ecs_taskdefiniton port_mapping not idempotent when missing hostPort

[mjmayer]

Summary

ecs task definitions are not idempotent when missing the hostPort key value pair in the port_mappings parameter.

boto3 does not require the hostPort value when registering a task definition .

I would suggest updating the documentation and stating hostPort, containerPort are required parameters. Alternatively, hostPort could be set to the same value as containerPort. The solution will be very similar to what was done for the protocol parameter.

Issue Type

Bug Report

Component Name

ecs_taskdefinition

Ansible Version

ansible 2.9.11.post0
  config file = None
  configured module search path = [u'/home/bamboo/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /opt/ansible/lib/ansible
  executable location = /opt/ansible/bin/ansible
  python version = 2.7.5 (default, Mar 12 2021, 14:55:44) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44.0.3)]

Collection Versions

I am not currently using collections, I am running an older version of ansible. But looking at the code for the ecs_taskdefinition.py module, it is still effected

AWS SDK versions

-bash-4.2$ pip show boto boto3 botocore
---
Metadata-Version: 2.1
Name: boto
Version: 2.49.0
Summary: Amazon Web Services Library
Home-page: https://github.com/boto/boto/
Author: Mitch Garnaat
Author-email: mitch@garnaat.com
Installer: pip
License: MIT
Location: /home/bamboo/.local/lib/python2.7/site-packages
Requires:
Classifiers:
  Development Status :: 5 - Production/Stable
  Intended Audience :: Developers
  License :: OSI Approved :: MIT License
  Operating System :: OS Independent
  Topic :: Internet
  Programming Language :: Python :: 2
  Programming Language :: Python :: 2.6
  Programming Language :: Python :: 2.7
  Programming Language :: Python :: 3
  Programming Language :: Python :: 3.3
  Programming Language :: Python :: 3.4
---
Metadata-Version: 2.0
Name: boto3
Version: 1.16.40
Summary: The AWS SDK for Python
Home-page: https://github.com/boto/boto3
Author: Amazon Web Services
Author-email: UNKNOWN
Installer: pip
License: Apache License 2.0
Location: /home/bamboo/.local/lib/python2.7/site-packages
Requires: s3transfer, jmespath, botocore
Classifiers:
  Development Status :: 5 - Production/Stable
  Intended Audience :: Developers
  Natural Language :: English
  License :: OSI Approved :: Apache Software License
  Programming Language :: Python
  Programming Language :: Python :: 2
  Programming Language :: Python :: 2.7
  Programming Language :: Python :: 3
  Programming Language :: Python :: 3.4
  Programming Language :: Python :: 3.5
  Programming Language :: Python :: 3.6
  Programming Language :: Python :: 3.7
  Programming Language :: Python :: 3.8
---
Metadata-Version: 2.0
Name: botocore
Version: 1.19.40
Summary: Low-level, data-driven core of boto 3.
Home-page: https://github.com/boto/botocore
Author: Amazon Web Services
Author-email: UNKNOWN
Installer: pip
License: Apache License 2.0
Location: /home/bamboo/.local/lib/python2.7/site-packages
Requires: urllib3, jmespath, python-dateutil
Classifiers:
  Development Status :: 5 - Production/Stable
  Intended Audience :: Developers
  Intended Audience :: System Administrators
  Natural Language :: English
  License :: OSI Approved :: Apache Software License
  Programming Language :: Python
  Programming Language :: Python :: 2
  Programming Language :: Python :: 2.7
  Programming Language :: Python :: 3
  Programming Language :: Python :: 3.4
  Programming Language :: Python :: 3.5
  Programming Language :: Python :: 3.6
  Programming Language :: Python :: 3.7
  Programming Language :: Python :: 3.8
You are using pip version 10.0.1, however version 21.2.4 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
---

Configuration

DEFAULT_KEEP_REMOTE_FILES(env: ANSIBLE_KEEP_REMOTE_FILES) = True

OS / Environment

Red Hat Enterprise Linux Server release 7.9 (Maipo)

Steps to Reproduce

- name: Register task definition
  ecs_taskdefinition:
    family: "{{ service }}-{{ instance_id }}"
    containers:
    - name: "{{ service }}-{{ instance_id }}"
      essential: true
      image: "{{ docker_image }}"
      command: "{{ docker_command }}"
      portMappings:
        - containerPort: 3000

Expected Results

task_definitions should be idempotent.

Actual Results

(Pdb) requested_container
{'logConfiguration': {'logDriver': 'awslogs', 'options': {'awslogs-region': 'us-west-2', 'awslogs-stream-prefix': 'ecs', 'awslogs-group': '/ecs/ceed-dev'}}, 'name': 'ceed-dev', 'image': '999999999.dkr.ecr.us-west-2.amazonaws
.com/ceed:FAC-CEED20-198', 'environment': [], 'command': [], 'environmentFiles': [], 'portMappings': [{'containerPort': 3000}], 'essential': True, 'ulimits': [{'softLimit': 8192, 'name': 'nofile', 'hardLimit': 8192}]

(Pdb) actual_container
{u'environment': [], u'name': u'ceed-dev', u'mountPoints': [], u'image': u'999999999.dkr.ecr.us-west-2.amazonaws.com
/ceed:FAC-CEED20-198', u'logConfiguration': {u'logDriver': u'awslogs', u'options': {u'awslogs-region': u'us-west-2', u'awslogs-stream-prefix': u'ecs', u'awslogs-group': u'/ecs/ceed-dev'}}, u'cpu': 0, u'portMappings': [{u'protoc
ol': u'tcp', u'containerPort': 3000, u'hostPort': 3000}], u'command': [], u'ulimits': [{u'softLimit': 8192, u'name': u'nofile', u'hardLimit': 8192}], u'environmentFiles': [], u'essential': True, u'volumesFrom': []}

(Pdb) _right_has_values_of_left(requested_container, actual_container)
False

The most important part here is the portMappings in requested_container vs actual_container.

Code of Conduct

• I agree to follow the Ansible Code of Conduct

[ansibullbot]

Files identified in the description:

• [plugins/modules/ecs_taskdefinition.py](https://github.com/['ansible-collections/amazon.aws', 'ansible-collections/community.aws', 'ansible-collections/community.vmware']/blob/main/plugins/modules/ecs_taskdefinition.py)

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

[ansibullbot]

cc @Java1Guy @alinabuzachis @jillr @markuman @s-hertel @tremble @wimnat
click here for bot help

[markuman]

I can confirm this for community.aws 1.5.0.
But with the latest version from main branch

---
- hosts: localhost
  connection: local

  tasks:
    - name: Register task definition
      ecs_taskdefinition:
        family: something
        state: present
        containers:
          - name: something
            essential: true
            image: nginx
            memory: 1
            command: 
              - uptime
            portMappings:
              - containerPort: 3000

    - name: Register task definition
      ecs_taskdefinition:
        family: something
        state: present
        containers:
          - name: something
            essential: true
            image: nginx
            memory: 1
            command: 
              - uptime
            portMappings:
              - containerPort: 3000

results in

AWS_PROFILE=myaws ap /tmp/dev.yml 
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [localhost] ********************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [Register task definition] *****************************************************************************************************************************************************************************************************
ok: [localhost]

TASK [Register task definition] *****************************************************************************************************************************************************************************************************
ok: [localhost]

PLAY RECAP **************************************************************************************************************************************************************************************************************************
localhost                  : ok=3    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

It was fixed by #574
Let's hope next release is made soon.
Thanks for your report @mjmayer!