Container events are sent during startup in live mode, for pre-existing containers

[FedeDP]

Describe the bug

After the fix #219 , on my cgroups v2 system i am now seeing that pre-existing containers are correctly fetched during startup, and their threadinfos correctly coupled with each container.
However, container events are being sent for those pre-existing containers; this is clearly a bug, as those containers should be part of the "initial state", and sending an event is misleading.

How to reproduce it

• Spawn up a container
• Modify libs adding a print of each container event here: https://github.com/falcosecurity/libs/blob/master/userspace/libsinsp/sinsp.cpp#L1180
• Rebuild Falco with new libs
• Run Falco

Expected behaviour

No event should be sent for pre-existing environment/state.

Screenshots

Environment

• Falco version:
• System info:
• Cloud provider or hardware configuration:
• OS:
• Kernel:
• Installation method:

Additional context

[FedeDP]

Moreover, replaying a scap file, each runtime container event is sent twice (in order):

• from the threadinfo->resolve_container(this, !m_inspector->is_capture())
• from the deserialized event

This behavior was already present in master before #219 was merged.