-
Notifications
You must be signed in to change notification settings - Fork 9.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(ipincidr): add ipincidr function #33037
Conversation
Hi @FalcoSuessgott, thanks for this submission! I will bring this up in triage. I suspect the answer will be that this it would be preferred to build this as a plugin function provider, as opposed to a function built into Terraform. As such it would be waiting for the implementation of plugin function providers, per: That said, we'll see what the feedback is in triage. Thanks again! |
I understand, now with some time passed I also see that this function would probably only have limited use cases. Nevertheless I will wait for your feedback in triage. I just want to emphasize that something like custom terraform functions like proposed in the PRs that you linked, would be incredibly useful! Maybe this is something worth considering :) Best Tom |
If "function provider" means functions written in Go, then you could certainly implement |
I think a potential alternative in pure HCL is to use a for loop and the alltrue([for i, v in split(".", local.ip): tonumber(split(".", cidrhost(local.cidr, 0))[i]) <= tonumber(v) && tonumber(v) <= tonumber(split(".", cidrhost(local.cidr, -1))[i]) ]) It is definitely more verbose than a locals {
#ip = "10.100.32.100" # not in range - raise error message
ip = "172.16.1.16" # in range, can be successfully applied
cidr = "172.16.0.0/16"
}
resource "null_resource" "ip_in_cidr" {
lifecycle {
precondition {
condition = alltrue([for i, v in split(".", local.ip): tonumber(split(".", cidrhost(local.cidr, 0))[i]) <= tonumber(v) && tonumber(v) <= tonumber(split(".", cidrhost(local.cidr, -1))[i]) ])
error_message = "The IP must be within the specified CIDR subnet."
}
}
} |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
Hi guys,
I wanted to hear your feedback about the function
ipincidr
, which checks whether a specified IP is in a given CIDR subnet.This function would be especially useful for pre/postconditions, where you would check whether a valid subnet/ip combination is correct:
which would fail in
If that is something that would be interesting, I can finish the remaining documentional todos and changes.