Merge pull request #187 from hashicorp/cherry-pick-22858

kmoe · web-flow · commit f66c6b42949f · 2019-09-27T16:58:26.000+01:00
lang/funcs: cidrsubnets function (cherry-pick hashicorp/terraform#22858)
diff --git a/internal/lang/funcs/cidr.go b/internal/lang/funcs/cidr.go
@@ -113,6 +113,86 @@ var CidrSubnetFunc = function.New(&function.Spec{
 	},
 })
 
+// CidrSubnetsFunc is similar to CidrSubnetFunc but calculates many consecutive
+// subnet addresses at once, rather than just a single subnet extension.
+var CidrSubnetsFunc = function.New(&function.Spec{
+	Params: []function.Parameter{
+		{
+			Name: "prefix",
+			Type: cty.String,
+		},
+	},
+	VarParam: &function.Parameter{
+		Name: "newbits",
+		Type: cty.Number,
+	},
+	Type: function.StaticReturnType(cty.List(cty.String)),
+	Impl: func(args []cty.Value, retType cty.Type) (ret cty.Value, err error) {
+		_, network, err := net.ParseCIDR(args[0].AsString())
+		if err != nil {
+			return cty.UnknownVal(cty.String), function.NewArgErrorf(0, "invalid CIDR expression: %s", err)
+		}
+		startPrefixLen, _ := network.Mask.Size()
+
+		prefixLengthArgs := args[1:]
+		if len(prefixLengthArgs) == 0 {
+			return cty.ListValEmpty(cty.String), nil
+		}
+
+		var firstLength int
+		if err := gocty.FromCtyValue(prefixLengthArgs[0], &firstLength); err != nil {
+			return cty.UnknownVal(cty.String), function.NewArgError(1, err)
+		}
+		firstLength += startPrefixLen
+
+		retVals := make([]cty.Value, len(prefixLengthArgs))
+
+		current, _ := cidr.PreviousSubnet(network, firstLength)
+		for i, lengthArg := range prefixLengthArgs {
+			var length int
+			if err := gocty.FromCtyValue(lengthArg, &length); err != nil {
+				return cty.UnknownVal(cty.String), function.NewArgError(i+1, err)
+			}
+
+			if length < 1 {
+				return cty.UnknownVal(cty.String), function.NewArgErrorf(i+1, "must extend prefix by at least one bit")
+			}
+			// For portability with 32-bit systems where the subnet number
+			// will be a 32-bit int, we only allow extension of 32 bits in
+			// one call even if we're running on a 64-bit machine.
+			// (Of course, this is significant only for IPv6.)
+			if length > 32 {
+				return cty.UnknownVal(cty.String), function.NewArgErrorf(i+1, "may not extend prefix by more than 32 bits")
+			}
+			length += startPrefixLen
+			if length > (len(network.IP) * 8) {
+				protocol := "IP"
+				switch len(network.IP) * 8 {
+				case 32:
+					protocol = "IPv4"
+				case 128:
+					protocol = "IPv6"
+				}
+				return cty.UnknownVal(cty.String), function.NewArgErrorf(i+1, "would extend prefix to %d bits, which is too long for an %s address", length, protocol)
+			}
+
+			next, rollover := cidr.NextSubnet(current, length)
+			if rollover || !network.Contains(next.IP) {
+				// If we run out of suffix bits in the base CIDR prefix then
+				// NextSubnet will start incrementing the prefix bits, which
+				// we don't allow because it would then allocate addresses
+				// outside of the caller's given prefix.
+				return cty.UnknownVal(cty.String), function.NewArgErrorf(i+1, "not enough remaining address space for a subnet with a prefix of %d bits after %s", length, current.String())
+			}
+
+			current = next
+			retVals[i] = cty.StringVal(current.String())
+		}
+
+		return cty.ListVal(retVals), nil
+	},
+})
+
 // CidrHost calculates a full host IP address within a given IP network address prefix.
 func CidrHost(prefix, hostnum cty.Value) (cty.Value, error) {
 	return CidrHostFunc.Call([]cty.Value{prefix, hostnum})
@@ -127,3 +207,12 @@ func CidrNetmask(prefix cty.Value) (cty.Value, error) {
 func CidrSubnet(prefix, newbits, netnum cty.Value) (cty.Value, error) {
 	return CidrSubnetFunc.Call([]cty.Value{prefix, newbits, netnum})
 }
+
+// CidrSubnets calculates a sequence of consecutive subnet prefixes that may
+// be of different prefix lengths under a common base prefix.
+func CidrSubnets(prefix cty.Value, newbits ...cty.Value) (cty.Value, error) {
+	args := make([]cty.Value, len(newbits)+1)
+	args[0] = prefix
+	copy(args[1:], newbits)
+	return CidrSubnetsFunc.Call(args)
+}
diff --git a/internal/lang/funcs/cidr_test.go b/internal/lang/funcs/cidr_test.go
@@ -214,3 +214,107 @@ func TestCidrSubnet(t *testing.T) {
 		})
 	}
 }
+func TestCidrSubnets(t *testing.T) {
+	tests := []struct {
+		Prefix  cty.Value
+		Newbits []cty.Value
+		Want    cty.Value
+		Err     string
+	}{
+		{
+			cty.StringVal("10.0.0.0/21"),
+			[]cty.Value{
+				cty.NumberIntVal(3),
+				cty.NumberIntVal(3),
+				cty.NumberIntVal(3),
+				cty.NumberIntVal(4),
+				cty.NumberIntVal(4),
+				cty.NumberIntVal(4),
+				cty.NumberIntVal(7),
+				cty.NumberIntVal(7),
+				cty.NumberIntVal(7),
+			},
+			cty.ListVal([]cty.Value{
+				cty.StringVal("10.0.0.0/24"),
+				cty.StringVal("10.0.1.0/24"),
+				cty.StringVal("10.0.2.0/24"),
+				cty.StringVal("10.0.3.0/25"),
+				cty.StringVal("10.0.3.128/25"),
+				cty.StringVal("10.0.4.0/25"),
+				cty.StringVal("10.0.4.128/28"),
+				cty.StringVal("10.0.4.144/28"),
+				cty.StringVal("10.0.4.160/28"),
+			}),
+			``,
+		},
+		{
+			cty.StringVal("10.0.0.0/30"),
+			[]cty.Value{
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(3),
+			},
+			cty.UnknownVal(cty.List(cty.String)),
+			`would extend prefix to 33 bits, which is too long for an IPv4 address`,
+		},
+		{
+			cty.StringVal("10.0.0.0/8"),
+			[]cty.Value{
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(1),
+			},
+			cty.UnknownVal(cty.List(cty.String)),
+			`not enough remaining address space for a subnet with a prefix of 9 bits after 10.128.0.0/9`,
+		},
+		{
+			cty.StringVal("10.0.0.0/8"),
+			[]cty.Value{
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(0),
+			},
+			cty.UnknownVal(cty.List(cty.String)),
+			`must extend prefix by at least one bit`,
+		},
+		{
+			cty.StringVal("10.0.0.0/8"),
+			[]cty.Value{
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(-1),
+			},
+			cty.UnknownVal(cty.List(cty.String)),
+			`must extend prefix by at least one bit`,
+		},
+		{
+			cty.StringVal("fe80::/48"),
+			[]cty.Value{
+				cty.NumberIntVal(1),
+				cty.NumberIntVal(33),
+			},
+			cty.UnknownVal(cty.List(cty.String)),
+			`may not extend prefix by more than 32 bits`,
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(fmt.Sprintf("cidrsubnets(%#v, %#v)", test.Prefix, test.Newbits), func(t *testing.T) {
+			got, err := CidrSubnets(test.Prefix, test.Newbits...)
+			wantErr := test.Err != ""
+
+			if wantErr {
+				if err == nil {
+					t.Fatal("succeeded; want error")
+				}
+				if err.Error() != test.Err {
+					t.Fatalf("wrong error\ngot:  %s\nwant: %s", err.Error(), test.Err)
+				}
+				return
+			} else if err != nil {
+				t.Fatalf("unexpected error: %s", err)
+			}
+
+			if !got.RawEquals(test.Want) {
+				t.Errorf("wrong result\ngot:  %#v\nwant: %#v", got, test.Want)
+			}
+		})
+	}
+}
diff --git a/internal/lang/functions.go b/internal/lang/functions.go
@@ -42,6 +42,7 @@ func (s *Scope) Functions() map[string]function.Function {
 			"cidrhost":         funcs.CidrHostFunc,
 			"cidrnetmask":      funcs.CidrNetmaskFunc,
 			"cidrsubnet":       funcs.CidrSubnetFunc,
+			"cidrsubnets":      funcs.CidrSubnetsFunc,
 			"coalesce":         funcs.CoalesceFunc,
 			"coalescelist":     funcs.CoalesceListFunc,
 			"compact":          funcs.CompactFunc,
diff --git a/internal/lang/functions_test.go b/internal/lang/functions_test.go
@@ -161,6 +161,18 @@ func TestFunctions(t *testing.T) {
 			},
 		},
 
+		"cidrsubnets": {
+			{
+				`cidrsubnets("10.0.0.0/8", 8, 8, 16, 8)`,
+				cty.ListVal([]cty.Value{
+					cty.StringVal("10.0.0.0/16"),
+					cty.StringVal("10.1.0.0/16"),
+					cty.StringVal("10.2.0.0/24"),
+					cty.StringVal("10.3.0.0/16"),
+				}),
+			},
+		},
+
 		"coalesce": {
 			{
 				`coalesce("first", "second", "third")`,
