That's an anti pattern, at least the way we use it. If you need to add complexity, you define custom functions. If that's not enough, CEL probably isn't the right choice, and you'd be doing yourself no favors banging it into that square hole.
It's not really a configuration language like Jsonnet and CUE. It's an expression language for specifying things like conditions and policies. You _could_ abuse it as a configuration language, but it'd be overkill.
Yup, it's really a good fit for simple constraints eg in IAM systems. Give user X permission to do Y, but subject to some CEL expression like date comparison (auto-expiring grants), resource path prefix or similar.
That's an anti pattern, at least the way we use it. If you need to add complexity, you define custom functions. If that's not enough, CEL probably isn't the right choice, and you'd be doing yourself no favors banging it into that square hole.
It's not really a configuration language like Jsonnet and CUE. It's an expression language for specifying things like conditions and policies. You _could_ abuse it as a configuration language, but it'd be overkill.
Yup, it's really a good fit for simple constraints eg in IAM systems. Give user X permission to do Y, but subject to some CEL expression like date comparison (auto-expiring grants), resource path prefix or similar.