Skip to content

Commit

Permalink
1.7.0-beta1 blog post
Browse files Browse the repository at this point in the history 
Signed-off-by: Janos <[email protected]>
  • Loading branch information
Janos committed Apr 17, 2024
1 parent 967c962 commit 3e28520
Show file tree
Hide file tree
Showing 2 changed files with 163 additions and 0 deletions.
163 changes: 163 additions & 0 deletions blog/2024-04-18-opentofu-1-7-0-beta1.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,163 @@
---
title: Get ready for OpenTofu 1.7.0-beta1
slug: opentofu-1-7-0-beta1
image: /img/blog/opentofu-1-7-0-beta1.png
---

This version brings you provider-defined functions and significant improvements from the alpha version. Now we are asking for your help again to test this version.

As with the [alpha version](/blog/help-us-test-opentofu-1-7-0-alpha1/), we did everything we could to test this version and would like you to help us test this version on **non-produiction** workloads. [Grab your copy on GitHub](https://github.com/opentofu/opentofu/releases/tag/v1.7.0-beta1) and let us know what you think using [this form](https://github.com/TODO).

:::warning

Do not test this release on a production project! It is not a stable release!

:::

## Downloading the beta release

The beta release is available exclusively from the [GitHub Releases page](https://github.com/opentofu/opentofu/releases/tag/v1.7.0-beta1). Please select the appropriate file for your platform. Here are some quick links:

| Platform/Device | Download link |
|---------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------|
| **Desktop Windows computer**<br />(64-bit) | [tofu_1.7.0-beta1_windows_amd64.zip](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_windows_amd64.zip) |
| **MacOS**<br />(Macbook M1 or higher; ARM64) | [tofu_1.7.0-beta1_darwin_arm64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_darwin_arm64.tar.gz) |
| **MacOS**<br />(Macbook pre-M1 or lower; AMD64) | [tofu_1.7.0-beta1_darwin_amd64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_darwin_amd64.tar.gz) |
| **Intel/AMD Linux computer or server**<br />(AMD64) | [tofu_1.7.0-beta1_linux_amd64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_linux_amd64.tar.gz) |
| **ARM-based Linux computer<br />or<br />Raspberry Pi 3 or higher**<br />(ARM64) | [tofu_1.7.0-beta1_linux_arm64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_linux_arm64.tar.gz) |

For the releases above, please unpack the archive and you should find the `tofu` binary inside. You can also use the [standalone installer](https://opentofu.org/docs/intro/install/standalone/) to download the release with signature verification.

## Provider-defined functions

The new Terraform provider SDK adds support for provider-defined functions you can use directly in OpenTofu. This is a significant improvement over using data sources as provider-defined functions don't increase the size of your state file and require less code to write.

TODO

## More dynamic import blocks

You can now use more dynamic import targets on `import` blocks, such as:

```hcl
import {
to = module.my_module1[locals.my_local].aws_s3_bucket.bucket[locals.my_bool ? var.var1 : var.var2]
# ...
}
```

## State encryption

State encryption is one of the flagship features of this release. Since the alpha release we overhauled the migration process from unencrypted to encrypted state files and the rollback mechanism to make the syntax more explicit.

Before you test this feature, please **make a backup** of your state file. You can then add the following block to enable state encryption:

```hcl
terraform {
encryption {
key_provider "pbkdf2" "my_passphrase" {
## Enter a passphrase here:
passphrase = ""
}
method "aes_gcm" "my_method" {
keys = key_provider.pbkdf2.my_passphrase
}
## Remove this after the migration:
method "unencrypted" "migration" {
}
state {
method = method.aes_gcm.my_method
## Remove the fallback block after migration:
fallback{
method = method.unencrypted.migration
}
## Enable this after migration:
#enforced = true
}
}
}
```

You can migrate back using the following syntax:

```hcl
terraform {
encryption {
key_provider "pbkdf2" "my_passphrase" {
## Enter a passphrase here:
passphrase = ""
}
method "aes_gcm" "my_method" {
keys = key_provider.pbkdf2.my_passphrase
}
method "unencrypted" "migration" {
}
state {
method = method.unencrypted.migration
enforced = false
fallback{
method = method.aes_gcm.my_method
}
}
}
}
```

If you have access to an AWS, GCP account, or an OpenBao/MPL-licensed HashiCorp Vault installation, you can also [test these key providers](/docs/language/state/encryption/#key-providers).

## Removed block

The removed block lets you remove a resource from the state file but keep it on the infrastructure. We have prepared a [full documentation](/docs/language/resources/syntax/#removing-resources) for this feature. You can test it by creating a resource first:

```hcl
resource "local_file" "test" {
content = "Hello world!"
filename = "test.txt"
}
```

After applying, you can replace the resource with a removed block:

```hcl
removed {
from = local_file.test
}
```

After the next apply, you will see that the `local_file.test` resource no longer exists in your state file, but the `test.txt` file should still exist on your disk. You can now remove the removed block safely.

## Built-in function changes

This release also contains several new functions and changes to existing functions:

- New function: [templatestring](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/templatestring/)
- New function: [base64gunzip](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/base64gunzip/)
- New function: [cidrcontains](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/cidrcontains/)
- New function: [urldecode](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/urldecode/)
- New function: [issensitive](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/issensitive/)
- [nonsensitive](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/nonsensitive/) no longer returns an error when the applied values are not sensitive.
- [templatefile](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/templatefile/) now supports recursion up to a depth of 1024.

## CLI changes

There are also several changes to the CLI:

- `tofu init` now supports the `-json` flag for JSON output.
- `tofu plan` now has a `-concise` flag to shorten the plan output.
- `tofu console` now works on Solaris and AIX.
- The CLI now supports the XDG directory specification.
- Aliases for `state list` &rarr; `state ls`, `state mv` &rarr; `state move`, `state rm` &rarr; `state remove`.

## Testing feature changes

- Tofu now reads the `.tfvars` file from the tests folder.

## Providing feedback

Thank you for taking the time to test this preview release. If you have any feedback, please use [this feedback form](https://github.com/opentofu/opentofu/issues/new?assignees=&labels=preview-release-feedback&projects=&template=1_7_0_alpha1_feedback.yml) or chat with us on the [OpenTofu Slack](https://opentofu.org/slack/).
Binary file added static/img/blog/opentofu-1-7-0-beta1.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit 3e28520

Please sign in to comment.