Terraform

273 readers
1 users here now

Discuss about Terraform and OpenTofu (an open Terraform fork).

Links

founded 1 year ago
MODERATORS
1
2
3
4
5
6
7
 
 

cross-posted from: https://feddit.nu/post/4403233

On April 3rd, we received a Cease and Desist letter from HashiCorp regarding our implementation of the "removed" block in OpenTofu, claiming copyright infringement on the part of one of our core developers. We were also made aware of an article posted that same day with the same accusations. We have investigated these claims and are publishing the C&D letter, our response and the source code origin document resulting from our investigation.

The OpenTofu team vehemently disagrees with any suggestion that it misappropriated, mis-sourced, or otherwise misused HashiCorp’s BSL code. All such statements have zero basis in facts.

HashiCorp has made claims of copyright infringement in a cease & desist letter. These claims are completely unsubstantiated.

The code in question can be clearly shown to have been copied from older code under the MPL-2.0 license. HashiCorp seems to have copied the same code itself when they implemented their version of this feature. All of this is easily visible in our detailed SCO analysis, as well as their own comments which indicate this.

Documents

To prevent further harassment of individual people, we have redacted any personal information from these documents.

Conclusion

Despite these events, we have managed to carry out significant development on OpenTofu 1.7, including state encryption, “for_each” implementation for “import” blocks, as well as the all-new provider-defined functions supported by the recently released provider plugin protocol.

On that note, we will be releasing a new pre-release version next week, and we are eager to gather feedback from the community.

— The OpenTofu Team


The image in this blog post contains code licensed under the BUSL-1.1 by HashiCorp. However, for the purposes of this post we are making non-commercial, transformative fair use under 17 U.S. Code § 107. You can read more about fair use on the website of the US Copyright Office.

8
9
10
11
 
 

I have a massive terraform state I maintain for work. After learning about reusing resources using modules I adopted the same rule for terraform I have for other PLs "only call functions in the main func". Meaning I'm only allowed to declare modules that reference resources at the top level.

My problem is that I have modules calling modules all over the place, the average length of any of my resources is 8 names. I have values I want to share across multiple different kinds of modules that do different things. Currently I have a top level module called "constants" with output blocks to store every constant I need. It works to an extent.

The thing is that I had a similar problem when web developing in React. Prop drilling is a coding style in React where a component receives a prop just for the purpose of passing the prop to a child component, the receiving component doesn't actually need that prop for itself. React solves this by the context api which lets one component pass a value to any child component of any depth. How can we have something similar in Terraform? Even though every resource I have is defined once in code, it declares the same resources hundreds of times with different appropriate values.

I wish I could pass things like the dockerSecret to a kubernetes deployment 6 modules deep in such a way that that dependant component of a module waits for the docker secret to be created while other resources that don't depend on it can be scheduled to be created later. Prop drilling doesn't work all that well and it forces you to copy alot of code. Maybe modules aren't the best way to reuse resources.

I feel like HCL doesn't have syntax that would support such a thing idomatically. Maybe something like decorator syntax or a special type of block where you write a proper data, resource, or module block?

What do you guys think?

12
13
14
15
16
20
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 
 

OpenTofu is also officially under the Linux Foundation.

You will invoke tofu instead of terraform.

17
 
 

For context: https://opentf.org/

18
 
 

If you guys want, you can set it as community icon.

19
20
21
22
 
 

As Lemmy isn't quite so large yet, wouldn't it be better to have a community to discuss all of the Hashicorp suite, amongst them terraform? I think it would allow for more activity, and better crossfeed of information.

23
 
 

FEATURES:

New Data Source: azurerm_mobile_network_attached_data_network (#22168) New Resource: azurerm_graph_account (#22334) New Resource: azurerm_mobile_network_attached_data_network (#22168)

ENHANCEMENTS:

dependencies: bump go-azure-sdk to v0.20230720.1190320 and switch machinelearning, mixedreality, mariadb, storagecache, storagepool, vmware, videoanalyzer, voiceServices and mobilenetwork to new base layer (#22538) dependencies: move azurerm_bastion_host and azurerm_network_connection_monitor over to hashicorp/go-azure-sdk (#22425) dependencies: move azurerm_network_watcher_flow_log to hashicorp/go-azure-sdk (#22575) dependencies: move mysql resources over to hashicorp/go-azure-sdk (#22528) dependencies: move storage_sync resources over to hashicorp/go-azure-sdk (#21928) dependencies: updating to API Version 2022-08-08 (#22440) postgres - updating to API Version 2023-03-01-preview (#22577) data.azurerm_route_table - support for the bgp_route_propagation_enabled property (#21940) data.azurerm_servicebus_* - add deprecation messages for the resource_group_name and namespace_name properties (#22521) azurerm_cdn_frontdoor_rule - allow the conditions.x.url_path_condition.x.match_values property to be set to / (#22610) azurerm_eventhub_namespace - updates properly when encryption is enabled (#22625) azurerm_logic_app_standard - now exports the auto_swap_slot_name attribute (#22525) azurerm_mysql_flexible_server_configuration - the value property can now be changed without creating a new resource (#22557) azurerm_postgresql_flexible_server - support for 33554432 storage (#22574) azurerm_postgresql_flexible_server - support for the geo_backup_key_vault_key_id and geo_backup_user_assigned_identity_id properties (#22612) azurerm_spring_cloud_service - support for the marketplace block (#22553) azurerm_spring_cloud_service - support for the outbound_type property (#22596)

BUG FIXES:

provider: the Resource Providers Microsoft.Kubernetes and Microsoft.KubernetesConfiguration are no longer automatically registered (#22580) data.automation_account_variables - correctly populate missing variable attributes (#22611) data.azurerm_virtual_machine_scale_set - fix an issue where computer_name, latest_model_applied, power_state and virtual_machine_id attributes were not correctly set (#22566) azurerm_app_service_public_certificate - poll for certificate during read to get around an eventual consistency bug (#22587) azurerm_application_gateway - send min_protocol_version and correct policy_type when using CustomV2 (#22535) azurerm_cognitive_deployment - remove upper limit on validation for the capacity property in the scale block (#22502) azurerm_cosmosdb_account - fixed regression to default_identity_type being switched to FirstPartyIdentity on update (#22609) azurerm_kubernetes_cluster - the windows_profile.admin_password property will become Required in v4.0 (#22554) azurerm_kusto_cluster - the engine property has been deprecataed and is now non functional as the service team intends to remove it from the API (#22497) azurerm_maintenance_configuration - tge package_names_mask_to_exclude and package_names_mask_to_exclude properties are not set properly (#22555) azurerm_redis_cache - only set the rdb_backup_enabled property when using a premium SKU (#22309) azurerm_site_recovery_replication_recovery_plan - fix an issue where the order of boot recovery groups was not correctly maintained (#22348) azurerm_synapse_firewall_rule - correct an overly strict validation for the name property (#22571)

24
 
 

FEATURES:

New Data Source: azurerm_communication_service (#22426)

ENHANCEMENTS:

dependencies: updating to v0.20230712.1084117 of github.com/hashicorp/go-azure-sdk (#22491)
dependencies: updating to v0.20230703.1101016 of github.com/tombuildsstuff/kermit (#22390)
provider: the Resource Providers Microsoft.Kubernetes and Microsoft.KubernetesConfiguration are now automatically registered (#22463)
automation/dscconfiguration - updating to API Version 2022-08-08 (#22403)
azurestackhcl - updating to API Version 2023-03-01 (#22411)
batch - updating to use API Version 2023-05-01 (#22412)
datafactory - moving azurerm_data_factory and azurerm_data_factory_managed_private_endpoint over to hashicorp/go-azure-sdk (#22409)
elastic - updating to API Version 2023-06-01 (#22451)
kusto - updating to API Version 2023-05-02 [GH-22410
managedapplications - migrate to hashicorp/go-azure-sdk (#21571)
privatedns: updating to API Version 2020-06-01 (#22470)
storage - updating to Data Plane API Version 2020-08-04 (#22405)
network - application_security_group and private_endpoint now use hashicorp/go-azure-sdk (#22396)
voiceservices: updating to use API Version 2023-04-03 (#22469)
Data Source: azurerm_kubernetes_cluster - add support for the internal_ingress_gateway_enabled and external_ingress_gateway_enabled properties (#22393)
azurerm_batch_account - support for the network_profile block (#22356)
azurerm_container_app - the min_replicas and max_replicas propertiesnow support a maximum value of 300 (#22511)
azurerm_dns_zone - can now use the host_name property with dns_zone for soa_record creation (#22312)
azurerm_kubernetes_cluster - add support for the internal_ingress_gateway_enabled and external_ingress_gateway_enabled properties (#22393)
azurerm_site_recovery_vmware_replication_policy_association - update validation to correctly handle case (#22443)

BUG FIXES:

azurerm_automation_dsc_configuration - fixing an issue where content_embedded couldn't be deserialized (#22403)
azurerm_data_factory_dataset_cosmosdb_sqlapi - fix incorrect type/error message during read (#22438)
azurerm_data_factory_dataset_mysql - fix incorrect type/error message during read (#22438)
azurerm_data_factory_dataset_postgresql - fix incorrect type/error message during read (#22438)
azurerm_logic_app_workflow - prevent crash when access_control is empty block (#22486)
azurerm_vpn_server_configuration - prevent a potential panic when setting deprecated variables (#22437)
25
 
 

1.5.3 (July 12, 2023) BUG FIXES:

core: Terraform could fail to evaluate module outputs when they are used in a provider configuration during a destroy operation (#33462)

backend/consul: When failing to save state, consul CAS failed with transaction errors no longer shows an error instance memory address, but an actual error message. (#33108)

plan renderer: Fixes crash when rendering the plan if a relevant attribute contains an integer index specified as a string. (#33475)

view more: next ›