Starting Point
If you haven't heard, Hashicorp has changed the license for their Terraform repo, from the Mozilla Public License (MPL) to the Business Source License. That's bad for end users because it adds a legal risk to continued use of Terraform. You can read more about what that means here.
Fortunately, some really smart people moved fast and forked the last MPL version of the Terraform repo, and used it to create OpenTofu (previously named OpenTF). It has been adopted by the Linux Foundation as a permanent open source project, which was very nice of them to do.
Since OpenTofu advertises itself as a drop-in replacement for Terraform 1.5, I thought I'd give it a shot over coffee this morning and see if it lives up to the promise.
Getting started, here was the Terraform provider list in one of the repos:
terraform {
required_version = "~> 1.5.7"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.31.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = "2.23.0"
}
tls = {
source = "hashicorp/tls"
version = "4.0.3"
}
null = {
source = "hashicorp/null"
version = "3.1.1"
}
mongodbatlas = {
source = "mongodb/mongodbatlas"
version = "1.10.0"
}
}
# ...
}
Installation of OpenTofu on Mac was easy, as one would expect:
$ brew install opentofu
This will install the tofu
CLI, which you can test with a quick:
$ tofu -h
The output looks a whole lot like the terraform -h
, as you'd expect.
Provider Compatibility
First things first. OpenTofu's initial release is considered to be version 1.6 of the previous repo, so before I could initialize, I had to update my required_version
field:
terraform {
required_version = "1.6.0"
# ...
}
To play it safe with third-party providers compatability, I decided I would do a fresh tofu init --upgrade
. That's where I hit a snag. Most of the providers installed with no problem, but arguably the most important one for this repo didn't go well.
Well, that's a bummer. And I had run this repo about 2 weeks ago, so I knew that worked on Terraform 1.5.7.
Not to worry. I opened the provider docs and saw that (as of the time I'm writing this) it listed version 5.25.0
as the latest, so I tried that.
Interesting.
Debugging Provider Installation
You can set the TF_LOG=trace
env var to help debug anything that goes wrong in an OpenTofu command.
$ TF_LOG=trace tofu init --upgrade
This lists all of the URLs from which OpenTofu checks for available versions, just as Terraform did before it. That's how I found the published AWS provider versions:
Reading through some JSON, I found version 5.16.0
was listed, and decided to give that a go.
Booyah.
Final Result
While I have other former-Terraform repos that I'll have to migrate, it's nice to know that - at least in this first try with an existing, in-use production repo - I did manage to pull it off before finishing my coffee. Here's the final provider list:
terraform {
required_version = "1.6.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "5.16.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = "2.23.0"
}
tls = {
source = "hashicorp/tls"
version = "4.0.3"
}
null = {
source = "hashicorp/null"
version = "3.1.1"
}
mongodbatlas = {
source = "mongodb/mongodbatlas"
version = "1.10.0"
}
}
# ...
}