OpenTofu 1.7.0 is out with State Encryption, Dynamic Provider-defined Functions

https://opentofu.org/blog/opentofu-1-7-0/

In the last few months since our first stable release the OpenTofu community and the core team have worked hand in hand to bring functionality to OpenTofu that has been requested for years. We are proud to announce the immediate availability of OpenTofu 1.7.0, bringing you the following highlights:

  • End-to-end state encryption protects your state file from prying eyes, no matter what storage backend you use. You can provide your encryption passphrase securely using environment variables, or use a key management system such as AWS KMS, GCP KMS, or OpenBao. This feature has been developed in collaboration with Stephan Bartels (Interhyp) and Alex Scheel from the OpenTofu community, whom we would like to thank for their work on this feature.
  • Dynamic provider-defined functions let a provider not only provide resources, but also native functions you can use in your OpenTofu code. What's more, we added an OpenTofu-only feature to let providers dynamically define custom functions based on your configuration. This enhancement allows you to fully integrate other programming languages as shown in our live stream. You can try out this functionality with our experimental Lua and Go providers.
  • The removed block lets you mark OpenTofu-created resources for removal from the state file, but still keep the infrastructure you created.
  • Loopable import blocks let you bulk-import resources declaratively in your OpenTofu code, helping with large-scale migrations.

As with the previous version, OpenTofu remains a drop-in replacement for its predecessor Terraform™ 1.5 and has easy migration paths from later versions. Check out the overhauled migration guides for detailed migration instructions. You can find the full list of changes and comprehensive examples in the documentation.

Since the first release, the OpenTofu community and adoption have been growing significantly. While we don't believe in tracking our users and don't have accurate numbers, we have seen a constant month-over-month growth in our registry usage since our launch only 4 months ago. Over just the last month our registry usage has more than doubled to well over a million requests per day.

A graph showing OpenTofu's registry usage.

Additionally, we had 65 unique contributors for this release alone and have recently reached 20,000 stars on GitHub. Since January, we have seen our community spread the word about OpenTofu, open over 200 new issues and file even more pull requests.

If you are new to OpenTofu, welcome! We started as a fork of HashiCorp's Terraform™ after its license was changed to the restrictive BUSL alongside a frequently changing licensing FAQ. OpenTofu is an infrastructure-as-code tool that lets you declaratively create cloud infrastructure with thousands of APIs by writing your own code or using one of the tens of thousands of community-provided modules.

For example, you could create an EC2 instance on AWS like this:

Code Block
resource "aws_instance" "web" {
ami = "add AMI ID here"
instance_type = "t3.micro"
}

OpenTofu's main advantage is that it records any changes to your cloud infrastructure in a state file, which allows it to later modify the same infrastructure, or tear it down if you created it as a test.

OpenTofu is first and foremost a community-driven project. We are looking forward to the continued tradition of working on issues the community deems important. For transparency and to encourage everyone to vote, we have created a list of the most upvoted issues.

While much of OpenTofu 1.8 is still in planning, we are currently finalizing a proposal for a feature that lets you use variables as module sources, backend configuration, and more. Early evaluation of variables has been requested in over 30 issues so far and is one of the most-requested features in OpenTofu.

If you have a feature you would like to see in OpenTofu, please don't hesitate to open an issue or reach out to us on Slack.

{
"by": "cube2222",
"descendants": 21,
"id": 40212617,
"kids": [
40212619,
40213245,
40213320,
40213490,
40213885
],
"score": 118,
"time": 1714493326,
"title": "OpenTofu 1.7.0 is out with State Encryption, Dynamic Provider-defined Functions",
"type": "story",
"url": "https://opentofu.org/blog/opentofu-1-7-0/"
}
{
"author": null,
"date": "2024-04-30T00:00:00.000Z",
"description": "OpenTofu 1.7.0 is now available with full state encryption, dynamic provider-defined functions, the removed and loopable import blocks, new migration guides, and much more.",
"image": "https://opentofu.org/img/blog/opentofu-1-7-0.png",
"logo": null,
"publisher": "Manifesto",
"title": "OpenTofu 1.7.0 is out with State Encryption, Dynamic Provider-Defined Functions, and more | OpenTofu",
"url": "https://opentofu.org/blog/opentofu-1-7-0/"
}
{
"url": "https://opentofu.org/blog/opentofu-1-7-0/",
"title": "OpenTofu 1.7.0 is out with State Encryption, Dynamic Provider-Defined Functions, and more | OpenTofu",
"description": "In the last few months since our first stable release the OpenTofu community and the core team have worked hand in hand to bring functionality to OpenTofu that has been requested for years. We are proud to...",
"links": [
"https://opentofu.org/blog/opentofu-1-7-0/"
],
"image": "https://opentofu.org/img/blog/opentofu-1-7-0.png",
"content": "<div><p>In the last few months <a target=\"_blank\" href=\"https://opentofu.org/blog/opentofu-is-going-ga/\">since our first stable release</a> the OpenTofu community and the core team have worked hand in hand to bring functionality to OpenTofu that has been requested for years. We are proud to announce the immediate availability of <a href=\"https://github.com/opentofu/opentofu/releases/tag/v1.7.0\" target=\"_blank\">OpenTofu 1.7.0</a>, bringing you the following highlights:</p>\n<ul>\n<li><a target=\"_blank\" href=\"https://opentofu.org/docs/v1.7/intro/whats-new/#state-encryption\"><strong>End-to-end state encryption</strong></a> protects your state file from prying eyes, no matter what storage backend you use. You can provide your encryption passphrase securely using environment variables, or use a key management system such as AWS KMS, GCP KMS, or OpenBao. <em>This feature has been developed in collaboration with Stephan Bartels (Interhyp) and Alex Scheel from the OpenTofu community, whom we would like to thank for their work on this feature.</em></li>\n<li><a target=\"_blank\" href=\"https://opentofu.org/docs/v1.7/intro/whats-new/#provider-defined-functions\"><strong>Dynamic provider-defined functions</strong></a> let a provider not only provide resources, but also native functions you can use in your OpenTofu code. What's more, we added an OpenTofu-only feature to let providers dynamically define custom functions based on your configuration. This enhancement allows you to fully integrate other programming languages as <a href=\"https://www.youtube.com/watch?v=6OXBv0MYalY\" target=\"_blank\">shown in our live stream</a>. You can try out this functionality with our experimental <a href=\"https://github.com/opentofu/terraform-provider-lua\" target=\"_blank\">Lua</a> and <a href=\"https://github.com/opentofu/terraform-provider-go\" target=\"_blank\">Go</a> providers.</li>\n<li><a target=\"_blank\" href=\"https://opentofu.org/docs/intro/whats-new/#removed-block\"><strong>The removed block</strong></a> lets you mark OpenTofu-created resources for removal from the state file, but still keep the infrastructure you created.</li>\n<li><a target=\"_blank\" href=\"https://opentofu.org/docs/intro/whats-new/#loopable-import-blocks\"><strong>Loopable import blocks</strong></a> let you bulk-import resources declaratively in your OpenTofu code, helping with large-scale migrations.</li>\n</ul>\n<p>As with the previous version, OpenTofu remains a drop-in replacement for its predecessor Terraform™ 1.5 and has easy migration paths from later versions. Check out the overhauled <a target=\"_blank\" href=\"https://opentofu.org/docs/v1.7/intro/migration/\"><strong>migration guides</strong></a> for detailed migration instructions. You can find the full list of changes and comprehensive examples <a target=\"_blank\" href=\"https://opentofu.org/docs/v1.7/intro/whats-new/\">in the documentation</a>.</p>\n<p>Since the first release, the OpenTofu community and adoption have been growing significantly. While we don't believe in tracking our users and don't have accurate numbers, we have seen a constant month-over-month growth in our registry usage since our launch only 4 months ago. Over just the last month our registry usage has more than doubled to well over a million requests per day.</p>\n<p><img alt=\"A graph showing OpenTofu's registry usage.\" src=\"https://opentofu.org/assets/images/opentofu-registry-april-2024-f9521461bf6bc2583f816431afb75c9f.svg\" /></p>\n<p>Additionally, we had 65 unique contributors for this release alone and have recently reached 20,000 stars on GitHub. Since January, we have seen our community spread the word about OpenTofu, open over 200 new issues and file even more pull requests.</p>\n<p>If you are new to OpenTofu, welcome! We started as a fork of HashiCorp's Terraform™ after its license was changed to the restrictive BUSL alongside a frequently changing licensing FAQ. OpenTofu is an infrastructure-as-code tool that lets you declaratively create cloud infrastructure with thousands of APIs by writing your own code or using one of the tens of thousands of community-provided modules.</p>\n<p>For example, you could create an EC2 instance on AWS like this:</p>\n<div><figure><figcaption>Code Block</figcaption><pre><code><span><span>resource </span><span>\"aws_instance\"</span><span> </span><span>\"web\"</span><span> </span><span>{</span><span></span><br /></span><span><span> </span><span>ami</span><span> </span><span>=</span><span> </span><span>\"add AMI ID here\"</span><span></span><br /></span><span><span> </span><span>instance_type</span><span> </span><span>=</span><span> </span><span>\"t3.micro\"</span><span></span><br /></span><span><span></span><span>}</span><br /></span></code></pre></figure></div>\n<p>OpenTofu's main advantage is that it records any changes to your cloud infrastructure in a state file, which allows it to later modify the same infrastructure, or tear it down if you created it as a test.</p>\n<p>OpenTofu is first and foremost a community-driven project. We are looking forward to the continued tradition of working on issues the community deems important. For transparency and to encourage everyone to vote, we have created <a href=\"https://github.com/opentofu/opentofu/issues/1496\" target=\"_blank\">a list of the most upvoted issues</a>.</p>\n<p>While much of OpenTofu 1.8 is still in planning, we are currently finalizing a proposal for a feature that lets you <a href=\"https://github.com/opentofu/opentofu/issues/1042\" target=\"_blank\">use variables as module sources, backend configuration, and more</a>. Early evaluation of variables has been requested in over 30 issues so far and is one of the most-requested features in OpenTofu.</p>\n<p>If you have a feature you would like to see in OpenTofu, please don't hesitate to <a href=\"https://github.com/opentofu/opentofu/issues/new/choose\" target=\"_blank\">open an issue</a> or <a href=\"https://opentofu.org/slack/\" target=\"_blank\">reach out to us on Slack</a>.</p></div>",
"author": "",
"favicon": "https://opentofu.org/favicons/android-chrome-512x512.png",
"source": "opentofu.org",
"published": "2024-04-30T00:00:00.000Z",
"ttr": 125,
"type": "article"
}