Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add function to validate cidr superset #562

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add function to validate cidr superset #562

wants to merge 2 commits into from

Conversation

jimmycgz
Copy link

@jimmycgz jimmycgz commented Mar 2, 2023
edited
Loading

SUMMARY

GCP doesn't allow to shrink of the CIDR of a subnet but the original module doesn't throw an error if the requested new CIDR is not a superset of the original IP range. This PR suggests adding a condition check and error out for this scenario.

Fixes #563

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

This PR suggests adding a condition check to error out the above-mentioned scenario, by comparing the requested new CIDR is not a superset of the original IP range of the subnet.

ADDITIONAL INFORMATION

GCP API will throw an error on this case which the current ansible module doesn't handle. Refer the API guide for details. https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/insert

After this suggested change, A fatal error will occur to handle the above-mentioned case. Which tells the user to extend the CIDR instead of shrinking, eg: from 10.10.0.0/20 to 10.10.0.0/18 (Correct) or 10.10.0.0/22 (Incorrect) or 172.16.0.0/18(Incorrect).

toumorokoshi
toumorokoshi approved these changes Mar 4, 2023
View reviewed changes
Copy link
Collaborator

@toumorokoshi toumorokoshi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me, and I ran integration tests locally so safe to merge

Is there a way we can / should test this in an automated fashion? Wanted to ask in case we can verify this behavior via CI in the future before I merge.

plugins/modules/gcp_compute_subnetwork.py Outdated

if request_vals['ipCidrRange']:
try:
result_superset = cidr_superset(request_vals['ipCidrRange'], response_vals['ipCidrRange'])
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: i'd suggest something like result_is_superset to indicate that the value is a boolean (It's hard to infer the type of result_superset).

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @toumorokoshi for the suggestion, I changed it to result_is_superset.

toumorokoshi
toumorokoshi requested changes Mar 4, 2023
View reviewed changes
Copy link
Collaborator

@toumorokoshi toumorokoshi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually looks like lint failed. Can you fix your styling and ensure integration tests pass before I merge?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@toumorokoshi toumorokoshi toumorokoshi requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Error Handle for not allowing to shrink CIDR for gcp subnet
3 participants
@jimmycgz @toumorokoshi @jimmy-cui-sada