search

fortinet-ansible-dev / ansible-galaxy-fortios-collection

GNU General Public License v3.0
85 stars 49 forks source link

Regression in fortios_firewall_vip #347

Open arnoldthebat opened 3 months ago

arnoldthebat commented 3 months ago

As of version 2.3.7 the fortinet.fortios.fortios_firewall_vip appears to have reverted to disallowing the addition of ssl_certificate for fortigate versions < 7.4.x

For example:

          extintf: any
          extip: "{{ vip }}"
          extport: "{{ extport }}"
          http_ip_header: enable
          http_multiplex: enable
          name: "{{ vip_name }}"
          server_type: https
          ldb_method: static
          type: server-load-balance
          ssl_mode: full
          ssl_certificate: 
            - name: "{{ cert_name }}"

Reports the following error:

"msg": "Error in repo", "version_check_warning": {"matched": false, "mismatches": ["option ssl_certificate.name('test_cert') Supported version ranges are v7.4.4 -> latest"], "system_version": "v7.2.7"}}

Looks like the versions got locked to the wrong version in https://github.com/fortinet-ansible-dev/ansible-galaxy-fortios-collection/commit/3e6230d2ed124587ee3e64c248367d82220f2bda

MaxxLiu22 commented 3 months ago

Hi @arnoldthebat ,

Thank you for bringing this issue to our attention. Would it be possible for you to temporarily downgrade to version 2.3.6? We are planning to release the next Ansible FOS update before September 6, which will address and resolve this issue. and we will improve our regression test as well. Sorry for the inconvenience.

Thanks, Maxx

MaxxLiu22 commented 1 day ago

Hi all,

This issue should have been addressed in Ansible FOS 2.3.8. Please feel free to upgrade to this version, and don’t hesitate to reach out if you have any further questions.

Thank, Maxx