Add net.cidr_merge function to produce smallest possible list of subnets #2692
Assignees
Labels
Comments
ashutosh-narkar
added a commit
to ashutosh-narkar/opa
that referenced
this issue
Sep 25, 2020
…t of CIDRs This commit adds a new builtin to merge adjacent subnets and return the smallest possible list of CIDRs. To help with computing CIDR blocks between two IP networks, an implemetation from https://github.com/cilium/cilium is leveraged. Fixes: open-policy-agent#2692 Signed-off-by: Ashutosh Narkar <anarkar4387@gmail.com>
ashutosh-narkar
added a commit
that referenced
this issue
Sep 25, 2020
…t of CIDRs This commit adds a new builtin to merge adjacent subnets and return the smallest possible list of CIDRs. To help with computing CIDR blocks between two IP networks, an implemetation from https://github.com/cilium/cilium is leveraged. Fixes: #2692 Signed-off-by: Ashutosh Narkar <anarkar4387@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Rego has a set of built-in functions for operating on IP addresses and CIDRs. One operation that's missing is merging of IPs and subnets into the smallest possible set. This operation is useful when operating on large numbers of IP/CIDR values (e.g., in the context of firewall rules). An example implementation of this operation can be found in the
netaddrPython module.It should be easy enough to implement this function natively without relying on a thirdparty library.
The text was updated successfully, but these errors were encountered: