|
| 1 | +The [FAQ](https://carvel.dev/ytt/docs/latest/faq/#can-i-generate-random-strings-with-ytt) |
| 2 | +for ``ytt`` includes the entry: |
| 3 | + |
| 4 | +> **Can I generate random strings with ytt?** |
| 5 | +> No. A design goal of ytt is determinism, which keeps randomness out of scope. |
| 6 | +
|
| 7 | +One purpose of this workshop was to have a discussion to show that randomness |
| 8 | +need not be all evil. |
| 9 | + |
| 10 | +Yes, tools like Helm have problems but this is because they surface a standard |
| 11 | +API for accessing random numbers with no constraints on how it can be used. |
| 12 | + |
| 13 | +Hopefully in this workshop you can see that a system for generating random |
| 14 | +values rooted in the concept of needing to be driven by defined seeds can |
| 15 | +provide a reasonable middle ground that can make some tasks more convenient as |
| 16 | +a fallback behaviour, but where best practice would still be to inject |
| 17 | +passwords and other generated secrets as data input values from an external |
| 18 | +source. |
| 19 | + |
| 20 | +As a result I personally believe that ``ytt`` should provide the ability to |
| 21 | +generate random numbers, passwords, tokens and other generated data. |
| 22 | + |
| 23 | +Key to making this work and not resulting in people shooting themselves in the |
| 24 | +foot is to document well the best conventions as to how to make use of such a |
| 25 | +feature, much like I have covered the various issues in this workshop. So long |
| 26 | +as you do this it can be a valuable feature for those who heed the guidelines |
| 27 | +to ensure that the goal of deterministic output can still be achieved. |
| 28 | + |
| 29 | +To that end I would like to see a builtin ``random`` module with a similar |
| 30 | +interface to what I described for ``seed()`` and ``random()``. The random |
| 31 | +number generator could then use a more robust implementation, included |
| 32 | +directly in ``ytt`` and not using a library, so that you are guaranteed it |
| 33 | +doesn't change suddenly resulting in existing output being broken if the |
| 34 | +sequence of random numbers generated changes. |
| 35 | + |
| 36 | +As to the concept of a master seed, for that I would like to see ``ytt`` have |
| 37 | +a command line option ``--seed`` for overriding the default. This way you |
| 38 | +don't end up with the problem of whatever data value name you use clashing |
| 39 | +with a user trying to use the same name. Being a command line option makes |
| 40 | +it more visible and not just some hidden feature that no one knows about. |
| 41 | + |
| 42 | +I would also like to see more builtin modules for hash generation. Currently |
| 43 | +only ``sha256`` is supported, but there are other commonly used algorithms for |
| 44 | +where applications expect hashed data. I would also like to see ``sha1``, |
| 45 | +``bcrypt`` and ``argon2`` supported. |
| 46 | + |
| 47 | +As explained in this [Carvel |
| 48 | +issue](https://github.com/vmware-tanzu/carvel-ytt/issues/106) related to |
| 49 | +``bcrypt`` support this can mean requiring a random number generator to |
| 50 | +generate salt values. In that issue though it pushes towards that being passed |
| 51 | +in as a data value, although if the system for random number generation as |
| 52 | +explained in this workshop were used, it could rely on it instead. |
| 53 | + |
| 54 | +Stressing once more though, including all this is as a convenience which would |
| 55 | +make things easier when dealing with what to do as a default. It would not do |
| 56 | +away with the idea that things like passwords, or hashed password database |
| 57 | +entries should be passed in from an external source if you want to do things |
| 58 | +in the best way possible. |
0 commit comments