diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index df245b4..18ed5bf 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -184,26 +184,6 @@ jobs: architecture: - amd64 - arm64 - exclude: - # TODO: Starting with systemd version 253 or 254 (I'm not - # sure which) it is no longer possible to start - # systemd-resolved.service under QEMU emulation. We - # support this case, but we cannot test it until we have - # native ARM64 runners. - # - # See issue #10 for more details. - - architecture: arm64 - platform: debian13-systemd - - architecture: arm64 - platform: fedora39-systemd - - architecture: arm64 - platform: fedora40-systemd - - architecture: arm64 - platform: fedora41-systemd - - architecture: arm64 - platform: kali-systemd - - architecture: arm64 - platform: ubuntu-24-systemd platform: - amazonlinux2023-systemd # These platforms do not provide systemd-resolved. diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index d7b1d7a..167d417 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -86,21 +86,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/cisagov/docker-debian13-ansible:latest - # name: debian13-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/cisagov/docker-debian13-ansible:latest + name: debian13-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/cisagov/docker-kali-ansible:latest @@ -110,21 +104,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/cisagov/docker-kali-ansible:latest - # name: kali-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/cisagov/docker-kali-ansible:latest + name: kali-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/geerlingguy/docker-fedora39-ansible:latest @@ -134,21 +122,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-fedora39-ansible:latest - # name: fedora39-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-fedora39-ansible:latest + name: fedora39-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/geerlingguy/docker-fedora40-ansible:latest @@ -158,21 +140,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-fedora40-ansible:latest - # name: fedora40-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-fedora40-ansible:latest + name: fedora40-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/geerlingguy/docker-fedora41-ansible:latest @@ -182,21 +158,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-fedora41-ansible:latest - # name: fedora41-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-fedora41-ansible:latest + name: fedora41-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw # These platforms do not provide systemd-resolved. # - cgroupns_mode: host # command: /lib/systemd/systemd @@ -243,21 +213,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-ubuntu2404-ansible:latest - # name: ubuntu-24-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-ubuntu2404-ansible:latest + name: ubuntu-24-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw scenario: name: default verifier: diff --git a/molecule/disable_stub_resolver/molecule.yml b/molecule/disable_stub_resolver/molecule.yml index c5586b3..27a103b 100644 --- a/molecule/disable_stub_resolver/molecule.yml +++ b/molecule/disable_stub_resolver/molecule.yml @@ -86,21 +86,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/cisagov/docker-debian13-ansible:latest - # name: debian13-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/cisagov/docker-debian13-ansible:latest + name: debian13-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/cisagov/docker-kali-ansible:latest @@ -110,21 +104,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/cisagov/docker-kali-ansible:latest - # name: kali-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/cisagov/docker-kali-ansible:latest + name: kali-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/geerlingguy/docker-fedora39-ansible:latest @@ -134,21 +122,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-fedora39-ansible:latest - # name: fedora39-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-fedora39-ansible:latest + name: fedora39-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/geerlingguy/docker-fedora40-ansible:latest @@ -158,21 +140,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-fedora40-ansible:latest - # name: fedora40-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-fedora40-ansible:latest + name: fedora40-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/geerlingguy/docker-fedora41-ansible:latest @@ -182,21 +158,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-fedora41-ansible:latest - # name: fedora41-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-fedora41-ansible:latest + name: fedora41-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw # These platforms do not provide systemd-resolved. # - cgroupns_mode: host # command: /lib/systemd/systemd @@ -243,21 +213,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-ubuntu2404-ansible:latest - # name: ubuntu-24-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-ubuntu2404-ansible:latest + name: ubuntu-24-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw scenario: name: disable_stub_resolver verifier: diff --git a/molecule/specify_resolv_conf_target/molecule.yml b/molecule/specify_resolv_conf_target/molecule.yml index 027b8f4..4b8f93a 100644 --- a/molecule/specify_resolv_conf_target/molecule.yml +++ b/molecule/specify_resolv_conf_target/molecule.yml @@ -86,21 +86,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/cisagov/docker-debian13-ansible:latest - # name: debian13-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/cisagov/docker-debian13-ansible:latest + name: debian13-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/cisagov/docker-kali-ansible:latest @@ -110,21 +104,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/cisagov/docker-kali-ansible:latest - # name: kali-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/cisagov/docker-kali-ansible:latest + name: kali-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/geerlingguy/docker-fedora39-ansible:latest @@ -134,21 +122,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-fedora39-ansible:latest - # name: fedora39-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-fedora39-ansible:latest + name: fedora39-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/geerlingguy/docker-fedora40-ansible:latest @@ -158,21 +140,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-fedora40-ansible:latest - # name: fedora40-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-fedora40-ansible:latest + name: fedora40-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host command: /lib/systemd/systemd image: docker.io/geerlingguy/docker-fedora41-ansible:latest @@ -182,21 +158,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-fedora41-ansible:latest - # name: fedora41-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-fedora41-ansible:latest + name: fedora41-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw # These platforms do not provide systemd-resolved. # - cgroupns_mode: host # command: /lib/systemd/systemd @@ -243,21 +213,15 @@ platforms: privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw - # TODO: Starting with systemd version 253 or 254 (I'm not sure - # which) it is no longer possible to start systemd-resolved.service - # under QEMU emulation. We support this case, but we cannot test it - # until we have native ARM64 runners. - # - # See issue #10 for more details. - # - cgroupns_mode: host - # command: /lib/systemd/systemd - # image: docker.io/geerlingguy/docker-ubuntu2404-ansible:latest - # name: ubuntu-24-systemd-arm64 - # platform: arm64 - # pre_build_image: true - # privileged: true - # volumes: - # - /sys/fs/cgroup:/sys/fs/cgroup:rw + - cgroupns_mode: host + command: /lib/systemd/systemd + image: docker.io/geerlingguy/docker-ubuntu2404-ansible:latest + name: ubuntu-24-systemd-arm64 + platform: arm64 + pre_build_image: true + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw scenario: name: specify_resolv_conf_target verifier: