configuration for overridden FortiGuard server is not working

[mdraevich]

Hello!

Configuration for overridden FortiGuard server is not working for the parameter server_type. Consider the following Ansible playbook...

Ansible playbook:

---
- hosts: all
  gather_facts: no

  collections:
   - fortinet.fortios
  connection: httpapi

  vars:

  tasks:

  - name: "before"
    fortios_configuration_fact:
      selector: system_central-management
    register: before

  - debug:
      msg: "{{ before }}"

  - name: "Configure <system console> settings... [output]"
    fortios_system_central_management:
      system_central_management:
        server_list:
        - id:  "1"
          addr_type: "ipv4"
          server_address: "8.8.4.4"  # change 8.8.8.8 to 8.8.4.4 -- OK
          server_type: ["rating", "update"]  # change [update] to [rating, update] -- Failed

  - name: "after"
    fortios_configuration_fact:
      selector: system_central-management
    register: after

  - debug:
      msg: "{{ after }}"

The output:

(ans_2.9.12) matvey@matvey-pc:~/Desktop/solidex/projects/ansible/fortios_testing_v0.2$ ansible-playbook 1-config-fortigate.yml -l utm-1
[WARNING]: log file at /home/matvey/Desktop/solidex/projects/ansible/fortios_testing_v0.2/logs/latest.log is not writeable and we cannot create it, aborting

PLAY [all] ****************************************************************************************************************************************************************

TASK [before] *************************************************************************************************************************************************************
[DEPRECATION WARNING]: Distribution Ubuntu 20.04 on host utm-1 should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible 
releases. A future Ansible release will default to using the discovered platform python for this host. See 
https://docs.ansible.com/ansible/2.10/reference_appendices/interpreter_discovery.html for more information. This feature will be removed in version 2.12. Deprecation 
warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
ok: [utm-1]

TASK [debug] **************************************************************************************************************************************************************
ok: [utm-1] => {
    "msg": {
        "ansible_facts": {
            "discovered_interpreter_python": "/usr/bin/python"
        },
        "changed": false,
        "deprecations": [
            {
                "msg": "Distribution Ubuntu 20.04 on host utm-1 should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See https://docs.ansible.com/ansible/2.10/reference_appendices/interpreter_discovery.html for more information",
                "version": "2.12"
            }
        ],
        "failed": false,
        "meta": {
            "build": 1112,
            "http_method": "GET",
            "http_status": 200,
            "name": "central-management",
            "path": "system",
            "results": {
                "allow-monitor": "enable",
                "allow-push-configuration": "enable",
                "allow-push-firmware": "enable",
                "allow-remote-firmware-upgrade": "enable",
                "ca-cert": "",
                "enc-algorithm": "high",
                "fmg": "\"192.168.1.1\"",
                "fmg-source-ip": "0.0.0.0",
                "fmg-source-ip6": "::",
                "fmg-update-port": "8890",
                "include-default-servers": "enable",
                "interface": "",
                "interface-select-method": "auto",
                "local-cert": "",
                "mode": "normal",
                "schedule-config-restore": "enable",
                "schedule-script-restore": "enable",
                "serial-number": "",
                "server-list": [
                    {
                        "addr-type": "ipv4",
                        "fqdn": "",
                        "id": 1,
                        "q_origin_key": 1,
                        "server-address": "8.8.8.8",
                        "server-address6": "::",
                        "server-type": "update"
                    }
                ],
                "type": "fortimanager",
                "vdom": "root"
            },
            "revision": "c1077cad4388b927ea35b54b4c1cea08",
            "serial": "FGVM010000010980",
            "status": "success",
            "vdom": "root",
            "version": "v6.2.4"
        }
    }
}

TASK [Configure <system console> settings... [output]] ********************************************************************************************************************
changed: [utm-1]

TASK [after] **************************************************************************************************************************************************************
ok: [utm-1]

TASK [debug] **************************************************************************************************************************************************************
ok: [utm-1] => {
    "msg": {
        "changed": false,
        "failed": false,
        "meta": {
            "build": 1112,
            "http_method": "GET",
            "http_status": 200,
            "name": "central-management",
            "path": "system",
            "results": {
                "allow-monitor": "enable",
                "allow-push-configuration": "enable",
                "allow-push-firmware": "enable",
                "allow-remote-firmware-upgrade": "enable",
                "ca-cert": "",
                "enc-algorithm": "high",
                "fmg": "\"192.168.1.1\"",
                "fmg-source-ip": "0.0.0.0",
                "fmg-source-ip6": "::",
                "fmg-update-port": "8890",
                "include-default-servers": "enable",
                "interface": "",
                "interface-select-method": "auto",
                "local-cert": "",
                "mode": "normal",
                "schedule-config-restore": "enable",
                "schedule-script-restore": "enable",
                "serial-number": "",
                "server-list": [
                    {
                        "addr-type": "ipv4",
                        "fqdn": "",
                        "id": 1,
                        "q_origin_key": 1,
                        "server-address": "8.8.4.4",
                        "server-address6": "::",
                        "server-type": "update"
                    }
                ],
                "type": "fortimanager",
                "vdom": "root"
            },
            "revision": "91da201ad6c42966c7aea54ef2416a81",
            "serial": "FGVM010000010980",
            "status": "success",
            "vdom": "root",
            "version": "v6.2.4"
        }
    }
}

PLAY RECAP ****************************************************************************************************************************************************************
utm-1                      : ok=5    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

(ans_2.9.12) matvey@matvey-pc:~/Desktop/solidex/projects/ansible/fortios_testing_v0.2$ 

[mdraevich]

Also forgot to mention...

Collection       Version
---------------- -------
fortinet.fortios 2.0.2  

[JieX19]

Hi @SorryGames

I reproduced the error and am working on it. I will update you ASAP.

[JieX19]

Hi @SorryGames

The bug is fixed in our upcoming release (end of this month). I will update you once it's released.

[mdraevich]

Thank you for development of such tool. I will be waiting for updates from you.

[JieX19]

Hi @SorryGames

The issue is fixed, please install the latest version using command: ansible-galaxy collection install fortinet.fortios:2.1.1

Thanks!