fix: make cel expression policy work (#963)

Co-authored-by: teselil <[email protected]>
datreeio · Jul 23, 2023 · 305e848 · 305e848
1 parent 68a198d
commit 305e848
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/examples/CEL/policy.yaml b/examples/CEL/policy.yaml
@@ -3,7 +3,7 @@ policies:
   - name: CEL_policy
     isDefault: true
     rules:
-      - identifier: CUSTOM_DEPLOYMENT_BILLING_LABEL_EXISTS
+      - identifier: CUSTOM_WORKLOADS_BILLING_LABEL_EXISTS
         messageOnFailure: "workloads labels should contain billing label"
       - identifier: CUSTOM_SECRET_ENVIRONMENT_LABEL_EXISTS
         messageOnFailure: "secret labels should contain environment label"
@@ -24,9 +24,9 @@ customRules:
               - Pod
       then:
         CELDefinition:
-          - expression: "object.kind != 'Deployment' || (has(object.metadata.labels) && has(object.metadata.labels.billing))"
+          - expression: "has(object.metadata.labels) && has(object.metadata.labels.billing)"
             message: "deployment labels should contain billing label"
-          - expression: "object.kind != 'Pod' || (has(object.metadata.labels) && has(object.metadata.labels.billing))"
+          - expression: "has(object.metadata.labels) && has(object.metadata.labels.billing)"
             message: "pod labels should contain billing label"
   - identifier: CUSTOM_SECRET_ENVIRONMENT_LABEL_EXISTS
     name: Ensure Secret has environment label [CUSTOM RULE]