Remove DNSSEC config management in bootstrap-debian.yml (#7408)

DNSSEC is off by default on ubuntu/bionic64 (18.04) as per resolved.conf(5).
These tasks are artefacts of obsolete infra configuration, and no longer needed.

Further removing these tasks resolves the issue that the tasks always reports
'changed' and bounces systemd-resolved unneccesarily, even if there was no
actual modification of /etc/systemd/resolved.conf.

roles/bootstrap-os/tasks/bootstrap-debian.yml

@@ -43,30 +43,6 @@
     - need_https_proxy.rc != 0
     - not skip_http_proxy_on_os_packages
 
-- name: Check Network Name Resolution configuration
-  raw: grep '^DNSSEC=allow-downgrade' /etc/systemd/resolved.conf
-  register: need_dnssec_allow_downgrade
-  failed_when: false
-  changed_when: false
-  # This command should always run, even in check mode
-  check_mode: false
-  when:
-    - '''UBUNTU_CODENAME=bionic'' in os_release.stdout_lines'
-
-- name: Change Network Name Resolution configuration
-  raw: sed -i 's/^DNSSEC=yes/DNSSEC=allow-downgrade/g' /etc/systemd/resolved.conf
-  become: true
-  when:
-    - '''UBUNTU_CODENAME=bionic'' in os_release.stdout_lines'
-    - need_dnssec_allow_downgrade.rc
-
-- name: Restart systemd-resolved service
-  raw: systemctl restart systemd-resolved
-  become: true
-  when:
-    - '''UBUNTU_CODENAME=bionic'' in os_release.stdout_lines'
-    - need_dnssec_allow_downgrade.rc
-
 - name: Install python3
   raw:
     apt-get update && \