Why are we templating YAML? (2019)

I&#x27;m completely done with configs written in YAML. Easily the worst part of Github Actions, even worse than the reliability. When I see some cool tool require a YAML file for config, I immediately get hit with a wave of apprehension. These same feelings extend to other proprietary config languages like HCL for Terraform, ASL for AWS Step Functions, etc. It&#x27;s fine that you want a declarative API, but let me generate my declaration programatically.<p>Config declared in and generated by code has been a superior experience. It&#x27;s one of the things that AWS CDK got absolutely right. My config and declarative definition of my cloud infra is all written in a typesafe language with great IDE support without the need for random plugins that some rando wrote and never updated since 2 years ago.

I agree that YAML templating is kind of insane, but I will never understand why we don&#x27;t stop using fake languages and simply use a real language.<p>If you need complex logic, use a programming language and generate the YAML&#x2F;JSON&#x2F;whatever with it. There you go. Fixed it for you.<p>Ruby, Python, or any other language really (I only favor scripting ones because they&#x27;re generally easier to run), will give you all of that without some weird pseudo-language like Jsonnet or Go templates.<p>Write the freaking code already and you&#x27;ll get bitten way less by obscure weird issues that these template engines have.<p>Seriously, use <i>any</i> real programing language and it&#x27;ll be WAY better.

I just knew this would be about Kubernetes when I saw the title.<p>The Kubernetes API is fairly straightforward, and has a well-defined (JSON) schema, people should be spending a bulk of their time learning k8s understanding how to use the API, but instead they spend it working out how to use a Helm chart.<p>I don&#x27;t think Jsonnet, Ksonnet, Nu, or CUE ever gained that much traction. I&#x27;m convinced most people just use Kustomize, because it&#x27;s fairly straightforward and <i>built in</i> to kubectl.<p>I&#x27;d like a tool that:<p>- Gives definition writers type checking against the k8s schemas - validation, version deprecations, etc.<p>- Gives users a single artefact that can be inspected easily and will fail (ACID) if deployed against a cluster that doesn&#x27;t support any objects&#x2F;versions.<p>- Is built into the default toolchain<p>---<p>I feel like writing a Bun or Deno TypeScript script that exports a function with arguments and returns a list of definitions would work well, esp. with `deno compile`, etc. but that violates the third point.

It&#x27;s funny how little developers think about how to do configuration right.<p>It&#x27;s just a bunch of keys and values, stored in some file, or generated by some code.<p>But its actually the whole ball game. It&#x27;s what programming is.<p>Everything is configuration. Every function parameter is a kind of configuration. And all the configuration in external files inevitably ends up as a function parameter in some way.<p>The problem is the plain-text representation of code.<p>Declarative configuration files seem nice because you can see everything in one place.<p>If you do your configuration programmatically, it is hard to find the correct place to change something.<p>If our code ran in real-time to show us a representation of the final configuration, and we could trace how each final configuration value was generated, then it wouldn&#x27;t be a problem.<p>But no systems are designed with this capability, even though it is quite trivial to do. Configuration is always an after-thought.<p>Now extend this concept to all of programming. Imagine being able to see every piece of code that depends upon a single configuration value, and any transformations of it.<p>Also, most configuration is probably better placed into a central database because it is relational&#x2F;graph-like. Different configuration values relate to one another. So we should be looking at configuration in a database&#x2F;graph editor.<p>Once you unchain yourself from plain-text, things start to become a lot simpler...of course the language capabilities I mentioned above still need to become a thing.

Worse yet, in some places (CI&#x2F;CD) YAML becomes nearly a programming language. A very verbose, unintuitive, badly specified and vendor-specific one as well.

Yeah, I&#x27;m very sad that helm won. We do OSS k8s stuff at work, and 100% of users have asked for us to make a helm chart. So we had to. It is miserable to work on; your editor can&#x27;t help you because the files are named like &quot;foo.yaml&quot; but they aren&#x27;t YAML. You have to make sure you pipe all your data through &quot;indent 4&quot; so that things are lined up correctly in the YAML. What depresses me the most is that you have to re-expose every Kubernetes feature in your own way. Someone wants to add deployment.spec.template.spec.fooBars? Now you have to add deploymentFooBars to your values.yaml file and plumb it in. For every. single. feature.<p>It&#x27;s truly &quot;worse is better&quot; gone wrong. I have definitely done some terrible things like &quot;sed -e s&#x2F;$FOO&#x2F;foo&#x2F;g&quot; to implement templating... and that&#x27;s probably how Helm started. The result is a mess.<p>I personally grew up on Kustomize before it was in kubectl, and was always exceedingly happy with it. (OK, it has a lot of quirks. But at least it saves you time because it actually understands the semantics of the objects you are creating.)<p>I like Jsonnet a lot better. As part of our k8s app, we ship an Envoy deployment to do all of our crazy traffic routing (basically... maintaining backwards compatibility with old releases). Envoy configs are... verbose..., but Jsonnet makes it really easy to work on. (The code in question: <a href="https:&#x2F;&#x2F;github.com&#x2F;pachyderm&#x2F;pachyderm&#x2F;blob&#x2F;master&#x2F;etc&#x2F;generate-envoy-config&#x2F;envoy.jsonnet">https:&#x2F;&#x2F;github.com&#x2F;pachyderm&#x2F;pachyderm&#x2F;blob&#x2F;master&#x2F;etc&#x2F;gener...</a>)<p>I&#x27;m seriously considering transpiling jsonnet to the Go template language and just implementing everything with Jsonnet. At least that is slightly maintainable, and nobody will ever know because &quot;helm install&quot; will Just Work ;)<p>But yeah, I think Helm will be the death of Kubernetes. Some competing computer allocator container runner thingie will have some decent language for configuration, and it will just take over overnight. Mark my words!

I see a problem here. I&#x27;m not certain if the sort of person who would choose YAML as their configuration language sees a problem here.<p>There is a direct conflict between human-centred data representations and computer-centred. Computers love things that look like a bit like a Lisp. Humans like things that look a bit like Python. If you&#x27;re the sort of person who wants to use a computer to manipulate their Kubernetes config then you&#x27;d be secretly annoyed that Kubernetes uses YAML. However, it appears the Kubernetes community are mainly YAML people, so why would they mind that their config files will be horrible to work with once programming logic gets involved? The downside of YAML is exactly this scenario, and I believe the people involved in K8s are generally cluey enough to see that coming.<p>&gt; YAML is a superset of JSON<p>The spec writers can put whatever they want in their document, but I don&#x27;t think this is true. If you go in and convert all the YAML config to JSON, the DevOps team is going to get upset. The two data formats have the same semantic representation, but so do all languages compiled to the same CPU arch. JSON and YAML are disjoint in practice. Mixing the two isn&#x27;t a good idea.

My personal philosophy is that string interpolation should not be used to generate machine-readable code, and template languages are just fancy string interpolation. We&#x27;ve all seen the consequences of SQL injection and cross-site scripting. That&#x27;s the kind of thing that will keep happening as long as we keep putting arbitrary text into interpreters.<p>Yes, this means I don&#x27;t think we should use template files to make HTML at all.<p>Alternatives to using template languages for HTML include Haml (for Ruby) and Pug (for JavaScript). These languages have defined ways to specify entire trees of tags, attributes, and text nodes.<p>If you don&#x27;t like Python-style significant indentation, JavaScript has JSX. The HTML-looking parts of JSX compile down to a bunch of `createElement` expressions that create a web document tree. That tree can then be output as HTML if necessary.<p>Haml, Pug, and JSX are not template languages even though they can output HTML. Likewise, `JSON.stringify(myObj)` is not a template language for JSON. Generating machine-readable code should be done with a tool that understands and leverages the known structure of the target language when possible.

We are switching to cuelang [1]. IMHO it is better designed than Jsonette. Since Kubeenetes already has state reconciliation, the only thing missing in this setup is deletion. But that can now be accomplished with the prune feature. [2]<p>[1] <a href="https:&#x2F;&#x2F;cuelang.org&#x2F;docs&#x2F;integrations&#x2F;k8s&#x2F;" rel="nofollow">https:&#x2F;&#x2F;cuelang.org&#x2F;docs&#x2F;integrations&#x2F;k8s&#x2F;</a><p>[2] <a href="https:&#x2F;&#x2F;kubernetes.io&#x2F;blog&#x2F;2023&#x2F;05&#x2F;09&#x2F;introducing-kubectl-applyset-pruning&#x2F;" rel="nofollow">https:&#x2F;&#x2F;kubernetes.io&#x2F;blog&#x2F;2023&#x2F;05&#x2F;09&#x2F;introducing-kubectl-ap...</a>

This is where I usually pitch in with &quot;Have your heard of CUELang, our lord and savior?&quot;: <a href="https:&#x2F;&#x2F;cuelang.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;cuelang.org&#x2F;</a><p>- Not turing complete yet sufficiently expressive to DRY<p>- Define schema and data with the same language, in a separate or same file. With union types.<p>- Generate YAML or JSON. Can validate itself, or a YAML or JSON file.<p>The biggest drawback being the only implementation is currently in go, meaning you may have to subprocess of ffi.

I love YAML and I curse it every single day that I&#x27;m working with Helm charts.<p>People ask me what I&#x27;d use to deploy apps on Kubernetes and I say I hate Helm and would still use it for a single reason: everybody is using it, I don&#x27;t want to create a snowflake infrastructure that only I understand.<p>Still, back in the day I thought jsonnet would win this battle but here we are, cursing Helm and templates. That&#x27;s the power of upstream decisions.

In my view, the presence of YAML templating is a red flag in any codebase or system.<p>YAML got its popularity with the advent of Ruby on Rails, largely due to the simplicity of the <i>database.yml</i> file as an aid in database connection string abstraction that felt extremely clean to Java programmers who were used to complicated XML files full of DSN names and connection string peculiarities.<p>The evolution of the database.yml file into something arguably as complex as the thing it was intended to replace is described in the article below:<p><a href="https:&#x2F;&#x2F;dev.to&#x2F;andreimaxim&#x2F;the-rails-databaseyml-file-4dm9" rel="nofollow">https:&#x2F;&#x2F;dev.to&#x2F;andreimaxim&#x2F;the-rails-databaseyml-file-4dm9</a>

The title of TFA was actually my reaction when I learned what Helm was actually doing. Initially I thought Helm would take an input file of YAML-with-template-bits, parse that YAML as an object, then use the provided template bits to fill in the parts of that object, then serialize the object back to YAML and write it out. Sounds reasonable, right? Nope, it&#x27;s literal text substitution, so if you want to have a valid YAML as the output you better count your indentation on your fingers, and track where the newlines go or don&#x27;t go.

I will tell you exactly why we template yaml. Its the exact same reason every code base has ugly parts. And that&#x27;s the evolution of complexity.<p>At first, you have a yaml file. No templates, no variables. Just a good old standard yaml. Then, suddenly you need to introduce a single variable. Templating out the one variable is pretty easy, so you do it, and it&#x27;s still mostly for humans to edit.<p>Well, now you have a yaml file and template engine already in place. So when one more thing pops up, you template it out.<p>8 features later, you wonder what you&#x27;ve done. Only, if we go back in time, each step was actually the most efficient. Introducing anything else at step 1 would be over-engineering. Introducing it anywhere else would lead to a large refactor and possible regressions.<p>To top it off, this is not business logic. Your devs are not touching this yaml all that much. So is it worth &quot;fixing&quot;, probably not.

Ansible convinced me that doing programming tasks in YAML is insanity, so I started an experiment: What would Ansible be like if it&#x27;s syntax were more like Python than YAML. <a href="https:&#x2F;&#x2F;github.com&#x2F;linsomniac&#x2F;uplaybook">https:&#x2F;&#x2F;github.com&#x2F;linsomniac&#x2F;uplaybook</a><p>I spent around 3 months over the holidays exploring that by implementing a &quot;micro Ansible&quot;, I have a pretty solid tool that implements it, but haven&#x27;t had much &quot;seat time&quot; with it: working on it rather than in it. But what I&#x27;ve done has convinced me that there are some benefits.

Wouldn&#x27;t it be a better idea to use an existing programming language instead of cooking up numerous half baked templating languages?

We wrote a backend service at Lyft in Python and at some point needed to do some string interpolation for experimentation. In a rush someone implemented this in YAML (no new deps needed). This ended up being the bane of the teams existence. Almost impossible to test if something was going to break in runtime, could only verify it was valid yaml but many other things were infeasible, super hard to debug - it soured me on YAML for years.

Can someone help me understand what is the advantage of using jsonnet, cue, or something else vs a simple python script (or dialect, like starlark), when you have the need of dynamically creating some sort of config?<p>I&#x27;ve used jsonnet in the past to create k8s files, but I don&#x27;t work in that space anymore. I don&#x27;t remember it being better or easier than writing a python script that outputs JSON. Not even taking into account maintainability and such. Maybe I&#x27;m missing something?

I am really sad that jsonnet &#x2F; ksonnet never really took off. It’s a great way to template, but has a bit of a learning curve in my experience. I suspect that is why it’s niche.<p>If you like what is presented in this article, take a look at Grafana Tanka (<a href="https:&#x2F;&#x2F;tanka.dev" rel="nofollow">https:&#x2F;&#x2F;tanka.dev</a>).

In my experience there is a near zero uptake of jsonnet or similar amongst &quot;regular&quot; i.e less ops inclined developers.<p>gotmpl is a lot easier to grok if you are coming in cold. Yes it sucks for anything mildly complex, but the barrier to entry is significantly lower.<p>Generation via real programming languages is the future I am hoping for.

Indeed why? However the conclusion I have is not to use JSON but to use a type safe configuration language that can express my intent much better making illegal states impossible. One example of such lang is Dhall.<p><a href="https:&#x2F;&#x2F;dhall-lang.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;dhall-lang.org&#x2F;</a>

We&#x27;re talking about templating and generating files, but it seems like everyone has just collectively forgotten about M4?<p>Yes, it can be unsafe if you&#x27;re not careful, but if you need to bang out a quick prototype it&#x27;s the best tool there is. It&#x27;s part of POSIX, and so it will always be available, the language is dead simple, and you can generate any text you want with it.<p>I wouldn&#x27;t use it with YAML, but I would probably never template YAML in the first case: just generate JSON and feed it through `yq -y` if you need a quick YAML generator.

There&#x27;s 2 things on the horizon here for Kubernetes that give me hope. KCL, its own configuration language, and Timoni, which builds off CUE and corrects some of the shortcomings of Helm.<p>Though these days, OLM and the Quarkus operator SDK give you a completely viable alternative approach to Helm that enables you to express much more complex functionality and dependency relationships over the lifecycle of resources. An example would be doing a DB backup before upgrading to a new release etc. Obviously this power comes at a cost.

Yes, templating YAML is crazy. But is the answer jsonnet? That&#x27;s even more batshit.<p>Why hasn&#x27;t anyone opted for a &quot;patch-based&quot; approach? I.e. start with a base YAML&#x2F;JSON file, apply a second file over it, apply this third one, and use the result as the config. How you generate these files is entirely up to you.

Meanwhile in JavaScript land, config is simply another js file, with all the Object and Array literal goodness that that gets us, and the full language environment backing it up.

For those who do not know it yet, the now classic noyaml site: <a href="https:&#x2F;&#x2F;noyaml.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;noyaml.com&#x2F;</a>

If you&#x27;re using Helm to deploy your own apps, I feel that&#x27;s a code smell. I&#x27;ll add jsonnet for your own apps to the that list.<p>Just use dumb YAML, maybe kustomize if you really need, but if that&#x27;s not sufficient, consider that a sign that you&#x27;re not carving the wood the way it&#x27;s telling you to.<p>Any form of templating for creating your own application manifest is another moving part that allows for new and fun errors, and the further away your source manifest is from the deployed result, the harder it is to debug.<p>If you really want to append a certain set of annotations to each and every pod in a cluster, instead of using shared templates (and enforcing their usage), there&#x27;s other approaches in K8s for these kinds of use cases, that you have a lot more control over.

I&#x27;m confused on two points:<p>(A) why not use the yaml syntax that is not whitespace sensitive. In the authors example, that could be: {name: Al, address: something}<p>(B) do env variables not go a long way to avoiding the need for a template? Instead of generating a complete YAML, put env variable placeholders in and set those values in the target environment. At this rate, the same YAML can generally be deployed anywhere. I&#x27;ve seen that style implementated several times, works pretty well.<p>I do agree that generating config itself, and not just interpolating values - is potentially really gnarly. I do wonder, instead of interpolating variables at deploy time, why not use env variables and do the interpolation at runtime?

This article made me think it&#x27;d be nice to generate k8s JSON using TypeScript. Just a node script that runs console.log(JSON.stringify(config)), and you pipe that to a yaml file in your deploy script. The syntax seems more sane and has more broad appeal than jsonnet, and I&#x27;d wager that the dev tooling would be better given good enough typings.<p>By the way the answer to the question &quot;why are we templating yaml?&quot; is: people are just more familiar with it and don&#x27;t want to have to translate examples to jsonnet that they copy and paste from the web. Do not underestimate this downside :) Same downside would probably apply to TypeScript-generated configs I bet.

Separate generated content from maintained content. Works for me. But on the specifics here, from a very python POV.<p>Strict YAML is easier to maintain than json if you have deeper than one or maybe two levels of nesting, multiline strings, or comments.<p>So, I build my config systems to _generate_ YAML instead of “templating YAML.”<p>PyYAML extensions and ruamel.yaml exist—Though kind of out of date, and more new projects are using TOML. (From project description: “ruamel.yaml is a YAML parser&#x2F;emitter that supports roundtrip comment preservation”)<p>Confession: but yeah, not when I use ansible. Ansible double-dog-dares you to “jinja2 all the things” without much in the way of structured semantics.

I need a restraining order against YAML DSLs.

I can&#x27;t remember how many times I heard or saw the argument &quot;but that is in YAML&quot;, which implies that the configuration(or god forbid, the code) is simple and well designed. I find it hilarious.<p>And a worst contender is embedding text template like jinja in a YAML config and forcing everyone to use such abomination to change production config via deployment. Yes, I&#x27;m talking about Terraform or the like. Why people think this kind of design is acceptable is beyond my comprehension.

I think YAML is a good pick for non-developers &#x2F; content creators. The front matter section in Markdown files is a good example. Or is there a better, human-friendly alternative?

Serendipity strikes as I&#x27;m implementing an emrichen interpreter in golang after getting too annoyed about templating YAML as a string.<p>The reasons I like yaml is that I can see the tree structure directly, and to my lisp brain it is extremely easy to read. Furthermore, in our age of LLMs, I find LLMs to be able to generate &quot;correct&quot; YAML more easily than JSON, since the tree depth is encoded in every line, and doesn&#x27;t require matching larger structures. It also uses an actually significant amount less tokens.<p>I find it extremely easy to have LLMs generate decent DSLs by asking them to use a YAML output format, and found it very robust to generate code out of these (or generate an interpreter for the newly created DSL).<p>I didn&#x27;t know about !tags until sunday, which is quite shameful, but I find that the emrichen solution is actually quite elegant, and really kind of feels like a lisp macro expander.<p>Overall, YAML is just good enough for me to get shit done, I can read and skim it quickly, LLMs do well with it, and it&#x27;s easy to work with. It has aliases, multiline strings and some other Quality of life features built in.<p><a href="https:&#x2F;&#x2F;github.com&#x2F;con2&#x2F;emrichen">https:&#x2F;&#x2F;github.com&#x2F;con2&#x2F;emrichen</a>

The cycle seems: Invent a new static information format (XML&#x2F;JSON&#x2F;HTML&#x2F;...), reduce verbosity, add GUI, variables, comments, expressions, control flow, validation, transformation, static typing, compilers, IDE support, dependency management, and maybe a non-backwards-compatible major version etc. And you end up with yet another Java&#x2F;C# clone, just inferior because it was never meant to support all these things.

Obviously biased but we at Kurtosis are trying to solve this problem through Starlark.<p>We took Starlark added a few more of our instructions that make our Starlark container native. The complex Starlark definition supports<p>- Composition - you can import a remote definition and just use it - Decomposable - you can break things apart - Parametrizability - want one of a service and 10 of the other, just pass an argument - Portable - It runs pretty much anywhere<p>Our runtime takes the Starlark and creates environments in both Docker and Kubernetes; from one definition<p>Our CTO wrote this - <a href="https:&#x2F;&#x2F;docs.kurtosis.com&#x2F;advanced-concepts&#x2F;why-kurtosis-starlark&#x2F;" rel="nofollow">https:&#x2F;&#x2F;docs.kurtosis.com&#x2F;advanced-concepts&#x2F;why-kurtosis-sta...</a><p>We are source available <a href="https:&#x2F;&#x2F;github.com&#x2F;kurtosis-tech&#x2F;kurtosis">https:&#x2F;&#x2F;github.com&#x2F;kurtosis-tech&#x2F;kurtosis</a><p>Here is a popular environment definition - <a href="https:&#x2F;&#x2F;github.com&#x2F;kurtosis-tech&#x2F;ethereum-package">https:&#x2F;&#x2F;github.com&#x2F;kurtosis-tech&#x2F;ethereum-package</a> that protocol developers use to setup custom Ethereum test environments

For anyone struggling with Helm YAML syntax errors in their day job, I shamelessly advertise my browser-based debug tool Helm Playground:<p><a href="https:&#x2F;&#x2F;helm-playground.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;helm-playground.com&#x2F;</a> - <a href="https:&#x2F;&#x2F;github.com&#x2F;shipmight&#x2F;helm-playground">https:&#x2F;&#x2F;github.com&#x2F;shipmight&#x2F;helm-playground</a>

I&#x27;m designing a simple dev environment from scratch.<p>My solution for this is a sandboxed lua for programatic configuration:<p><a href="https:&#x2F;&#x2F;github.com&#x2F;civboot&#x2F;civlua&#x2F;tree&#x2F;main&#x2F;lib&#x2F;luck">https:&#x2F;&#x2F;github.com&#x2F;civboot&#x2F;civlua&#x2F;tree&#x2F;main&#x2F;lib&#x2F;luck</a><p>I can&#x27;t stand JSON (for many reasons) so I created a serialization format that combines it and CSV for nested objects<p><a href="https:&#x2F;&#x2F;github.com&#x2F;civboot&#x2F;civlua&#x2F;tree&#x2F;main&#x2F;lib&#x2F;tso">https:&#x2F;&#x2F;github.com&#x2F;civboot&#x2F;civlua&#x2F;tree&#x2F;main&#x2F;lib&#x2F;tso</a><p>I wish the industry would standardize on a solution like this. IMO you shouldn&#x27;t use a &quot;real&quot; language unless you can lock it down to be determinisitic. JSON is supposed to be human readable but fails for lots of real-world data like multi-line strings or lists of records.<p>CSV is more readable but doesn&#x27;t supported nested objects.

I wrote a monstrosity of a terraform module that takes pre-existing helm charts&#x2F;templates, feeds some json into them via terraform, translates the results to HCL, and deploys them.<p>It&#x27;s kind of a rube-goldberg machine that I made as a bespoke solution to a weird problem but it&#x27;s been fairly pleasant to work with so far.

I actually wrote about my thoughts on the tradeoffs between purely-config and purely-code:<p><a href="https:&#x2F;&#x2F;willhbr.net&#x2F;2024&#x2F;01&#x2F;18&#x2F;the-code-config-continuum&#x2F;" rel="nofollow">https:&#x2F;&#x2F;willhbr.net&#x2F;2024&#x2F;01&#x2F;18&#x2F;the-code-config-continuum&#x2F;</a>

The worst part about this mess is that it&#x27;s all fine and dandy with any other tool as long as it&#x27;s first party but as soon as you want to use another software you&#x27;re stuck reading and understanding the spaghetti that Helm inevitably becomes and hope that you can configure it the way you need to.<p>It&#x27;s come to the point that I don&#x27;t even think about using most charts and just build them myself. The issue with that is that software like Prometheus, Loki, Grafana or f.e. Postgres operators are so complex that it&#x27;s almost impossible do &quot;fix&quot; them.<p>This really is like that dog sitting in a burning house and saying &quot;This is fine&quot; because that&#x27;s how most go on with their day after hitting their head for a few hours and running dozens of pipelines.

I&#x27;m no fan of YAML but for an example of templating YAML that is tolerable, take a look at esphome[1] (and I suppose also home assistant).<p>In your main yaml file you have something like this:<p><pre><code> packages: left_garage_door: !include file: garage-door.yaml vars: door_name: Left door_location: left open_switch_gpio: 25 close_switch_gpio: 26 </code></pre> Then in garage-door.yaml you can reference the vars directly with ${door_name} syntax.<p>It&#x27;s the best version of templating YAML that I have experienced.<p>1. <a href="https:&#x2F;&#x2F;esphome.io&#x2F;guides&#x2F;configuration-types#packages-as-templates" rel="nofollow">https:&#x2F;&#x2F;esphome.io&#x2F;guides&#x2F;configuration-types#packages-as-te...</a>

From my vantage point it seems to have happened roughly like this<p>First we had arbitrary code that did something. Then we thought, &quot;hey wouldn&#x27;t it be nice if we could do this declaratively in a standard way using configuration instead?&quot; Then we could reason about it more easily. But then came the realization &quot;this declarative system isn&#x27;t quite powerful enough, what if we could sprinkle some logic on top of it&quot;. &quot;Hey wouldn&#x27;t it be nice if we could go back to doing it declaratively? I guess we can just add the missing features to our not-turing-complete config language&quot;. &quot;Wow now it can almost do everything I want.... but there is just this tiny little thing I want to do in addition, let&#x27;s do templating!&quot; etc

YAML is fine for human-maintained configuration. Yeah it has its footguns (like Norway) but if you&#x27;re actually writing human-maintained configuration then you quickly pick these up with practice and they turn into a non-issue.<p>If your configuration is complicated enough that it needs to be generated, then use a real general-purpose language to generate it. Not crummy pseudo-imperative constructs bolted onto the YAML.<p>At the very least, systems that take YAML as configuration should also take JSON as configuration. GitOps-style systems should allow you to define, not just system.yaml config, not just system.json config, but also system.js config, that is evaluated in some kind of heavily-restricted sandbox.

I would love for someone to eviscerate the following idea:<p>Every deployed process receives exactly 3 environment variables, NONCE, TAGS and CONFIG_DB_PARAMS. Every process is bootstrapped in the same way:<p><pre><code> 1. Initialize config db client. 2. config = db.fetchConfig(tags) 3. Use NONCE to signal config changes if needed. </code></pre> Of course there&#x27;s some environments where this Just Won&#x27;t Work. I&#x27;m wondering if there are some very serious issues with this approach in a &quot;standard&quot; web application environment. It seems so straightforward but I&#x27;ve literally never seen it done before, so I feel like I&#x27;m missing something.

It&#x27;s fashionable to hate YAML. And sometimes rightly so. But what are the alternatives? JSON, XML, INI, TOML, Dahl, Cue, JSONNET, HCL, your programming language of choice. Also let&#x27;s agree on the target use case - in that YAML is largely used for configuration and operational tasks. If I were to rank-order the features necessary in a good configuration language they would be 1) readability 2) data&#x2F;schema validation 3) stackability&#x2F;composability 4) language support 5) editor support 6) industry adoption. So let&#x27;s do a comparison:<p>YAML is fairly easy to read, has schema validation with the right library, and is pretty ubiquitous. It can get unwieldy like JSON though.<p>XML is big, ugly, unreadable. No one likes XML despite it&#x27;s robust schema validation capabilities.<p>Your programming language of choice doesn&#x27;t work because of the target use case unless you truly are a build-run group.<p>INI it too simplistic for many environments.<p>HCL is included because I&#x27;m a bit of a Terraform fanboy and it has great features like validation, readability and composability. However you&#x27;re not going to find it in the wild as a general purpose configuration language - outside of Terraform it just hasn&#x27;t taken hold.<p>Does anyone really use Dahll? (Serious question.)<p>JSON is nice because everyone understands JSON. JSON is not nice because all the brackets, braces, quotes, etc get in the way and make sufficiently large configurations hard to read. With the right library you can get schema validation.<p>JSONNET suffers from the same problems that JSON does, but adds more operations which makes sufficiently large things very hard to read.<p>TOML is nice and reminds me of INI in it&#x27;s simplicity.<p>Cue looks and smells like JSON, has schema validation, but is much more readable.<p>If I were to rank-order these options it would be 1) Cue 2) TOML 3) YAML 4) JSON 5) your programming language of choice 6) JSONNET 7) INI 8) HCL 9) XML 10) Dahll (maybe?). My point here is that while YAML has a lot to be desired it&#x27;s still very useful for most implementations and is better than many of the alternatives.

You guys are missing the big reason.<p>Most devops folks are former sysadmins with no developer experience.<p>The tools needed to be able to be picked up quickly without too much pain.<p>This is why our devops tooling in popular usage is not as robust as developer tools.<p>Know your audience.

YAML, TOML and JSON can be ingested to represent the same data structures internally, it&#x27;s just a few lines of code to decide which load() function should we use for a particular file. Why not support all three formats in your applications for configuration and just let users decide, which one they want to use? Put a &#x27;config.json&#x27; in &#x27;&#x2F;etc&#x2F;app&#x2F;conf.d&#x2F;&#x27; and you get the same data, as with &#x27;config.yml&#x27; or &#x27;config.toml&#x27;. Then users can use whichever format they prefer for the input data.

Yelling At My Laptop

This article is not convincing me about yaml or json templating.<p>The only thing I can think of is that generating these files requires picking a language platform. I chose Ruby to generate the k8s manifests I need.<p>If you are picking something that is meant to be language-agnostic, or to have very little ramp-up time, then sure, templating. It just comes at a cost where the templating language itself approaches that of a full blown, Turing-complete language as more features gets added, often with shaky foundations (such as HCL).

Like many other things, Azure services can be deployed using JSON. Of course it’s not just json, it’s an entire language of deployment definitions and templating language hidden within json markup.<p>But next to that, Microsoft came out with bicep, which is a domain specific language for defining resources. It comes with a full language server and is honestly quite nice to use (if only azure services had some sort of reasonable logic to them)<p>I think k8 and friends need their own biceps.

If you can write Python, Perl, Ruby, etc. Hell even yq in the shell. Then you have a full programming language that can output YAML or JSON in any way you want. No weird DSL, no twisting yourself into knots.<p>Just write normal code, make any data structure, print it as any data format. Call the code, output to temp file, use file, delete file.<p>Is it clunky? Yes. But it works, and you can&#x27;t get any simpler.<p>Keep it simple, silly.

I have no idea why people are so against code generation. If I want hundred different kinds of YAML or code, I just fully generate them.

Why do we need a special purpose language for this? Just for the slightly nicer syntax? Is that worth learning a completely new language?

Clearly lots of people have tried to replace YAML with something else and that hasn’t worked. What’s your wishlist on making YAML actually work for declarative systems? Or can it work?<p>Would things like..<p>A great LSP with semantic autocomplete, Native cross-file imports, and conditionals based on environment make things feel different&#x2F;better?<p>What should modern declarative systems be doing in your opinion?

I think we&#x27;re barking at the wrong tree here (speaking about Kubernetes workloads).<p>This ugly mess of low-ish level details will never go away. Developers that are trying to focus on developing apps will never enjoy these things and that&#x27;s fine.<p>Something like score.dev which abstracts things even further seems to be the way to go as the interface that is exposed to developers.

Is Kubernetes using YAML 1.1 still? Because some of the complaints I hear shouldn’t be an issue with 1.2.<p>Moreover the YAML spec allows for specifying the tags recognized per application.<p>So on two counts, if <i>“on”, “true”, “false”, as well as “yes”, “no”, “y”, “n”, “off”, and all capitalized and uppercase variants</i>, are all boolean literals, it is not YAML’s fault.

You’re going to hate absolutely everything involved in configuring Kubernetes because <i>you’re configuring Kubernetes.</i>

Author of the post here.<p>It&#x27;s always been relatively shocking to me that this is still relevant 4 years after I wrote it. Helm is as Ubiquitous as ever, despite attempts to replace it with Jsonnet, Cue and programming languages.<p>I&#x27;ve personally moved on from Jsonnet and would recommend Pulumi to anyone experiencing this problem.

Yeah I knew that answer would be Helm Charts.<p>I love Helm. Helm is magic. Helm makes my life tolerable.<p>But I’ve templates way too many yaml files.<p>If it were up to me XML would be default and we would use XSLT for templates.<p>I’m pretty sure you can use XSLT on JSON, which is logical identical to YAML. So something could be worked out.<p>Maybe that should be my next open source project.

Two things need to die and die quickly:<p>1) “blind configuration” Such as a CI pipeline config that you commit but can’t validate before you do.<p>2) Complex markup for config. Anything that can’t fit into a single screen of flat .toml or .ini style config should be <i>code</i>.

I think Steve Yegge got it right when he wrote:<p><i>I know, I know — everyone raves about the power of separating your code and your data . . . But it&#x27;s [not] what you really want, or all the creepy half-languages wouldn&#x27;t all evolve towards being Turing-complete, would they?</i><p><a href="https:&#x2F;&#x2F;sites.google.com&#x2F;site&#x2F;steveyegge2&#x2F;the-emacs-problem" rel="nofollow">https:&#x2F;&#x2F;sites.google.com&#x2F;site&#x2F;steveyegge2&#x2F;the-emacs-problem</a><p>Templating YAML is the same, but... Honestly, Jsonnet is too. If you&#x27;re going to generate JSON — by god use a normal programming language. You have to teach your team one fewer thing (approximately no one knows Jsonnet); it already integrates with your existing build system; if you wrote a useful util function in your main codebase <i>you can reuse it</i>; if you have a typechecker or a linter you can use it; etc etc.

If need anything more complicated than simple $var substitution, it&#x27;s time to use a general purpose scripting language with appropriate libraries to generate your data structure. A half-baked template DSL will never work.

In my case, I&#x27;m templating YAML because the Obsidian Templater plugin can read YAML frontmatter it asks you for and then fill in a Markdown file with the Mad Libs you choose to populate it with.<p>I understand this is a niche use case.

Perhaps we need something along the lines of an infrastructure description language. Some of these yamls get pretty long. Using a real language (like Python) is probably not constrained enough however.

A lot of people don&#x27;t know that JSON is valid YAML. You can mix JSON into your YAML wherever you need it.<p>So if you have issues expressing something complex in YAML (like nested arrays) just write JSON instead.

If you start templating yaml then you might want to give jsonnet a try

I keep coming back to tanka (<a href="https:&#x2F;&#x2F;tanka.dev&#x2F;" rel="nofollow">https:&#x2F;&#x2F;tanka.dev&#x2F;</a>) and hoping it had more traction in the industry.

I&#x27;d like to quote a snarky sig I once read on Slashdot:<p>&gt; You know what&#x27;s good about YAML? No, me neither.<p>Personally, I love using a Perl hash for my config files. But maybe I&#x27;m just mad.

Yeass. I encountered jsonnet thanks to Ory Kratos, it’s great. Yaml is an awful hack that’s only still around in devops because of chance and circumstance. I hate IT.

It’s funny that the post ends up recommending Jsonnet, which is a very close relative of the Google-internal “GCL,” which everyone at Google hates<p>Pick your poison, I guess.

The sidekick configuration file is a great example of when you’d want to template YAML.<p>In that instance the queue name is derived dynamically from the hostname.

Give it a couple of months: Why the f*ck are we templating JSON<p>This article feels very ironic to me hence the sarcasm.<p>Give me code as configuration and I&#x27;ll be interested

Obligatory reference to Rubynetes - using Ruby and rspec to generate the YAML files that k8s loves.<p>[0]: <a href="https:&#x2F;&#x2F;www.brightbox.com&#x2F;blog&#x2F;2020&#x2F;02&#x2F;24&#x2F;rubynetes-getting-helm-manifests-over-the-line-with-ruby&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.brightbox.com&#x2F;blog&#x2F;2020&#x2F;02&#x2F;24&#x2F;rubynetes-getting-...</a><p>[1]: <a href="https:&#x2F;&#x2F;www.brightbox.com&#x2F;blog&#x2F;2020&#x2F;02&#x2F;12&#x2F;rubynetes-kubernetes-config-the-easy-way&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.brightbox.com&#x2F;blog&#x2F;2020&#x2F;02&#x2F;12&#x2F;rubynetes-kubernet...</a><p>[2]: <a href="https:&#x2F;&#x2F;www.brightbox.com&#x2F;blog&#x2F;2020&#x2F;02&#x2F;17&#x2F;using-openapi-to-validate-kubernetes-configs&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.brightbox.com&#x2F;blog&#x2F;2020&#x2F;02&#x2F;17&#x2F;using-openapi-to-v...</a>

I guess templating your configuration is just an instance of the old wisdom that any problem is solvable by adding a layer of indirection.

YAMLScript now exists: <a href="https:&#x2F;&#x2F;yamlscript.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;yamlscript.org&#x2F;</a>

Config-as-code is this strange nightmare made for non- programmers to trick them into writing extractable formal logic.

For me, environmental variables are super simple and remove all the complexity of these configuration files.

There are people out there who, for various reasons, like to make things more complex than they have to be.

Helm becoming a de facto tool is up there with null in the top biggest mistakes our industry committed.

I feel like I wrote something on usenet with a similar title about imake in the early 90&#x27;s ...

I guess I&#x27;ll ask the dumb question - why not use Javascript directly instead of Jsonnette?

I&#x27;m reminded of DHH&#x27;s article, &quot;Rails is Omakase&quot; [0] back during the time when &quot;convention over configuration&quot; [1] was a common refrain, meant to avoid the proliferation of (YAML or XML) configuration files by assuming sensible defaults and pre-selecting various parts of the solution stack or architecture, instead of letting it be freely specified by the developer.<p>You lose a few degrees of freedom and flexibility in your implementation this way, but at the same time you also don&#x27;t need to wade through pages and pages of configuration documents.<p>Everything is cyclical. I&#x27;m waiting for the next &quot;omakase&quot; offering that provides a sane low-configuration platform for building &quot;cloud native&quot; apps. Right now it looks like we&#x27;re in an analogue of the XML hell that prompted the design philosophy of Rails and &quot;convention over configuration.&quot;<p>[0] <a href="https:&#x2F;&#x2F;dhh.dk&#x2F;2012&#x2F;rails-is-omakase.html" rel="nofollow">https:&#x2F;&#x2F;dhh.dk&#x2F;2012&#x2F;rails-is-omakase.html</a><p>[1] <a href="https:&#x2F;&#x2F;wiki.c2.com&#x2F;?ConventionOverConfiguration" rel="nofollow">https:&#x2F;&#x2F;wiki.c2.com&#x2F;?ConventionOverConfiguration</a>

Having XSLT flashbacks. Send help.

any1 want to invent jsonc with me? It will be json but with comments

Yaml template is horrible but jsonnet also hurts my feelings :&#x2F;

JSON not including comments has caused so much labor for the world.

Honestly I find all these different config languages either too much to learn or they get too unwieldy quickly.<p>I have arrived that I think using typescript to generate JSON as being the ultimate solution.<p>Easy JSON support, optional typing, you already know it, and adding reusable functions and libraries is understandable. Just prevent external node modules, and have a tool that takes a typescript file with a default export of some JSON and renders the JSON to a string on stdout.

I forgo Kubernetes because of my hate for YAML.

Templated yaml is readable if you do it right.

I, too, loved hiera and puppet.

Relevant: <a href="https:&#x2F;&#x2F;noyaml.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;noyaml.com&#x2F;</a><p>YAML and its ecosystem is full of footguns and ergonomics problems, especially when the length of the document extends beyond the height of a user&#x27;s editor or viewport. Loss of context with indentation, non-compliant or unsafe parsers, and strange boolean handling to name a few.<p>It becomes even worse when people decide that static YAML data files should have variable substitution or control flow via templating. &quot;Stringly-typed programming&quot; if you will. If we all started writing JSON text templates I think a lot of people would rightly argue we should write small stdlib-only programs in Python, Typescript, or Ruby to emit this JSON instead of using templated text files. Then it becomes apparent that the YAML template isn&#x27;t a static data file at all, but part of a program which emits YAML as output. We&#x27;re already exposing people to basic programming if we&#x27;re using YAML templates. People brew a special kind of YAML-templated devops hell using tools like Kustomize and Helm, each of which are &quot;just YAML&quot; but are full of idiosyncracies and tool-specific behaviour which make the use of YAML almost coincidental rather than a necessity.<p>Yes, sometimes people would prefer to look at YAML instead of JSON, in which case I suggest you use a YAML serialization library, or pipe output into a tool like `yq` so you can view the pretty output. In a pinch you could even output JSON and then feed it through a YAML formatter.<p>The Kubernetes community seems to have this penetrating &quot;oh, it&#x27;s just YAML&quot; philosophy which means we get mediocre DSLs in &quot;just YAML&quot; which actually encode a lot of nuanced and unintuitive behaviour which varies from tool to tool.<p>Look at kyverno, for example: it uses _parentheses_ in YAML key names to change the semantics of security policies! <a href="https:&#x2F;&#x2F;kyverno.io&#x2F;docs&#x2F;writing-policies&#x2F;validate&#x2F;" rel="nofollow">https:&#x2F;&#x2F;kyverno.io&#x2F;docs&#x2F;writing-policies&#x2F;validate&#x2F;</a> . This is different to (what I think are the much better ideas of) something like kubewarden, gatekeeper, or jspolicy, which allow engineers to write their policies in anything that compiles to WASM, OPA, and Typescript&#x2F;Javascript respectively.<p>We engineers, as a discipline, have decades of know-how building and using general purpose programming languages with type checkers, linters, packaging systems, and other tools, but we throw them all away as soon as YAML comes along. It&#x27;s time to put the stringified YAML templates away and engage in the ecosystem of mature tools we already know to perform one simple task they are already good at: dumping JSON on stdout.<p>Let&#x27;s move the control flow back into the tool and out of the YAML.

now I play a bit with nix and its config language.<p>i like yaml now.

The real question here is, why the fuck are you not using a restricted LISP dialect, generating an S-expression using macros.

To me YAML seems like the CoffeeScript of JSON, and unlike CoffeeScript I don’t understand why people are still using it.<p>I guess XML and JSON are too verbose. But YAML is so far in the opposite direction, we get the same surprise conversions we’ve had in Excel (<a href="https:&#x2F;&#x2F;ruudvanasseldonk.com&#x2F;2023&#x2F;01&#x2F;11&#x2F;the-yaml-document-from-hell" rel="nofollow">https:&#x2F;&#x2F;ruudvanasseldonk.com&#x2F;2023&#x2F;01&#x2F;11&#x2F;the-yaml-document-fr...</a>). Why is “on” a boolean literal (of course so are “true”, “false”, as well as “yes”, “no”, “y”, “n”, “off”, and all capitalized and uppercase variants)? And people are actually using this in production software?<p>Then when you add templating it’s no longer readable and concise anyways. So, why? In JSON, you can add templating super easily by turning it into regular JavaScript: use global variables, functions and the like. I don’t understand how anyone could prefer YAML with an ugly templating DSL over that.<p>And if you really care about conciseness, there’s TOML. Are there any advantages of YAML over TOML?

YAML is for human. JSON is for computers. I love YAML.

If only we had yet another system to solve this problem. Oh look, the author has one.<p>xkcd 927.

The problem is very specifically the fact that YAML, as a config language, sucks.<p>I have no idea why people started using it. &quot;bUt jSOn dOeSn&#x27;T HaVe cOmMenTS&quot; ... oh gimme a break! You want a comment in JSON?<p><pre><code> { &quot;&#x2F;&#x2F;&quot;: &quot;This is a comment explaining key1.&quot;, &quot;key1&quot;: &quot;value1&quot;, &quot;&#x2F;&#x2F;&quot;: &quot;This is a comment explaining key2.&quot;, &quot;key2&quot;: &quot;value2&quot; } </code></pre> There. Not so hard. Writing a config parser that just ignores all keys starting with &quot;&#x2F;&#x2F;&quot; is trivially easy...if it&#x27;s necessary to ignore them at all that is, because most config parsers I have seen couldn&#x27;t care less about unknown keys, let alone repeated keys.<p>So what other &quot;reasons&quot; were there for YAML?<p>Oh, the human readbility thing. Yeah. Because syntactically relevant whitespace is such a joy in a data serialization format. It&#x27;s bad enough when a programming language does that (and I am saying this as someone who likes python), but a serialization format? Who thought that would make things easier?<p>And then of course there are other things filled with joy and happiness...like the multiple ways to write &quot;true&quot; and &quot;false&quot;, because that&#x27;s absolutely necessary for some reason.<p>&quot;Oh but what about strict-yaml?!&quot; I hear the apologies coming...great, so now I have the ambiguitiy of what parser is used on top of the difficulties introduced by the language itself. Amazing stuff. If that&#x27;s the solution, then I&#x27;d rather not have the problem (aka. the language).<p>But despite all[1] these[2] problems[3] and more, YAML somehow became the goto language for configuring pretty much everything in DevOps, first in containerization, then in cloud, and everything in between. And as a result, we now have to make sure our config template parsers get whitespace right. Great.<p>So bottom line: The problem here is maybe 1&#x2F;3 the complexity of config files and 2&#x2F;3rd the fact that YAML should have never been used as a configuration format in the first place. It&#x27;s benefits are too small, and it&#x27;s quirks make too many problems for that role, outside of really trivial stuff like a throwaway Dockerfile.<p>Want config? Use JSON. And if you need something more &quot;human friendly&quot;, use TOML.<p>[1]: <a href="https:&#x2F;&#x2F;github.com&#x2F;cblp&#x2F;yaml-sucks">https:&#x2F;&#x2F;github.com&#x2F;cblp&#x2F;yaml-sucks</a><p>[2]: <a href="https:&#x2F;&#x2F;changelog.com&#x2F;posts&#x2F;xml-better-than-yaml" rel="nofollow">https:&#x2F;&#x2F;changelog.com&#x2F;posts&#x2F;xml-better-than-yaml</a><p>[3]: <a href="https:&#x2F;&#x2F;noyaml.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;noyaml.com&#x2F;</a>

So true. I abhor yaml. It’s impossible to know correct indentation without a plugin that shows it which isn’t available in many cases where you edit yaml. It’s whitespace sensitive. The data types are not obvious. It’s just all a round bad<p>I love json. It’s explicit and easy to read. We should just be using json for everything that needs to be human readable.

I wonder whether doing away with config altogether is a solution.<p>Just build an application that calls AWS APIs directly when you want to deploy or update an environment.