Configuration, IaC & Build DSL Languages — Tier 3 Index
Configuration, IaC & Build DSL Languages — Tier 3 Index
- Type: Tier 3 family index
- Family: Configuration / Infrastructure-as-Code / Build DSLs
- Languages catalogued: 22
- Last updated: 2026-05-07
Family overview
Configuration and build DSLs are the quiet majority of the languages most engineers actually touch every day. They split into three overlapping branches:
- Pure-config languages (Nix, Dhall, Cue, Jsonnet, KCL, Starlark) — typed, sandboxed, deterministic; designed to replace hand-written YAML/JSON with something that has variables, imports, and (in the typed cases) constraints. They reject I/O and side effects on principle: a config file should compute the same value on every machine.
- Infrastructure-as-Code (HCL/Terraform, Pulumi, Ansible, Puppet, Chef, Salt, Helm, Kustomize) — the language is just a surface; the real semantics live in a provider model that diffs declared state against an external system (AWS, Kubernetes, a Linux box) and reconciles. HCL won the public-cloud layer; Helm + Kustomize won the Kubernetes layer; Ansible won the SSH-into-a-box layer.
- Build DSLs (Make, Ninja, CMake, Meson, Bazel, Buck2, SCons, Waf, Premake, Tup, Earthly) — DAG description languages whose job is to be both expressive enough for humans and constrained enough that an engine can parallelize and cache them. The split here is between meta-build tools that emit lower-level build files (CMake → Ninja, Meson → Ninja, Premake → make/MSBuild) and direct builders (Bazel, Buck2, Make).
The unifying theme of the 2020s has been typed config: Cue, Dhall, KCL, and Pkl (Apple) all argue that schemaless YAML at scale is a bug, not a feature, and that configuration deserves a real type system. Whether any of them displaces YAML at scale is still open.
In our deep library
No deep notes exist for any language in this family yet. Cross-cutting context lives in:
- build-systems (if present) for the build-DSL split
- declarative-paradigm for the typed-config movement
Tier 3 — the family
| Language | First release | Status 2026 | Niche | Why it matters | Source URL |
|---|---|---|---|---|---|
| Nix | 2003 | Active, growing | Reproducible package builds + system config | Purely-functional language whose evaluation produces a deterministic store path; backbone of NixOS and increasingly used as a build cache for non-Nix projects | https://nixos.org/ |
| Dhall | 2017 | Active, niche | Total functional config | No I/O, no recursion, guaranteed termination; can compile to YAML/JSON; a deliberate “anti-Turing-complete” stance for safety | https://dhall-lang.org/ |
| Cue | 2018 | Active, gaining | Typed JSON/YAML superset | Unifies schema and value in one language via lattice-based constraint solving; Google-incubated, used by Istio, Tailscale, Dagger | https://cuelang.org/ |
| Jsonnet | 2014 | Active | Templated JSON | Google’s take on “JSON with functions and inheritance”; widely used in Grafana dashboards, Tanka, ksonnet legacy | https://jsonnet.org/ |
| HCL (HashiCorp Configuration Language) | 2014 | Dominant | Public-cloud IaC | The de facto IaC syntax via Terraform/OpenTofu; humans read HCL, machines see JSON-equivalent AST | https://github.com/hashicorp/hcl |
| Starlark (formerly Skylark) | 2017 | Active | Build-system config | Deterministic Python subset; runs Bazel BUILD files, Buck2, Tilt, and Pants; deliberately drops recursion, while/for-else, and other non-deterministic Python features | https://github.com/bazelbuild/starlark |
| Puppet DSL | 2005 | Mature, declining | Declarative system config | Resource-graph model with idempotent providers; one of the foundational IaC languages, now overshadowed by Ansible and Terraform | https://puppet.com/docs/puppet/latest/lang_summary.html |
| Ansible (YAML-as-language) | 2012 | Dominant in agentless config mgmt | SSH-driven imperative-declarative hybrid | YAML playbooks orchestrate idempotent modules over SSH; effectively a YAML-shaped scripting language with Jinja2 expressions | https://docs.ansible.com/ |
| Chef (Ruby DSL) | 2009 | Mature, declining | System config | Internal Ruby DSL; recipes and resources; led the early DevOps wave alongside Puppet | https://docs.chef.io/ |
| Salt (Salt DSL / Jinja YAML) | 2011 | Mature, niche | Event-driven config + remote execution | YAML+Jinja state files over a ZeroMQ pub/sub bus; strong in HPC and large fleets | https://docs.saltproject.io/ |
| KCL (Kusion Configuration Language) | 2022 | Active, growing | Typed cloud-native config | CNCF Sandbox project; type-safe alternative to YAML/Helm with first-class schema validation | https://www.kcl-lang.io/ |
| Pulumi | 2018 | Active | Real-language IaC | Not its own DSL — uses TypeScript, Python, Go, C#, Java, YAML; “configuration as code in the language you already know” | https://www.pulumi.com/docs/ |
| Helm templates (Go templates + YAML) | 2016 | Dominant | Kubernetes packaging | Go template language over YAML; a chart is a parameterized bundle of K8s manifests; criticized for whitespace fragility but unmatched in ecosystem | https://helm.sh/docs/ |
| Kustomize | 2018 | Dominant alongside Helm | Overlay-based K8s config | Pure-YAML overlays + patches; no templating, just merging; built into kubectl since v1.14 | https://kustomize.io/ |
| Make | 1976 | Universal, ancient | Original build DSL | Tab-significant rules + macros; the bedrock; every later build tool defines itself relative to Make | https://www.gnu.org/software/make/manual/ |
| Tup | 2009 | Niche | DAG-based build | Tracks file accesses via FUSE/inotify so the build graph is correct by construction, not declared | https://gittup.org/tup/ |
| Ninja | 2012 | Universal as backend | Low-level build DSL | Designed to be machine-generated; minimal syntax, maximally fast incremental builds; used by CMake, Meson, gn | https://ninja-build.org/ |
| CMake | 2000 | Dominant in C/C++ | Meta-build | CMake DSL describes targets cross-platform, generates Ninja/Make/MSBuild/Xcode projects; ubiquitous despite frequent complaints | https://cmake.org/cmake/help/latest/ |
| Meson | 2013 | Active, growing | Modern meta-build | Python-flavored DSL; emits Ninja; used by GNOME, systemd, GStreamer | https://mesonbuild.com/ |
| Bazel | 2015 (open-sourced from Google’s Blaze) | Active | Hermetic, scalable build | Starlark BUILD files + a content-addressed action cache; built for monorepos, used at Google, Stripe, Pinterest, Lyft | https://bazel.build/ |
| Buck2 | 2023 | Active | Meta’s Bazel-class rebuild | Rewritten in Rust on top of a more general DAG engine; Starlark front-end; replaced original Buck (Java) | https://buck2.build/ |
| SCons | 2000 | Mature, niche | Python-as-build-DSL | The build script is a Python program; flexibility but slower than Ninja-class engines; still used in scientific code and SCons-native projects | https://scons.org/ |
| Waf | 2005 | Niche | Python-based build | Python build framework; powers Samba’s build; explicit configure/build/install phases | https://waf.io/ |
| Premake | 2002 | Niche | Lua-based build | Lua DSL that emits VS solutions, Xcode projects, Make/Ninja; popular in indie game dev | https://premake.github.io/ |
| Earthly (Earthfile DSL) | 2020 | Active | Containerized build | Combines Make-style targets with Dockerfile syntax; every step runs in a container for reproducibility | https://earthly.dev/ |
Notable threads
- The “typed YAML” arc. Jsonnet (2014) opened the door, Cue (2018) added constraints as types, Dhall (2017) added totality, KCL (2022) and Apple’s Pkl (2024) extend the trend. The thesis is the same in all four: untyped YAML at production scale is structurally unsafe.
- Starlark as the build-DSL standard. Bazel, Buck2, Pants 2, and Tilt all picked Starlark. Determinism and a familiar Python-shape made it the path of least resistance once Bazel proved the design out.
- HCL’s quiet monopoly. Terraform won the IaC wars in the mid-2010s. With OpenTofu now a CNCF project after the BSL relicense, HCL is effectively the lingua franca of cloud declaration regardless of which engine evaluates it.
- Helm vs Kustomize was a draw. Both shipped in
kubectland both ecosystems thrive; teams routinely run Helm to render charts, then layer Kustomize overlays on top. - Make is immortal. Despite 50 years and a hundred replacements,
makeremains the default./configure && make && sudo make installritual, the orchestrator-of-orchestrators in CI files, and the “I’ll just write a Makefile” answer at every shop.
Citations
- NixOS Foundation, “Nix Reference Manual”, https://nix.dev/manual/nix/
- Dhall Project, “Dhall Configuration Language”, https://dhall-lang.org/
- CUE Authors, “The Logic of CUE”, https://cuelang.org/docs/concept/the-logic-of-cue/
- Google, “Jsonnet — The Data Templating Language”, https://jsonnet.org/
- HashiCorp, “HCL — HashiCorp Configuration Language”, https://github.com/hashicorp/hcl
- Bazel Authors, “Starlark Language”, https://bazel.build/rules/language
- Puppet, “Puppet Language Reference”, https://puppet.com/docs/puppet/latest/lang_summary.html
- Red Hat, “Ansible Documentation”, https://docs.ansible.com/
- Progress Chef, “Chef Infra Documentation”, https://docs.chef.io/
- VMware Tanzu, “Salt Project Documentation”, https://docs.saltproject.io/
- KusionStack, “KCL Documentation”, https://www.kcl-lang.io/
- Pulumi, “Pulumi Documentation”, https://www.pulumi.com/docs/
- CNCF, “Helm — The Kubernetes Package Manager”, https://helm.sh/docs/
- Kubernetes SIG-CLI, “Kustomize”, https://kustomize.io/
- Free Software Foundation, “GNU Make Manual”, https://www.gnu.org/software/make/manual/
- Gittup, “Tup Build System”, https://gittup.org/tup/
- Martin, “Ninja Build System”, https://ninja-build.org/
- Kitware, “CMake Documentation”, https://cmake.org/cmake/help/latest/
- Meson Project, “The Meson Build System”, https://mesonbuild.com/
- Bazel Authors, “Bazel — A Fast, Scalable, Multi-Language Build System”, https://bazel.build/
- Meta, “Buck2 Documentation”, https://buck2.build/
- SCons Foundation, “SCons User Guide”, https://scons.org/documentation.html
- Waf Project, “Waf Book”, https://waf.io/book/
- Premake Project, “Premake Documentation”, https://premake.github.io/docs/
- Earthly Technologies, “Earthly Documentation”, https://docs.earthly.dev/