OpenTofu: The Terraform Fork that exposed the Dark Side of Open Source

OpenTofu: The Terraform Fork that exposed the Dark Side of Open Source

Read on to find out how a bunch of companies made a once-open-source project open again, with hiccups here and there.

In the second half of last year, the Linux Foundation announced the formation of OpenTofu, initially called OpenTF, an open-source alternative to Terraform, as a response to HashiCorp moving from a Public License to a Business Source License.

If you build on cloud, there's a high chance that you've heard of Terraform or have already used it under the hood. The concern of the tech industry over this move was simply that a free tool that has been open for more than 8 years now may not be free anymore. Let's take a look at Terraform structurally to understand OpenTofu, and then look at the current happenings and how they impact the future of open source in a way.

What is Terraform?

GitHub - hashicorp/terraform: Terraform enables you to safely and  predictably create, change, and improve infrastructure. It is a  source-available tool that codifies APIs into declarative configuration  files that can be shared amongst

Source: HashiCorp via GitHub

Terraform is an Infrastructure-as-Code (IaC) tool from the house of HashiCorp. With Terraform, you can describe your infrastructure requirements, such as servers, networks, and storage, in code files known as Terraform configurations, using HashiCorp Configuration Language (HCL) or JSON, which in turn can be versioned and shared, providing a consistent and repeatable way to create, modify, and delete infrastructure resources, basically performing CRUD actions but on the infrastructural end.

In short, Terraform allows you to define and manage your infrastructure using code, which can be version-controlled and treated like any other software project.

Why Infrastructure-as-Code?

The core principles of IaC are what make it super interesting. Instead of going ahead with physical hardware configurations, IaC tools make it easy for developers to manage and provision computing infrastructure via machine-readable scripts, with the added benefit of versioning and automation, just like the applications being deployed on top of it. Any changes to the infrastructure, including scalability, can be tracked or reverted using version control software like Git, which also enables collaboration amongst teams.

Source: HashiCorp Developers

Source: HashiCorp Developers

On top of that, IaC provides the flexibility to work with different cloud providers or platforms, meaning you can use the same set of tools and scripts to manage infrastructure across various environments over multiple clouds.

How is IaC different from Git and other Version Control Systems?

As mentioned above, IaC and VCS' like Git complement each other in managing infrastructure but are different in the way that Git manages source code and tracks changes in files of an application as well, while an IaC only oversees the provisioning and management of the infrastructure of the same application.

What is Infrastructure as Code?

Source: StackPath

So, by having your Terraform configurations in Git repositories, you can play around with the versioning, branching, and collaboration of your code infrastructure, pretty much like the application the infrastructure is in place for.

What happened to Terraform?

On August 10th, 2023, HashiCorp announced that it was changing the license category of its line of products from a Mozilla public license to the Business Source License, which brought a new set of restrictions despite being free to use and open-source on paper, to the dismay of several organizations that relied on HashiCorp's offerings, especially Terraform, for their operations.

The decision does not impact the functioning of Terraform in any way but makes its future quite unpredictable, as HashiCorp now holds the power to change the license once again to its benefit without having the obligation to be transparent and disclose any changes. To the community and organizations that are dependent on Terraform, this is a big blow because HashiCorp can now potentially enforce a license fee out of the blue despite being free for close to a decade, amidst a lot of other possibilities.

Introduction and Timeline of OpenTF (now OpenTofu)

Linux Foundation Launches OpenTofu: A New Open Source Alternative to  Terraform

Source: Linux Foundation

Firing back at the commercial interests of HashiCorp, a coalition of organizations and individuals on August 15th, 2023, announced the formation of OpenTF with a manifesto. By August 25th, they had garnered the support of hundreds of organizations & individuals and forked the last public-license-backed version of Terraform after not hearing from HashiCorp (to read about this move in detail, visit this link) and launched it on September 5th.

Eventually named OpenTofu, it got accepted by the Linux Foundation on September 20th to stay truly open-sourced, under the guidance of several stakeholders, and the first stable release of OpenTofu was made publicly available on January 10th.

How is OpenTofu different from Terraform?

In terms of functionality, there's close to no difference between the two as of now, as OpenTofu is a fork of Terraform 1.5.x. The only difference is that OpenTofu is completely community-oriented, and in the words of one of its core contributors, Marcin Wyszynski, "driven exclusively by the pursuit of the community’s vision and will work for the community’s needs." Moreover, OpenTofu is a drop-in replacement for Terraform, thanks to its compatibility with Terraform versions 1.5.x and most of 1.6.x.

OpenTofu Announces General Availability

Source: Linux Foundation

The technical differences will be apparent moving forward, as both offerings continue to grow with the addition of new features, wherein OpenTofu looks far more promising as it is focused on making long-awaited Terraform features available with the community's support.

It's the goals of OpenTofu that set it apart from its competitors, backed by the Linux Foundation, which are, namely:

  • Truly open-source

  • Community-driven

  • Impartial

  • Layered and modular

  • Backward-compatible

You can read in-depth about these goals in the current manifesto.

How has HashiCorp reacted to the formation of OpenTofu?

With litigation, of course. In a post on X (formerly Twitter) on April 6th, here's what OpenTofu shared:

OpenTofu's Post on X (formerly Twitter) on Litigation by HashiCorp

In addition to the aforementioned posts, here's what else OpenTofu shared:

OpenTofu's Posts on X (formerly Twitter) in response to HashiCorp's Letter

What would be the impact of this move?

OpenTofu may continue to grow as an individual project, but the legal conflict it has run into might hinder the pace at which it's progressing. Open-source enthusiasts eagerly anticipate what lies ahead, as the outcome of this case might shape the future of corporate-led FOSS projects.

Ending Notes

Open-source projects often rely on a delicate balance of community contributions, legal frameworks, and collaborative efforts, wherein licensing is a key factor that dictates how people use, modify, and distribute it. In my opinion, the story of Terraform and OpenTofu exposes the fragility of licensing and how corporate open source can be legally flawed.

Should this influence how we work with FOSS projects? Share your thoughts in the comments!