this post was submitted on 19 Aug 2023
115 points (100.0% liked)

Technology

37716 readers
733 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 
  • HashiCorp is moving its products previously licensed as Open Source away from it to Business Source License (BSL) moving forward
  • Terraform is a popular Infrastructure as Code tool used for provisioning cloud resources like AWS, Azure among others
  • Terraform version 1.5.5 and earlier are still open source
  • there is a push for a community maintained open source fork if this decision is not reversed, OpenTF

Gruntwork response on the problem with BSL

all 29 comments
sorted by: hot top controversial new old
[–] [email protected] 52 points 1 year ago (3 children)

We will see how this plays out... Terraform is awesome but the product would not be very popular today if open source developers hadn't worked for 10 years for free to maintain and update it.

Now they take all their work and decides it's not open source anymore, because hashicorp needs to make money.

[–] [email protected] 12 points 1 year ago (1 children)

I for one am recommending pulumi for any of my teams new infrastructure needs.

[–] [email protected] 10 points 1 year ago* (last edited 1 year ago) (1 children)

I used pulumi but it's much worse than terraform. I didn't used to think so before I learned terraform however.

My main reason to dislike pulumi is that you have to work around it's async behavior in python. Maybe it's better and more natural if you use typescript, but I had to constantly wrap methods in Outputs and other things to get the code to work.

I had to adapt my code to how pulumi worked all the time. With terraform, I just write it and it works.

[–] [email protected] 1 points 1 year ago (1 children)

So I'm using it with Python. For me it's able to do some stuff that terrafom never would be able to (Ive got a spot where resources are generated for each file/object on disk).

[–] [email protected] 1 points 1 year ago (1 children)

Give me an example... What file on disk are you generating a pulumi resource from?

[–] [email protected] 1 points 1 year ago

We've got it rigged up for aws sso. Each department can make any number of permissions sets (and link to any number of groups). The config for that is all stored in git (with code owners configured so you can only mess up your own stuff).

[–] [email protected] 11 points 1 year ago

I wonder how many of those "open source developers", are actually employees of the same companies HashiCorp is accusing now of competing against them. No company is going to pay their employees to contribute to a piece of software, that they then have to buy a license for... so this can very well mean that HashiCorp is cutting off contributions from the same people most capable of contributing in the first place.

[–] [email protected] 4 points 1 year ago (1 children)
[–] [email protected] 6 points 1 year ago* (last edited 1 year ago) (1 children)

Not so "just". Terraform open source version went into a fork. Who will work on that one and who will continue with the hashicorp version? It's a split in the community now, and I bet most devs will continue on the hashicorp version.

[–] [email protected] 9 points 1 year ago* (last edited 1 year ago)

I bet most devs will continue on the hashicorp version

Only the hobbyist ones. Every dev paid for by a company using the products, will be on the OpenSource fork.

It's something companies often forget: open source, and the GPL in particular, is a way for companies to cooperate. Use the AGPL if you want to prevent unfair server-side competition. Switching to the BSL is restricting cooperation to only those with less experience.

PS: IANAL, but by reading MariaDB's guidelines for the BSL, HashiCorp may not even have applied it correctly.

[–] [email protected] 16 points 1 year ago (3 children)

We were considering Vault, I guess we'll look into alternatives now, are there any decent Free Software ones in the first place?

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago)

ive not done secrets management before but i came across this list on hackernews, a few non-cloud ones use open source license https://news.ycombinator.com/item?id=37133054#37151218

but another user there have mentioned that while most of them integrate with Kubernetes and AWS, short lived DB credentials are not in any of those listed

[–] [email protected] 2 points 1 year ago

I'm not an infra dev, but a previous project used SOPS and it seemed alright

[–] devious 2 points 1 year ago

I've been using Infisical recently and I like it a lot.

[–] [email protected] 13 points 1 year ago

What a shame.

[–] [email protected] 12 points 1 year ago (3 children)

For the people who continue to work on the open source fork of terraform, can HashiCorp pull their commits into their closed source BSL fork?

I would assume not, but I am curious if there's some weird workaround of their previous license that they still own contributions

[–] [email protected] 5 points 1 year ago

The integrations with other services are implemented in plugins which are separate programs, that are installed separately, and communicate with the core over RPC. I would imagine these plugins can continue to be licensed however their owners choose. I think this license change just applies to core.

[–] [email protected] 4 points 1 year ago (1 children)

I’m not as familiar with MPLv2 but I don’t think they can with contributions to the fork. Since those contributions won’t be part of the original “we own all your work” agreement they couldn’t simply close source those contributions.

[–] [email protected] 1 points 1 year ago (1 children)

From the BSL FAQ:

Q: I have written a code patch to a BSL project and would like the BSL vendor to maintain the code as part of the BSL project. How do I contribute it?

A: License your code using the “new BSD” license or dedicate it to the public domain. Code contributions under “new BSD” is compatible with BSL. See BSD on Wikipedia.

That would seem to rule out the MPLv2.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

That is for continuing contributions to the commercial project, the fork should be using the old license not the BSL.

If HashiCorp is unwilling to switch Terraform back to an open source license, we propose to fork the legacy MPL-licensed Terraform

The question was if HashiCorp could take contributions to the fork and put them into their commercial product.

[–] [email protected] 1 points 1 year ago

That means HashiCorp could only take contributions licensed under the BSD or public domain, or under a CLA. The fork would be none of those.

[–] [email protected] 6 points 1 year ago

I was hit aggressively by HC sales team last year, we are using TF and Vault, and were looking to add consul, now it is pretty vauge how it will all pan put

[–] [email protected] 5 points 1 year ago

Fuck'em. 'Nuff said.

[–] [email protected] 2 points 1 year ago (1 children)

Not that I'd know much about this, but can't you easily replace terraform with some script that remotely installs NixOS?

[–] [email protected] 4 points 1 year ago (1 children)

i dont think theyre equivalent tools since Terraform is used for things like creating cloud VMs with the selected OS image, configuring subnets and route tables among other things which i dont believe NixOS is meant for

[–] [email protected] 2 points 1 year ago

Terraform is great automation, but it really shines over scripts in a few ways:

  • intrinsic documentation for your infrastructure
  • much less brittle to differences in the initial state
  • changing your setup later doesn't require any new script logic, just a simple config change
  • much better support for collaborative editing