Yoke: Infrastructure as code, but actually

Original Article ↗ Hacker News Discussion ↗

Terraform vs “real” code and dynamic infrastructure

  • Large subthread debates the claim that Terraform can’t create DNS records for a dynamic number of instances.
    • Some say this is trivial with for_each, data sources, and/or random provider; they view the article’s example as naive.
    • Others counter that Terraform’s static graph and one-shot CLI make it poor at reacting to runtime changes (e.g., autoscaling outside Terraform) without external orchestration or repeated apply runs.
  • Supporters argue Terraform’s declarative model and reduced expressiveness are features: easier to read, reason about, and standardize than arbitrary code.
  • Critics prefer Pulumi/CDK/SDKs where full languages allow direct loops, conditionals, and richer abstractions; they see multi-state-file workflows and Terragrunt as workarounds for Terraform’s limits.
  • Several note Terraform’s real strengths: state tracking, parallelism, dependency graph, and huge provider ecosystem.

Yoke’s scope: Helm replacement, not Terraform replacement

  • Multiple commenters point out Yoke targets Kubernetes manifests and Helm-style packaging, not cloud infra provisioning end-to-end.
  • It can reach infra via operators like Crossplane or external-dns, but that presupposes a running cluster.
  • Some find the post confusing for starting with a Terraform rant while offering a tool that really competes with Helm/timoni/Jsonnet/CDK8s.

Configuration languages vs general-purpose languages

  • Ongoing debate: declarative DSLs (Terraform, YAML, CUE) vs code (Go/Rust/TypeScript).
    • Pro-DSL: less expressive on purpose, easier to audit, avoids “clever” abstractions that hurt readability.
    • Pro-code: better abstraction, type safety, reuse, and easier handling of nontrivial logic like “create N of X” or cross-resource wiring.
  • Some advocate a two-step model: write imperative code to generate declarative config (Terraform+CDKTF, Pulumi, Cue templates, Yoke).

WASM and runtime concerns

  • Yoke compiles Go/Rust to WebAssembly to avoid installing full toolchains and to sandbox execution.
  • Skeptics argue this just shifts complexity: you still need a WASM runtime per platform, akin to shipping Go binaries or using JVM/.NET.
  • Some question the security argument about Pulumi-style runtimes; others suggest containerizing the tooling instead.

Broader ecosystem and “horses for courses”

  • Alternatives discussed: Pulumi, CDK/CloudFormation, CDK8s, Crossplane, Cue, Nix, Ansible, Docker Swarm, Argo/Flux-based GitOps.
  • Several emphasize context: Terraform shines for long-lived, “pet” infrastructure and heterogeneous stacks; dynamic app-level concerns may be better handled inside Kubernetes via operators/controllers or language-based tools.