cli options from container command treated as podman arguments for idempotency

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

When using CLI options in the command parameter of the podman_container module that matche podman CLI arguments then this breaks idempotency. For instance, using -p 8080 in the command parameter will recreate the container after the initial execution rather than keeping it as is (ie: no changes) because -p 8080 will be interpreted as publishing port 8080 for podman. Note that this doesn't apply the podman option to the container but this is only used for idempotency purpose when trying to inspect the existing container and create a diff.

Steps to reproduce the issue:

Create a container via the podman_container module and use -p or -c options (others will probably work too)
Rerun the same task

Describe the results you received:

Container is recreated after the second playbook execution.

Describe the results you expected:

Container shouldn't be recreate if nothing changed

Additional information you deem important (e.g. issue happens only occasionally):

Version of the containers.podman collection: Either git commit if installed from git: git show --summary Or version from ansible-galaxy if installed from galaxy: ansible-galaxy collection list | grep containers.podman

Collection        Version
----------------- -------
containers.podman 1.15.3

Output of ansible --version:

ansible [core 2.14.14]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ec2-user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /home/ec2-user/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.9.18 (main, Jan 24 2024, 00:00:00) [GCC 11.4.1 20231218 (Red Hat 11.4.1-3)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

Output of podman version:

Client:       Podman Engine
Version:      4.9.4-rhel
API Version:  4.9.4-rhel
Go Version:   go1.21.9 (Red Hat 1.21.9-2.el9_4)
Built:        Tue Apr 30 10:46:31 2024
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.33.7
  cgroupControllers:
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.10-1.el9.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.10, commit: fb8c4bf50dbc044a338137871b096eea8041a1fa'
  cpuUtilization:
    idlePercent: 96.34
    systemPercent: 1.03
    userPercent: 2.63
  cpus: 2
  databaseBackend: sqlite
  distribution:
    distribution: rhel
    version: "9.4"
  eventLogger: journald
  freeLocks: 2036
  hostname: ip-172-31-30-133.ca-central-1.compute.internal
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.14.0-427.20.1.el9_4.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 288763904
  memTotal: 3753947136
  networkBackend: netavark
  networkBackendInfo:
    backend: netavark
    dns:
      package: aardvark-dns-1.10.0-3.el9_4.x86_64
      path: /usr/libexec/podman/aardvark-dns
      version: aardvark-dns 1.10.0
    package: netavark-1.10.3-1.el9.x86_64
    path: /usr/libexec/podman/netavark
    version: netavark 1.10.3
  ociRuntime:
    name: crun
    package: crun-1.14.3-1.el9.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.14.3
      commit: 1961d211ba98f532ea52d2e80f4c20359f241a98
      rundir: /run/user/1000/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  pasta:
    executable: ""
    package: ""
    version: ""
  remoteSocket:
    exists: true
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.3-1.el9.x86_64
    version: |-
      slirp4netns version 1.2.3
      commit: c22fde291bb35b354e6ca44d13be181c76a0a432
      libslirp: 4.4.0
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.2
  swapFree: 0
  swapTotal: 0
  uptime: 3h 34m 23.00s (Approximately 0.12 days)
  variant: ""
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - registry.access.redhat.com
  - registry.redhat.io
  - docker.io
store:
  configFile: /home/ec2-user/.config/containers/storage.conf
  containerStore:
    number: 8
    paused: 0
    running: 7
    stopped: 1
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/ec2-user/.local/share/containers/storage
  graphRootAllocated: 9384734720
  graphRootUsed: 4487012352
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Supports shifting: "false"
    Supports volatile: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 5
  runRoot: /run/user/1000/containers
  transientStore: false
  volumePath: /home/ec2-user/.local/share/containers/storage/volumes
version:
  APIVersion: 4.9.4-rhel
  Built: 1714473991
  BuiltTime: Tue Apr 30 10:46:31 2024
  GitCommit: ""
  GoVersion: go1.21.9 (Red Hat 1.21.9-2.el9_4)
  Os: linux
  OsArch: linux/amd64
  Version: 4.9.4-rhel

Package info (e.g. output of rpm -q podman or apt list podman):

podman-4.9.4-4.el9_4.x86_64

Playbok you run with ansible (e.g. content of playbook.yaml):

---
- hosts: localhost
  gather_facts: false
  become: false
  tasks:
    - name: Create a dummy container
      containers.podman.podman_container:
        name: dummy
        image: 'quay.io/podman/hello:latest'
        command: 'sleep -p 8080'
        state: created
...

Command line and output of ansible run with high verbosity

Please NOTE: if you submit a bug about idempotency, run the playbook with --diff option, like:

ansible-playbook -i inventory --diff -vv playbook.yml

ansible-playbook [core 2.14.14]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ec2-user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  ansible collection location = /home/ec2-user/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible-playbook
  python version = 3.9.18 (main, Jan 24 2024, 00:00:00) [GCC 11.4.1 20231218 (Red Hat 11.4.1-3)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: site.yml ***************************************************************************************************************************************************************************************************************************
1 plays in site.yml

PLAY [localhost] *****************************************************************************************************************************************************************************************************************************

TASK [Create a dummy container] **************************************************************************************************************************************************************************************************************
task path: /home/ec2-user/site.yml:6
--- before
+++ after
@@ -1 +1 @@
-publish - 8080
+publish - None

changed: [localhost] => {"actions": ["recreated dummy"], "ansible_facts": {"discovered_interpreter_python": "/usr/bin/python3"}, "changed": true, "container": {"AppArmorProfile": "", "Args": ["-p", "8080"], "BoundingCaps": ["CAP_SYS_CHROOT"], "Config": {"Annotations": null, "AttachStderr": false, "AttachStdin": false, "AttachStdout": false, "Cmd": ["sleep", "-p", "8080"], "CreateCommand": ["podman", "container", "create", "--name", "dummy", "quay.io/podman/hello:latest", "sleep", "-p", "8080"], "Domainname": "", "Entrypoint": "", "Env": ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "container=podman"], "HealthcheckOnFailureAction": "none", "Hostname": "64f228a0bb70", "Image": "quay.io/podman/hello:latest", "Labels": {"artist": "Máirín Ní Ḋuḃṫaiġ, X/Twitter:@mairin", "io.buildah.version": "1.23.1", "io.containers.capabilities": "sys_chroot", "maintainer": "Podman Maintainers", "org.opencontainers.image.description": "Hello world image with ascii art", "org.opencontainers.image.documentation": "https://github.com/containers/PodmanHello/blob/76b262056eae09851d0a952d0f42b5bbeedde471/README.md", "org.opencontainers.image.revision": "76b262056eae09851d0a952d0f42b5bbeedde471", "org.opencontainers.image.source": "https://raw.githubusercontent.com/containers/PodmanHello/76b262056eae09851d0a952d0f42b5bbeedde471/Containerfile", "org.opencontainers.image.title": "hello image", "org.opencontainers.image.url": "https://github.com/containers/PodmanHello/actions/runs/9239934617"}, "OnBuild": null, "OpenStdin": false, "Passwd": true, "StdinOnce": false, "StopSignal": 15, "StopTimeout": 10, "Timeout": 0, "Tty": false, "Umask": "0022", "User": "", "Volumes": null, "WorkingDir": "/", "sdNotifyMode": "container"}, "ConmonPidFile": "/run/user/1000/containers/overlay-containers/64f228a0bb70838392d65007455b90430961dc953b7f134c9ce26cc473bd7365/userdata/conmon.pid", "Created": "2024-07-04T18:35:38.831529808Z", "Dependencies": [], "Driver": "overlay", "EffectiveCaps": ["CAP_SYS_CHROOT"], "ExecIDs": [], "GraphDriver": {"Data": {"LowerDir": "/home/ec2-user/.local/share/containers/storage/overlay/2114fc8b70586b9325dde6fd26066d9951414dcdfb3995f41d51d1995cf3bd9d/diff", "UpperDir": "/home/ec2-user/.local/share/containers/storage/overlay/ec43d57068700604dcb8ff30044441c028d439f49e6aee037b2fdfba63cb6cb1/diff", "WorkDir": "/home/ec2-user/.local/share/containers/storage/overlay/ec43d57068700604dcb8ff30044441c028d439f49e6aee037b2fdfba63cb6cb1/work"}, "Name": "overlay"}, "HostConfig": {"AutoRemove": false, "Binds": [], "BlkioDeviceReadBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceWriteIOps": null, "BlkioWeight": 0, "BlkioWeightDevice": null, "CapAdd": [], "CapDrop": ["CAP_CHOWN", "CAP_DAC_OVERRIDE", "CAP_FOWNER", "CAP_FSETID", "CAP_KILL", "CAP_NET_BIND_SERVICE", "CAP_SETFCAP", "CAP_SETGID", "CAP_SETPCAP", "CAP_SETUID"], "Cgroup": "", "CgroupConf": null, "CgroupManager": "systemd", "CgroupMode": "private", "CgroupParent": "user.slice", "Cgroups": "default", "ConsoleSize": [0, 0], "ContainerIDFile": "", "CpuCount": 0, "CpuPercent": 0, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpuShares": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": [], "DiskQuota": 0, "Dns": [], "DnsOptions": [], "DnsSearch": [], "ExtraHosts": [], "GroupAdd": [], "IOMaximumBandwidth": 0, "IOMaximumIOps": 0, "IpcMode": "shareable", "Isolation": "", "KernelMemory": 0, "Links": null, "LogConfig": {"Config": null, "Path": "", "Size": "0B", "Tag": "", "Type": "journald"}, "Memory": 0, "MemoryReservation": 0, "MemorySwap": 0, "MemorySwappiness": 0, "NanoCpus": 0, "NetworkMode": "slirp4netns", "OomKillDisable": false, "OomScoreAdj": 0, "PidMode": "private", "PidsLimit": 2048, "PortBindings": {}, "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "RestartPolicy": {"MaximumRetryCount": 0, "Name": ""}, "Runtime": "oci", "SecurityOpt": [], "ShmSize": 65536000, "Tmpfs": {}, "UTSMode": "private", "Ulimits": [], "UsernsMode": "", "VolumeDriver": "", "VolumesFrom": null}, "HostnamePath": "", "HostsPath": "", "Id": "64f228a0bb70838392d65007455b90430961dc953b7f134c9ce26cc473bd7365", "Image": "5dd467fce50b56951185da365b5feee75409968cbab5767b9b59e325fb2ecbc0", "ImageDigest": "sha256:41316c18917a27a359ee3191fd8f43559d30592f82a144bbc59d9d44790f6e7a", "ImageName": "quay.io/podman/hello:latest", "IsInfra": false, "IsService": false, "KubeExitCodePropagation": "invalid", "MountLabel": "system_u:object_r:container_file_t:s0:c379,c647", "Mounts": [], "Name": "dummy", "Namespace": "", "NetworkSettings": {"Bridge": "", "EndpointID": "", "Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "HairpinMode": false, "IPAddress": "", "IPPrefixLen": 0, "IPv6Gateway": "", "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "MacAddress": "", "Networks": {"slirp4netns": {"DriverOpts": null, "EndpointID": "", "Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAMConfig": null, "IPAddress": "", "IPPrefixLen": 0, "IPv6Gateway": "", "Links": null, "MacAddress": "", "NetworkID": "slirp4netns"}}, "Ports": {}, "SandboxID": "", "SandboxKey": ""}, "OCIRuntime": "crun", "Path": "sleep", "PidFile": "/run/user/1000/containers/overlay-containers/64f228a0bb70838392d65007455b90430961dc953b7f134c9ce26cc473bd7365/userdata/pidfile", "Pod": "", "ProcessLabel": "system_u:system_r:container_t:s0:c379,c647", "ResolvConfPath": "", "RestartCount": 0, "Rootfs": "", "State": {"CheckpointedAt": "0001-01-01T00:00:00Z", "Dead": false, "Error": "", "ExitCode": 0, "FinishedAt": "0001-01-01T00:00:00Z", "Health": {"FailingStreak": 0, "Log": null, "Status": ""}, "OOMKilled": false, "OciVersion": "1.1.0+dev", "Paused": false, "Pid": 0, "Restarting": false, "RestoredAt": "0001-01-01T00:00:00Z", "Running": false, "StartedAt": "0001-01-01T00:00:00Z", "Status": "created"}, "StaticDir": "/home/ec2-user/.local/share/containers/storage/overlay-containers/64f228a0bb70838392d65007455b90430961dc953b7f134c9ce26cc473bd7365/userdata", "lockNumber": 11}, "podman_actions": ["podman rm --force dummy", "podman create --name dummy quay.io/podman/hello:latest sleep -p 8080"], "podman_quadlet": "[Container]\nContainerName=dummy\nExec=sleep -p 8080\nImage=quay.io/podman/hello:latest\n", "podman_systemd": {"container-dummy": "# container-dummy.service\n# autogenerated by Podman 4.9.4-rhel\n# Thu Jul  4 18:35:39 UTC 2024\n\n[Unit]\nDescription=Podman container-dummy.service\nDocumentation=man:podman-generate-systemd(1)\nWants=network-online.target\nAfter=network-online.target\nRequiresMountsFor=/run/user/1000/containers\n\n[Service]\nEnvironment=PODMAN_SYSTEMD_UNIT=%n\nRestart=on-failure\nTimeoutStopSec=70\nExecStart=/usr/bin/podman start dummy\nExecStop=/usr/bin/podman stop  \\\n\t-t 10 dummy\nExecStopPost=/usr/bin/podman stop  \\\n\t-t 10 dummy\nPIDFile=/run/user/1000/containers/overlay-containers/64f228a0bb70838392d65007455b90430961dc953b7f134c9ce26cc473bd7365/userdata/conmon.pid\nType=forking\n\n[Install]\nWantedBy=default.target\n"}, "stderr": "", "stderr_lines": [], "stdout": "64f228a0bb70838392d65007455b90430961dc953b7f134c9ce26cc473bd7365\n", "stdout_lines": ["64f228a0bb70838392d65007455b90430961dc953b7f134c9ce26cc473bd7365"]}

PLAY RECAP ***********************************************************************************************************************************************************************************************************************************
localhost                  : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Trying with -c /foo.yml instead of -p 8080 will produce something like

--- before
+++ after
@@ -1 +1 @@
-cpu_shares - /foo.yml
+cpu_shares - None

Additional environment details (AWS, VirtualBox, physical, etc.):

containers / ansible-podman-collections

cli options from container command treated as podman arguments for idempotency #794