What happened?
In salt/states/docker_container.py, the running() function has two call sites for the local _replace(orig, new) helper. The call at line 1890 (the not skip_comparison / detected-config-diff path) correctly passes temp_container_name (a string). The call at line 2008 (the skip_comparison / force=True path, reached via mod_watch) instead passes temp_container -- the dict returned by docker.create, not its name.
_replace first calls docker.rm(name, stop=True) on the original container, then docker.rename(new, orig). docker.rename passes its first argument to inspect_container, which expects a string container name/ID. Handing it a dict raises, after the original container has already been removed -- leaving the minion with the original container destroyed and the temp container stranded under its generated temp name. The state returns result: False but the damage is done.
Type of salt install
pip (pypi)
Major version
3007.x
What supported OS are you seeing the problem on? Can select multiple. (If bug appears on an unsupported OS, please open a GitHub Discussion instead)
ubuntu-24.04
salt --versions-report output
Salt Version:
Salt: 3007.9
Python Version:
Python: 3.12.3 (main, Mar 3 2026, 12:15:18) [GCC 13.3.0]
Dependency Versions:
cffi: 2.0.0
cherrypy: 18.10.0
cryptography: 46.0.3
dateutil: 2.9.0.post0
docker-py: Not Installed
gitdb: Not Installed
gitpython: Not Installed
Jinja2: 3.1.6
libgit2: Not Installed
looseversion: 1.3.0
M2Crypto: Not Installed
Mako: Not Installed
msgpack: 1.1.2
msgpack-pure: Not Installed
mysql-python: Not Installed
packaging: 25.0
pycparser: 2.23
pycrypto: Not Installed
pycryptodome: 3.23.0
pygit2: Not Installed
python-gnupg: 0.5.5
PyYAML: 6.0.3
PyZMQ: 27.1.0
relenv: Not Installed
smmap: Not Installed
timelib: 0.3.0
Tornado: 6.5.2
ZMQ: 4.3.5
Salt Extensions:
pytest-salt-factories: 1.0.5
Salt Package Information:
Package Type: Not Installed
System Versions:
dist: ubuntu 24.04.4 noble
locale: utf-8
machine: x86_64
release: 6.8.0-110-generic
system: Linux
version: Ubuntu 24.04.4 noble
What happened?
In
salt/states/docker_container.py, therunning()function has two call sites for the local_replace(orig, new)helper. The call at line 1890 (thenot skip_comparison/ detected-config-diff path) correctly passestemp_container_name(a string). The call at line 2008 (theskip_comparison/force=Truepath, reached viamod_watch) instead passestemp_container-- the dict returned bydocker.create, not its name._replacefirst callsdocker.rm(name, stop=True)on the original container, thendocker.rename(new, orig).docker.renamepasses its first argument toinspect_container, which expects a string container name/ID. Handing it a dict raises, after the original container has already been removed -- leaving the minion with the original container destroyed and the temp container stranded under its generated temp name. The state returns result: False but the damage is done.Type of salt install
pip (pypi)
Major version
3007.x
What supported OS are you seeing the problem on? Can select multiple. (If bug appears on an unsupported OS, please open a GitHub Discussion instead)
ubuntu-24.04
salt --versions-report output
Salt Version: Salt: 3007.9 Python Version: Python: 3.12.3 (main, Mar 3 2026, 12:15:18) [GCC 13.3.0] Dependency Versions: cffi: 2.0.0 cherrypy: 18.10.0 cryptography: 46.0.3 dateutil: 2.9.0.post0 docker-py: Not Installed gitdb: Not Installed gitpython: Not Installed Jinja2: 3.1.6 libgit2: Not Installed looseversion: 1.3.0 M2Crypto: Not Installed Mako: Not Installed msgpack: 1.1.2 msgpack-pure: Not Installed mysql-python: Not Installed packaging: 25.0 pycparser: 2.23 pycrypto: Not Installed pycryptodome: 3.23.0 pygit2: Not Installed python-gnupg: 0.5.5 PyYAML: 6.0.3 PyZMQ: 27.1.0 relenv: Not Installed smmap: Not Installed timelib: 0.3.0 Tornado: 6.5.2 ZMQ: 4.3.5 Salt Extensions: pytest-salt-factories: 1.0.5 Salt Package Information: Package Type: Not Installed System Versions: dist: ubuntu 24.04.4 noble locale: utf-8 machine: x86_64 release: 6.8.0-110-generic system: Linux version: Ubuntu 24.04.4 noble