Support for proper configuration language

[gytis-ivaskevicius]

Description

HCL is verbose and not turing complete, general-purpose programming languages add additional complexity and verbosity (Maybe not as verbose as HCL)

I would love to have some proper configuration language for terrafrom. Possible candidates:

• Jsonnet
  • Clean, simple, everyone feels familiar with it
  • Type system is underdeveloped
• Nickel
  • Great type system
  • New project, lacks users or people familiar with the syntax

• Nix

  • Project terranix already exists
  • Not a great fit, does not run on windows
  • terranix could be improved quite a bit with autogenerated types, its been a while since I worked with it, cant remember other downsides

  Terranix example: I don't recommend Nix support but this should be a good visualization to imagine how Jsonnet/Nickel would look like

{ config, ... }:
let
  inherit (config) resource;
  compartment_id = "\${var.tenancy_ocid}";
  cidr_block = "10.10.0.0/24";

  # We can define functions to reduce verbosity
  mkSomeResource = {var1, var2}: {
    inherit var1 var2;
    abc = 123;
  };
in
{

  # using function from above
  resource.something = mkSomeResource {
    var1 = "123";
    var2 = "abc";
  };

  resource.oci_core_vcn.main = {
    inherit cidr_block compartment_id;
    dns_label = "main";
    display_name = "main";
  };

  resource.oci_core_internet_gateway.main = {
    inherit compartment_id;
    vcn_id = "\${oci_core_vcn.main.id}";
    display_name = "main";
  };

  resource.oci_core_subnet.public = {
    inherit cidr_block compartment_id;
    vcn_id = "\${oci_core_vcn.main.id}";
    display_name = "public";
    dns_label = "public";
    security_list_ids = [ "\${resource.oci_core_security_list.allow-all.id}" ];
  };

  resource.oci_core_default_route_table.ain = {
    manage_default_resource_id = "\${oci_core_vcn.main.default_route_table_id}";

    route_rules = {
      network_entity_id = "\${resource.oci_core_internet_gateway.main.id}";

      description = "internet gateway";
      destination = "0.0.0.0/0";
    };
  };

  resource.oci_core_default_security_list.default = {
    manage_default_resource_id = "\${oci_core_vcn.main.default_security_list_id}";

    egress_security_rules = [
      { protocol = "6"; destination = "0.0.0.0/0"; }
      { protocol = "17"; destination = "0.0.0.0/0"; }
    ];

    # We have `map` function to simplify definitions. Turing complete config languages are great
    ingress_security_rules = map
      (it: {
        inherit (it) description;
        tcp_options = {
          max = it.port;
          min = it.port;
        };
        protocol = "6";
        source = "0.0.0.0/0";
      }) [
      { description = "SSH"; port = 22; }
      { description = "HTTPS"; port = 443; }
      { description = "HTTP"; port = 80; }
    ];
  };

  resource.oci_core_security_list.allow-all = {
    inherit compartment_id;
    vcn_id = "\${oci_core_vcn.main.id}";

    egress_security_rules = {
      destination = "0.0.0.0/0";
      protocol = "all";
    };

    ingress_security_rules = [
      {
        protocol = "6";
        source = "0.0.0.0/0";
        description = "SSH";

        tcp_options = {
          max = 22;
          min = 22;
        };
      }
      {
        protocol = "all";
        source = "0.0.0.0/0";
      }
    ];
  };
}

References

No response

Help Wanted

• [ ] I'm interested in contributing a fix myself

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment