-24-systemd-arm64
-    platform: arm64
-    pre_build_image: true
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+  # TODO: Starting with systemd version 253 or 254 (I'm not sure
+  # which) it is no longer possible to start systemd-resolved.service
+  # under QEMU emulation.  We support this case, but we cannot test it
+  # until we have native ARM64 runners.
+  #
+  # See issue #10 for more details.
+  # - cgroupns_mode: host
+  #   command: /lib/systemd/systemd
+  #   image: docker.io/geerlingguy/docker-ubuntu2404-ansible:latest
+  #   name: ubuntu-24-systemd-arm64
+  #   platform: arm64
+  #   pre_build_image: true
+  #   privileged: true
+  #   volumes:
+  #     - /sys/fs/cgroup:/sys/fs/cgroup:rw
 scenario:
   name: disable_stub_resolver
 verifier: