1*d5c09012SAndroid Build Coastguard Workertype: google.api.Service 2*d5c09012SAndroid Build Coastguard Workerconfig_version: 3 3*d5c09012SAndroid Build Coastguard Workername: cel.googleapis.com 4*d5c09012SAndroid Build Coastguard Workertitle: Common Expression Language 5*d5c09012SAndroid Build Coastguard Worker 6*d5c09012SAndroid Build Coastguard Workerapis: 7*d5c09012SAndroid Build Coastguard Worker- name: google.api.expr.v1alpha1.ConformanceService 8*d5c09012SAndroid Build Coastguard Worker- name: google.api.expr.v1alpha1.CelService 9*d5c09012SAndroid Build Coastguard Worker 10*d5c09012SAndroid Build Coastguard Workerdocumentation: 11*d5c09012SAndroid Build Coastguard Worker summary: Defines common types for the Common Expression Language. 12*d5c09012SAndroid Build Coastguard Worker overview: |- 13*d5c09012SAndroid Build Coastguard Worker # Common Expression Language 14*d5c09012SAndroid Build Coastguard Worker 15*d5c09012SAndroid Build Coastguard Worker The Common Expression Language (CEL) implements common semantics for 16*d5c09012SAndroid Build Coastguard Worker expression evaluation, enabling different applications to more easily 17*d5c09012SAndroid Build Coastguard Worker interoperate. 18*d5c09012SAndroid Build Coastguard Worker 19*d5c09012SAndroid Build Coastguard Worker Key Applications 20*d5c09012SAndroid Build Coastguard Worker 21*d5c09012SAndroid Build Coastguard Worker * Security policy: organization have complex infrastructure and need 22*d5c09012SAndroid Build Coastguard Worker common tooling to reason about the system as a whole * Protocols: 23*d5c09012SAndroid Build Coastguard Worker expressions are a useful data type and require interoperability across 24*d5c09012SAndroid Build Coastguard Worker programming languages and platforms. 25*d5c09012SAndroid Build Coastguard Worker 26*d5c09012SAndroid Build Coastguard Worker 27*d5c09012SAndroid Build Coastguard Worker 28*d5c09012SAndroid Build Coastguard Worker Guiding philosophy: 29*d5c09012SAndroid Build Coastguard Worker 30*d5c09012SAndroid Build Coastguard Worker 1. Keep it small & fast. * CEL evaluates in linear time, is mutation 31*d5c09012SAndroid Build Coastguard Worker free, and not Turing-complete. This limitation is a feature of the language 32*d5c09012SAndroid Build Coastguard Worker design, which allows the implementation to evaluate orders of magnitude 33*d5c09012SAndroid Build Coastguard Worker faster than equivalently sandboxed JavaScript. 2. Make it extensible. * 34*d5c09012SAndroid Build Coastguard Worker CEL is designed to be embedded in applications, and allows for extensibility 35*d5c09012SAndroid Build Coastguard Worker via its context which allows for functions and data to be provided by the 36*d5c09012SAndroid Build Coastguard Worker software that embeds it. 3. Developer-friendly * The language is 37*d5c09012SAndroid Build Coastguard Worker approachable to developers. The initial spec was based on the experience of 38*d5c09012SAndroid Build Coastguard Worker developing Firebase Rules and usability testing many prior iterations. * 39*d5c09012SAndroid Build Coastguard Worker The library itself and accompanying toolings should be easy to adopt by 40*d5c09012SAndroid Build Coastguard Worker teams that seek to integrate CEL into their platforms. 41*d5c09012SAndroid Build Coastguard Worker 42*d5c09012SAndroid Build Coastguard Worker The required components of a system that supports CEL are: 43*d5c09012SAndroid Build Coastguard Worker 44*d5c09012SAndroid Build Coastguard Worker * The textual representation of an expression as written by a developer. 45*d5c09012SAndroid Build Coastguard Worker It is of similar syntax of expressions in C/C++/Java/JavaScript * A binary 46*d5c09012SAndroid Build Coastguard Worker representation of an expression. It is an abstract syntax tree (AST). * A 47*d5c09012SAndroid Build Coastguard Worker compiler library that converts the textual representation to the binary 48*d5c09012SAndroid Build Coastguard Worker representation. This can be done ahead of time (in the control plane) or 49*d5c09012SAndroid Build Coastguard Worker just before evaluation (in the data plane). * A context containing one or 50*d5c09012SAndroid Build Coastguard Worker more typed variables, often protobuf messages. Most use-case will use 51*d5c09012SAndroid Build Coastguard Worker attribute_context.proto * An evaluator library that takes the binary 52*d5c09012SAndroid Build Coastguard Worker format in the context and produces a result, usually a Boolean. 53*d5c09012SAndroid Build Coastguard Worker 54*d5c09012SAndroid Build Coastguard Worker Example of boolean conditions and object construction: 55*d5c09012SAndroid Build Coastguard Worker 56*d5c09012SAndroid Build Coastguard Worker ``` c // Condition account.balance >= transaction.withdrawal || 57*d5c09012SAndroid Build Coastguard Worker (account.overdraftProtection && account.overdraftLimit >= 58*d5c09012SAndroid Build Coastguard Worker transaction.withdrawal - account.balance) 59*d5c09012SAndroid Build Coastguard Worker 60*d5c09012SAndroid Build Coastguard Worker // Object construction common.GeoPoint{ latitude: 10.0, longitude: -5.5 } 61*d5c09012SAndroid Build Coastguard Worker ``` 62