-
Notifications
You must be signed in to change notification settings - Fork 22
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* 1.7.0-beta1 blog post Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> * Extended blog post Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> * Fixed functions example Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> * Live stream link Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> * Language fix Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> * Output in example Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: James Humphries <James@james-humphries.co.uk> Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> * Blog post fixes Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> * Links Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> * Added for_each link Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> --------- Signed-off-by: Janos <86970079+janosdebugs@users.noreply.github.com> Co-authored-by: James Humphries <James@james-humphries.co.uk>
- Loading branch information
Showing
4 changed files
with
230 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,228 @@ | ||
--- | ||
title: Get ready for OpenTofu 1.7.0-beta1 | ||
slug: opentofu-1-7-0-beta1 | ||
image: /img/blog/opentofu-1-7-0-beta1.png | ||
--- | ||
|
||
This version includes provider-defined functions and significant improvements from the alpha version. | ||
|
||
As with the [alpha version](/blog/help-us-test-opentofu-1-7-0-alpha1/), we did everything we could to test this version and would like to ask for the help of the community to help us test this version on **non-production** workloads. [Grab your copy on GitHub](https://github.com/opentofu/opentofu/releases/tag/v1.7.0-beta1) and let us know what you think using [this form](https://github.com/opentofu/opentofu/issues/new?assignees=&labels=preview-release-feedback&projects=&template=1_7_0_beta1_feedback.yml). | ||
|
||
:::warning | ||
|
||
Do not test this release on a production project! It is not a stable release! | ||
|
||
::: | ||
|
||
## Downloading the beta release | ||
|
||
The beta release is available exclusively from the [GitHub Releases page](https://github.com/opentofu/opentofu/releases/tag/v1.7.0-beta1). Please select the appropriate file for your platform. Here are some quick links: | ||
|
||
| Platform/Device | Download link | | ||
|---------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------| | ||
| **Desktop Windows computer**<br />(64-bit) | [tofu_1.7.0-beta1_windows_amd64.zip](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_windows_amd64.zip) | | ||
| **MacOS**<br />(Macbook M1 or higher; ARM64) | [tofu_1.7.0-beta1_darwin_arm64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_darwin_arm64.tar.gz) | | ||
| **MacOS**<br />(Macbook pre-M1 or lower; AMD64) | [tofu_1.7.0-beta1_darwin_amd64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_darwin_amd64.tar.gz) | | ||
| **Intel/AMD Linux computer or server**<br />(AMD64) | [tofu_1.7.0-beta1_linux_amd64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_linux_amd64.tar.gz) | | ||
| **ARM-based Linux computer<br />or<br />Raspberry Pi 3 or higher**<br />(ARM64) | [tofu_1.7.0-beta1_linux_arm64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_linux_arm64.tar.gz) | | ||
|
||
For the releases above, please unpack the archive and you should find the `tofu` binary inside. You can also use the [standalone installer](https://opentofu.org/docs/intro/install/standalone/) to download the release with signature verification. | ||
|
||
## Provider-defined functions | ||
|
||
The new Terraform Plugin SDK added support for provider-defined functions that you can use directly in OpenTofu. This is a significant improvement over using data sources as provider-defined functions don't increase the size of your state file and require less code to write. | ||
|
||
If you want to test provider-defined functions, you can use the [corefunc](https://library.tf/providers/northwood-labs/corefunc/latest) provider by [Ryan Parman](https://github.com/skyzyx): | ||
|
||
```hcl | ||
terraform { | ||
required_providers { | ||
corefunc = { | ||
source = "northwood-labs/corefunc" | ||
version = "1.4.0" | ||
} | ||
} | ||
} | ||
provider "corefunc" { | ||
} | ||
output "test" { | ||
value = provider::corefunc::str_snake("Hello world!") | ||
# Prints: hello_world | ||
} | ||
``` | ||
|
||
:::tip | ||
|
||
If you are interested in a detailed breakdown of this functionality and some of the new unique features OpenTofu brings in this area, [join our live stream on April 24](https://www.youtube.com/watch?v=6OXBv0MYalY). | ||
|
||
::: | ||
|
||
## Loopable import blocks | ||
|
||
We made several improvements to the declarative import blocks, most prominently you can now use the `for_each` instruction on the block. We have prepared a [full documentation](https://1-7-0-beta1.opentofu.pages.dev/docs/language/import/#importing-multiple-resources) for this feature. | ||
|
||
In previous OpenTofu versions, you could already use the `import` block to declaratively import resources, for example: | ||
|
||
```hcl | ||
resource "random_id" "test_id" { | ||
byte_length = 8 | ||
} | ||
import { | ||
to = random_id.test_id | ||
id = "Y2FpOGV1Mkk" | ||
} | ||
output "id" { | ||
value = random_id.test_id.b64_url | ||
} | ||
``` | ||
|
||
In this new version you can now also declaratively import resources in a loop: | ||
|
||
```hcl | ||
variable "server_ids" { | ||
type = list(string) | ||
} | ||
resource "random_id" "test_id" { | ||
byte_length = 8 | ||
count = 2 | ||
} | ||
import { | ||
to = random_id.test_id[tonumber(each.key)] | ||
id = each.value | ||
for_each = { | ||
for idx, item in var.server_ids: idx => item | ||
} | ||
} | ||
output "id" { | ||
value = random_id.test_id.*.b64_url | ||
} | ||
``` | ||
|
||
The example above will let you specify some random IDs from a variable, and let others be automatically generated. | ||
|
||
## State encryption | ||
|
||
State encryption is one of the flagship features of this release. We have prepared a [full documentation](https://1-7-0-beta1.opentofu.pages.dev/docs/language/state/encryption/) for this feature. Since the alpha release we overhauled the migration process from unencrypted to encrypted state files and the rollback mechanism to make the syntax more explicit. | ||
|
||
Before you test this feature, please **make a backup** of your state file. You can then add the following block to enable state encryption: | ||
|
||
```hcl | ||
terraform { | ||
encryption { | ||
key_provider "pbkdf2" "my_passphrase" { | ||
## Enter a passphrase here: | ||
passphrase = "" | ||
} | ||
method "aes_gcm" "my_method" { | ||
keys = key_provider.pbkdf2.my_passphrase | ||
} | ||
## Remove this after the migration: | ||
method "unencrypted" "migration" { | ||
} | ||
state { | ||
method = method.aes_gcm.my_method | ||
## Remove the fallback block after migration: | ||
fallback{ | ||
method = method.unencrypted.migration | ||
} | ||
## Enable this after migration: | ||
#enforced = true | ||
} | ||
} | ||
} | ||
``` | ||
|
||
You can migrate back using the following syntax: | ||
|
||
```hcl | ||
terraform { | ||
encryption { | ||
key_provider "pbkdf2" "my_passphrase" { | ||
## Enter a passphrase here: | ||
passphrase = "" | ||
} | ||
method "aes_gcm" "my_method" { | ||
keys = key_provider.pbkdf2.my_passphrase | ||
} | ||
method "unencrypted" "migration" { | ||
} | ||
state { | ||
method = method.unencrypted.migration | ||
enforced = false | ||
fallback{ | ||
method = method.aes_gcm.my_method | ||
} | ||
} | ||
} | ||
} | ||
``` | ||
|
||
If you have access to an AWS, GCP account, or an OpenBao/MPL-licensed HashiCorp Vault installation, you can also [test these key providers](/docs/language/state/encryption/#key-providers). | ||
|
||
## Removed block | ||
|
||
The removed block lets you remove a resource from the state file but keep it on the infrastructure. We have prepared a [full documentation](/docs/language/resources/syntax/#removing-resources) for this feature. You can test it by creating a resource first: | ||
|
||
```hcl | ||
resource "local_file" "test" { | ||
content = "Hello world!" | ||
filename = "test.txt" | ||
} | ||
``` | ||
|
||
After applying, you can replace the resource with a removed block: | ||
|
||
```hcl | ||
removed { | ||
from = local_file.test | ||
} | ||
``` | ||
|
||
After the next apply, you will see that the `local_file.test` resource no longer exists in your state file, but the `test.txt` file should still exist on your disk. You can now remove the removed block safely. | ||
|
||
## Built-in function changes | ||
|
||
This release also contains several new functions and changes to existing functions: | ||
|
||
- New function: [templatestring](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/templatestring/) | ||
- New function: [base64gunzip](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/base64gunzip/) | ||
- New function: [cidrcontains](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/cidrcontains/) | ||
- New function: [urldecode](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/urldecode/) | ||
- New function: [issensitive](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/issensitive/) | ||
- [nonsensitive](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/nonsensitive/) no longer returns an error when the applied values are not sensitive. | ||
- [templatefile](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/templatefile/) now supports recursion up to a depth of 1024. | ||
|
||
## CLI changes | ||
|
||
There are also several changes to the CLI: | ||
|
||
- `tofu init` now supports the `-json` flag for JSON output. | ||
- `tofu plan` now has a `-concise` flag to shorten the plan output. | ||
- `tofu console` now works on Solaris and AIX. | ||
- The CLI now supports the XDG directory specification. | ||
- Aliases for: | ||
- `state list` → `state ls` | ||
- `state mv` → `state move` | ||
- `state rm` → `state remove` | ||
|
||
## Testing feature changes | ||
|
||
- Tofu now reads the `.tfvars` file from the tests folder. | ||
|
||
## Providing feedback | ||
|
||
Thank you for taking the time to test this preview release. If you have any feedback, please use [this feedback form](https://github.com/opentofu/opentofu/issues/new?assignees=&labels=preview-release-feedback&projects=&template=1_7_0_beta1_feedback.yml) or chat with us on the [OpenTofu Slack](https://opentofu.org/slack/). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Submodule opentofu-repo
updated
1623 files
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.