Reapply "CI: test nftables driver on fedora"

Temporary, until we get CI VMs with kernel 6.11.6.

I've lost track of where this is being discussed.

This reverts commit 7f836df303b92a606c17a336911bba206e9fea68.

Signed-off-by: Ed Santiago <santiago@redhat.com>
(cherry picked from commit 0e66a793bc416f76be15a603d1b2d8bd336f3865)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>

contrib/cirrus/setup_environment.sh

@@ -147,6 +147,11 @@ case "$OS_RELEASE_ID" in
             msg "Enabling container_manage_cgroup"
             showrun setsebool container_manage_cgroup true
         fi
+
+        # Test nftables driver, https://fedoraproject.org/wiki/Changes/NetavarkNftablesDefault
+        # We can drop this once this implemented and pushed into fedora stable. We cannot test it on
+        # debian because the netavark version there is way to old for nftables support.
+        printf "[network]\nfirewall_driver=\"nftables\"\n" > /etc/containers/containers.conf.d/90-nftables.conf
         ;;
     *) die_unknown OS_RELEASE_ID
 esac