fix(panos_static_route): invalid nexthop for none value

This change also requires an update on pan-os-python to accept 'none' value for the nexthop type.
PaloAltoNetworks · Oct 10, 2024 · d067d91 · d067d91
1 parent 91d873d
commit d067d91
Showing 1 changed file with 20 additions and 3 deletions.
diff --git a/plugins/modules/panos_static_route.py b/plugins/modules/panos_static_route.py
@@ -157,15 +157,30 @@
 
 class Helper(ConnectionHelper):
     def spec_handling(self, spec, module):
+        if module.params["state"] == "present" and spec["nexthop_type"] is None:
+            # need this because we dont have the default assignment in sdk-params and
+            # `None` value params are being removed in ParamPath.element method (called via VersionedPanObject.element)
+            spec["nexthop_type"] = "ip-address"
+
+        # default to ip-address when nexthop is set in merged state
+        # we dont know if object exists or not in merged state, and we dont set default values in module invocation
+        # in order to avoid unintended updates to non-provided params, but if nexthop is given, type must be ip-address
+        if module.params["state"] == "merged" and spec["nexthop_type"] is None and spec["nexthop"] is not None:
+            spec["nexthop_type"] = "ip-address"
+
+        # NOTE merged state have a lot of API issues for updating nexthop we will let the API return it..
+        # from None to IP address - "Failed update nexthop_type: Edit breaks config validity"
+        # from IP address to next-vr - "Failed update nexthop_type: Edit breaks config validity"
+
+        # applies for updating existing routes from IP/next-vr/discard to none
+        # however it works for new objects, we ignore this as this is the existing implementation
         if module.params["state"] == "merged" and spec["nexthop_type"] == "none":
             msg = [
                 "Nexthop cannot be set to None with state='merged'.",
                 "You will need to use either state='present' or state='replaced'.",
             ]
             module.fail_json(msg=" ".join(msg))
 
-        if spec["nexthop_type"] == "none":
-            spec["nexthop_type"] = None
 
 
 def main():
@@ -182,7 +197,6 @@ def main():
             name=dict(required=True),
             destination=dict(),
             nexthop_type=dict(
-                default="ip-address",
                 choices=["ip-address", "discard", "none", "next-vr"],
             ),
             nexthop=dict(),
@@ -193,6 +207,9 @@ def main():
             failure_condition=dict(choices=["any", "all"]),
             preemptive_hold_time=dict(type="int"),
         ),
+        default_values=dict(
+            nexthop_type="ip-address",
+        ),
     )
 
     module = AnsibleModule(