Problem with federated-update

Hi,

I would use federated-upgrade , but upgrade status are or failed or “upgrade to 7.2.8 shortly” but is a permanent status.

ansible --version
ansible [core 2.15.9]
ansible-galaxy --version
ansible-galaxy [core 2.15.9]

Is a single fortigate 40F and federated upgrade in gui work fine.
my playbook:

- hosts: fgt_40
  collections:
    - fortinet.fortios
  connection: httpapi
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:
  - name: Coordinate federated upgrades within the Security Fabric.
    fortios_system_federated_upgrade:
      vdom:  "{{ vdom }}"
      #access_token: "mNsw0Nnzrmqt574HHddcQyt3s0Qp7x"
      system_federated_upgrade:
        failure_device: "FGT40FXXXXXXX"
        failure_reason: "none"
        #ha_reboot_controller: "<your_own_value>"
        next_path_index: "0"
        node_list:
         -
            coordinating_fortigate: "FGT40FXXXXXX"
            device_type: "fortigate"
            #maximum_minutes: "15"
            serial: "FGT40FXXXXX"
            #setup_time: "<your_own_value>"
            #time: "16:49 2024/03/18"
            timing: "immediate"
            upgrade_path: "7-2-8"
        status: "disabled"
        upgrade_id: "10"

command output:

changed: [fgt_40] => {
    "changed": true,
    "diff": {},
    "invocation": {
        "module_args": {
            "access_token": null,
            "enable_log": false,
            "member_path": null,
            "member_state": null,
            "system_federated_upgrade": {
                "failure_device": "FGT40FXXXXXXX",
                "failure_reason": "none",
                "ha_reboot_controller": null,
                "next_path_index": 0,
                "node_list": [
                    {
                        "coordinating_fortigate": "FGT40FXXXXXXX",
                        "device_type": "fortigate",
                        "maximum_minutes": null,
                        "serial": "FGT40FXXXXXX",
                        "setup_time": null,
                        "time": null,
                        "timing": "immediate",
                        "upgrade_path": "7-2-8"
                    }
                ],
                "status": "disabled",
                "upgrade_id": 10
            },
            "vdom": "root"
        }
    },
    "meta": {
        "build": 1577,
        "http_method": "PUT",
        "http_status": 200,
        "name": "federated-upgrade",
        "old_revision": "01fbe5d3199b93757321895fa0046cef",
        "path": "system",
        "revision": "242f20dac03cd425b065d818f5a11a3a",
        "revision_changed": true,
        "serial": "FGTXXXXXX",
        "status": "success",
        "vdom": "root",
        "version": "v7.2.7"
    }
}

PLAY RECAP ***************************************************************************************************************************************************************************************************************************************************************
fgt_40                       : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

Hi Luca,

Did you ever get to the bottom of this? I am just about to start playing with this functionality.

Thanks

Mark

Hi,
with version 7.2.x seams works fine, but 7.2.8 came out in march and I haven’t used it since then.

Did you manage to find a way to run the equivalent of “execute fabricupgrade initialize” via ansible on the Fortigate? Are you just using raw ssh commands for this, I have been having difficulty inputting carriage returns to execute the multiple inputs required…

I’m sorry now I’ m out of office. I can’ provider more details but you can find some examples on YouTube.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortios/index.html