nsupdate: fix GSS-TSIG support (#11712)

The fix for missing keyring initialization without TSIG auth in
PR #11461 put the initialization of "self.keyring" and "self.keyname"
in an else clause after checking if "key_name" is set.

The problem is that for "key_algorithm" == "gss-tsig":
a) "key_name" isn't set
b) self.keyring and self.keyname have already been initialized and
   will be discarded

This means that gss-tsig support is broken. Fix it by moving the
initialization of "self.keyring" and "self.keyname" to the top.

changelogs/fragments/fix-nsupdate-gss-tsig.yml

@@ -0,0 +1,2 @@
+bugfixes:
+  - nsupdate - fix GSS-TSIG support (accidentally broken by https://github.com/ansible-collections/community.general/pull/11461, https://github.com/ansible-collections/community.general/pull/11712)

plugins/modules/nsupdate.py

@@ -229,6 +229,8 @@ class RecordManager:
 
         self.server_fqdn = None
         self.server_ips = self.resolve_server()
+        self.keyring = None
+        self.keyname = None
 
         if module.params["key_algorithm"] == "hmac-md5":
             self.algorithm = "HMAC-MD5.SIG-ALG.REG.INT"
@@ -248,9 +250,6 @@ class RecordManager:
                 module.fail_json(msg="Missing key_secret")
             except binascii_error as e:
                 module.fail_json(msg=f"TSIG key error: {e}")
-        else:
-            self.keyring = None
-            self.keyname = None
 
         if module.params["zone"] is None:
             if module.params["record"][-1] != ".":