Add noble DNS ops file for warden/bosh-lite deployments

[neddp]

On warden containers, systemd-resolved has no DHCP-provided upstream DNS because warden does not configure DNS in the container network namespace. With disable_recursors=true (the noble default), all external DNS queries fail with REFUSED or SERVFAIL.

Add warden/noble-dns.yml which overrides the bosh-dns-systemd addon to:

• set disable_recursors=false so bosh-dns forwards external queries
• set recursors=[169.254.169.254] as the explicit upstream (the link-local metadata DNS available on GCP, AWS and Azure)

Apply the ops file in virtualbox/create-env.sh and both warden/docker CI tasks which deploy noble stemcells on warden.

Note: Please create PR's against the develop branch

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 2d5bcf41-9bf0-4391-a620-4f08c5a90cf3

📥 Commits

Reviewing files that changed from the base of the PR and between c3647e6 and a670354.

📒 Files selected for processing (4)

• ci/tasks/test-main-docker-cpi.sh
• ci/tasks/test-main-warden-cpi.sh
• virtualbox/create-env.sh
• warden/noble-dns.yml

---

Walkthrough

A new ops file, warden/noble-dns.yml, is introduced for the warden environment on Ubuntu Noble. It defines two patch operations on the bosh-dns-systemd job: setting disable_recursors to false and populating the recursors list with 169.254.169.254. This file is then referenced as an additional --ops-file argument in the bosh -n update-runtime-config call within ci/tasks/test-main-docker-cpi.sh, ci/tasks/test-main-warden-cpi.sh, and virtualbox/create-env.sh. No other logic in these scripts is changed.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main change: adding a Noble DNS ops file for warden/bosh-lite deployments.
Description check	✅ Passed	The description matches the repository template and adequately explains the change and where it is applied.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix-noble-warden-dns

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}