lang/funcs: cidrsubnets function

This is a companion to cidrsubnet that allows bulk-allocation of multiple
subnet addresses at once, with automatic numbering.

Unlike cidrsubnet, cidrsubnets allows each of the allocations to have a
different prefix length, and will pack the networks consecutively into the
given address space. cidrsubnets can potentially create more complicated
addressing schemes than cidrsubnet alone can, because it's able to take
into account the full set of requested prefix lengths rather than just
one at a time.

Author: apparentlymart

internal/lang/funcs/cidr.go

@@ -113,6 +113,86 @@ var CidrSubnetFunc = function.New(&function.Spec{
 	},
 })
 
+// CidrSubnetsFunc is similar to CidrSubnetFunc but calculates many consecutive
+// subnet addresses at once, rather than just a single subnet extension.
+var CidrSubnetsFunc = function.New(&function.Spec{
+	Params: []function.Parameter{
+		{
+			Name: "prefix",
+			Type: cty.String,
+		},
+	},
+	VarParam: &function.Parameter{
+		Name: "newbits",
+		Type: cty.Number,
+	},
+	Type: function.StaticReturnType(cty.List(cty.String)),
+	Impl: func(args []cty.Value, retType cty.Type) (ret cty.Value, err error) {
+		_, network, err := net.ParseCIDR(args[0].AsString())
+		if err != nil {
+			return cty.UnknownVal(cty.String), function.NewArgErrorf(0, "invalid CIDR expression: %s", err)
+		}
+		startPrefixLen, _ := network.Mask.Size()
+
+		prefixLengthArgs := args[1:]
+		if len(prefixLengthArgs) == 0 {
+			return cty.ListValEmpty(cty.String), nil
+		}
+
+		var firstLength int
+		if err := gocty.FromCtyValue(prefixLengthArgs[0], &firstLength); err != nil {
+			return cty.UnknownVal(cty.String), function.NewArgError(1, err)
+		}
+		firstLength += startPrefixLen
+
+		retVals := make([]cty.Value, len(prefixLengthArgs))
+
+		current, _ := cidr.PreviousSubnet(network, firstLength)
+		for i, lengthArg := range prefixLengthArgs {
+			var length int
+			if err := gocty.FromCtyValue(lengthArg, &length); err != nil {
+				return cty.UnknownVal(cty.String), function.NewArgError(i+1, err)
+			}
+
+			if length < 1 {
+				return cty.UnknownVal(cty.String), function.NewArgErrorf(i+1, "must extend prefix by at least one bit")
+			}
+			// For portability with 32-bit systems where the subnet number
+			// will be a 32-bit int, we only allow extension of 32 bits in
+			// one call even if we're running on a 64-bit machine.
+			// (Of course, this is significant only for IPv6.)
+			if length > 32 {
+				return cty.UnknownVal(cty.String), function.NewArgErrorf(i+1, "may not extend prefix by more than 32 bits")
+			}
+			length += startPrefixLen
+			if length > (len(network.IP) * 8) {
+				protocol := "IP"
+				switch len(network.IP) * 8 {
+				case 32:
+					protocol = "IPv4"
+				case 128:
+					protocol = "IPv6"
+				}
+				return cty.UnknownVal(cty.String), function.NewArgErrorf(i+1, "would extend prefix to %d bits, which is too long for an %s address", length, protocol)
+			}
+
+			next, rollover := cidr.NextSubnet(current, length)
+			if rollover || !network.Contains(next.IP) {
+				// If we run out of suffix bits in the base CIDR prefix then
+				// NextSubnet will start incrementing the prefix bits, which
+				// we don't allow because it would then allocate addresses
+				// outside of the caller's given prefix.
+				return cty.UnknownVal(cty.String), function.NewArgErrorf(i+1, "not enough remaining address space for a subnet with a prefix of %d bits after %s", length, current.String())
+			}
+
+			current = next
+			retVals[i] = cty.StringVal(current.String())
+		}
+
+		return cty.ListVal(retVals), nil
+	},
+})
+
 // CidrHost calculates a full host IP address within a given IP network address prefix.
 func CidrHost(prefix, hostnum cty.Value) (cty.Value, error) {
 	return CidrHostFunc.Call([]cty.Value{prefix, hostnum})
@@ -127,3 +207,12 @@ func CidrNetmask(prefix cty.Value) (cty.Value, error) {
 func CidrSubnet(prefix, newbits, netnum cty.Value) (cty.Value, error) {
 	return CidrSubnetFunc.Call([]cty.Value{prefix, newbits, netnum})
 }
+
+// CidrSubnets calculates a sequence of consecutive subnet prefixes that may
+// be of different prefix lengths under a common base prefix.
+func CidrSubnets(prefix cty.Value, newbits ...cty.Value) (cty.Value, error) {
+	args := make([]cty.Value, len(newbits)+1)
+	args[0] = prefix
+	copy(args[1:], newbits)
+	return CidrSubnetsFunc.Call(args)
+}

internal/lang/funcs/cidr_test.go

@@ -214,3 +214,107 @@ func TestCidrSubnet(t *testing.T) {
 		})
 	}
 }
+func TestCidrSubnets(t *testing.T) {
+	tests := []struct {
+		Prefix  cty.Value
+		Newbits []cty.Value
+		Want    cty.Value
+		Err     string
+	}{
+		{
+			cty.StringVal("10.0.0.0/21"),
+			[]cty.Value{
+				cty.NumberIntVal(3),
+				cty.NumberIntVal(3),
+				cty.NumberIntVal(3),
+				cty.NumberIntVal(4),
+				cty.NumberIntVal(4),
+				cty.NumberIntVal(4),
+				cty.NumberIntVal(7),
+				cty.NumberIntVal(7),
+				cty.NumberIntVal(7),
+			},
+			cty.ListVal([]cty.Value{
+				cty.StringVal("10.0.0.0/24"),
+				cty.StringVal("10.0.1.0/24"),
+				cty.StringVal("10.0.2.0/24"),
+				cty.StringVal("10.0.3.0/25"),
+				cty.StringVal("10.0.3.128/25"),
+				cty.StringVal("10.0.4.0/25"),
+				cty.StringVal("10.0.4.128/28"),
+				cty.StringVal("10.0.4.144/28"),
+				cty.StringVal("10.0.4.160/28"),
+			}),
+			``,
+		},
+		{
+			cty.StringVal("10.0.0.0/30"),
+			[]cty.Value{
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(3),
+			},
+			cty.UnknownVal(cty.List(cty.String)),
+			`would extend prefix to 33 bits, which is too long for an IPv4 address`,
+		},
+		{
+			cty.StringVal("10.0.0.0/8"),
+			[]cty.Value{
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(1),
+			},
+			cty.UnknownVal(cty.List(cty.String)),
+			`not enough remaining address space for a subnet with a prefix of 9 bits after 10.128.0.0/9`,
+		},
+		{
+			cty.StringVal("10.0.0.0/8"),
+			[]cty.Value{
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(0),
+			},
+			cty.UnknownVal(cty.List(cty.String)),
+			`must extend prefix by at least one bit`,
+		},
+		{
+			cty.StringVal("10.0.0.0/8"),
+			[]cty.Value{
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(-1),
+			},
+			cty.UnknownVal(cty.List(cty.String)),
+			`must extend prefix by at least one bit`,
+		},
+		{
+			cty.StringVal("fe80::/48"),
+			[]cty.Value{
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(33),
+			},
+			cty.UnknownVal(cty.List(cty.String)),
+			`may not extend prefix by more than 32 bits`,
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(fmt.Sprintf("cidrsubnets(%#v, %#v)", test.Prefix, test.Newbits), func(t *testing.T) {
+			got, err := CidrSubnets(test.Prefix, test.Newbits...)
+			wantErr := test.Err != ""
+
+			if wantErr {
+				if err == nil {
+					t.Fatal("succeeded; want error")
+				}
+				if err.Error() != test.Err {
+					t.Fatalf("wrong error\ngot:  %s\nwant: %s", err.Error(), test.Err)
+				}
+				return
+			} else if err != nil {
+				t.Fatalf("unexpected error: %s", err)
+			}
+
+			if !got.RawEquals(test.Want) {
+				t.Errorf("wrong result\ngot:  %#v\nwant: %#v", got, test.Want)
+			}
+		})
+	}
+}

internal/lang/functions.go

@@ -42,6 +42,7 @@ func (s *Scope) Functions() map[string]function.Function {
 			"cidrhost":         funcs.CidrHostFunc,
 			"cidrnetmask":      funcs.CidrNetmaskFunc,
 			"cidrsubnet":       funcs.CidrSubnetFunc,
+			"cidrsubnets":      funcs.CidrSubnetsFunc,
 			"coalesce":         funcs.CoalesceFunc,
 			"coalescelist":     funcs.CoalesceListFunc,
 			"compact":          funcs.CompactFunc,

internal/lang/functions_test.go

@@ -161,6 +161,18 @@ func TestFunctions(t *testing.T) {
 			},
 		},
 
+		"cidrsubnets": {
+			{
+				`cidrsubnets("10.0.0.0/8", 8, 8, 16, 8)`,
+				cty.ListVal([]cty.Value{
+					cty.StringVal("10.0.0.0/16"),
+					cty.StringVal("10.1.0.0/16"),
+					cty.StringVal("10.2.0.0/24"),
+					cty.StringVal("10.3.0.0/16"),
+				}),
+			},
+		},
+
 		"coalesce": {
 			{
 				`coalesce("first", "second", "third")`,