kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #130773 from JoelSpeed/automated-cherry-pick-of-#130450-kubernetes-release-1.32 

Cherry pick of "Fix implementation of ContainsCIDR to allow non-equal addresses" on release-1.32

Kubernetes-commit: bf1fded1f95ebcf5dea2b1fdcf1ec0203d183dd1
This commit is contained in:
Kubernetes Publisher 2025-04-17 11:03:14 -07:00
parent 2b3ba411d3 1e00f2c418
commit 1ea4fbd4fb
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/cel/library/cidr.go
View File

@ -231,8 +231,7 @@ func cidrContainsCIDR(arg ref.Val, other ref.Val) ref.Val {
return types.MaybeNoSuchOverloadErr(other)
}
equalMasked := cidr.Prefix.Masked() == netip.PrefixFrom(containsCIDR.Prefix.Addr(), cidr.Prefix.Bits())
return types.Bool(equalMasked && cidr.Prefix.Bits() <= containsCIDR.Prefix.Bits())
return types.Bool(cidr.Overlaps(containsCIDR.Prefix) && cidr.Prefix.Bits() <= containsCIDR.Prefix.Bits())
}
func prefixLength(arg ref.Val) ref.Val {

10
pkg/cel/library/cidr_test.go
View File

@ -151,11 +151,21 @@ func TestCIDR(t *testing.T) {
expr: `cidr("192.168.0.0/24").containsCIDR(cidr("192.168.0.0/25"))`,
expectResult: trueVal,
},
{
name: "contains CIDR ipv4 (CIDR) (/32)",
expr: `cidr("192.168.0.0/24").containsCIDR(cidr("192.168.0.1/32"))`,
expectResult: trueVal,
},
{
name: "does not contain IP ipv4 (CIDR)",
expr: `cidr("192.168.0.0/24").containsCIDR(cidr("192.168.0.0/23"))`,
expectResult: falseVal,
},
{
name: "does not contain IP ipv4 (CIDR) (/32)",
expr: `cidr("192.168.0.0/24").containsCIDR(cidr("192.169.0.1/32"))`,
expectResult: falseVal,
},
{
name: "contains CIDR ipv4 (string)",
expr: `cidr("192.168.0.0/24").containsCIDR("192.168.0.0/25")`,