1.7.0-beta1 blog post

blog/2024-04-18-opentofu-1-7-0-beta1.md

@@ -0,0 +1,225 @@
+---
+title: Get ready for OpenTofu 1.7.0-beta1
+slug: opentofu-1-7-0-beta1
+image: /img/blog/opentofu-1-7-0-beta1.png
+---
+
+This version brings you provider-defined functions and significant improvements from the alpha version. Now we are asking for your help again to test this version.
+
+As with the [alpha version](/blog/help-us-test-opentofu-1-7-0-alpha1/), we did everything we could to test this version and would like you to help us test this version on **non-production** workloads. [Grab your copy on GitHub](https://github.com/opentofu/opentofu/releases/tag/v1.7.0-beta1) and let us know what you think using [this form](https://github.com/TODO).
+
+:::warning
+
+Do not test this release on a production project! It is not a stable release!
+
+:::
+
+## Downloading the beta release
+
+The beta release is available exclusively from the [GitHub Releases page](https://github.com/opentofu/opentofu/releases/tag/v1.7.0-beta1). Please select the appropriate file for your platform. Here are some quick links:
+
+| Platform/Device                                                                 | Download link                                                                                                                                    |
+|---------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------|
+| **Desktop Windows computer**<br />(64-bit)                                      | [tofu_1.7.0-beta1_windows_amd64.zip](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_windows_amd64.zip)     |
+| **MacOS**<br />(Macbook M1 or higher; ARM64)                                    | [tofu_1.7.0-beta1_darwin_arm64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_darwin_arm64.tar.gz) |
+| **MacOS**<br />(Macbook pre-M1 or lower; AMD64)                                 | [tofu_1.7.0-beta1_darwin_amd64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_darwin_amd64.tar.gz) |
+| **Intel/AMD Linux computer or server**<br />(AMD64)                             | [tofu_1.7.0-beta1_linux_amd64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_linux_amd64.tar.gz)   |
+| **ARM-based Linux computer<br />or<br />Raspberry Pi 3 or higher**<br />(ARM64) | [tofu_1.7.0-beta1_linux_arm64.tar.gz](https://github.com/opentofu/opentofu/releases/download/v1.7.0-beta1/tofu_1.7.0-beta1_linux_arm64.tar.gz)   |
+
+For the releases above, please unpack the archive and you should find the `tofu` binary inside. You can also use the [standalone installer](https://opentofu.org/docs/intro/install/standalone/) to download the release with signature verification.
+
+## Provider-defined functions
+
+The new Terraform provider SDK adds support for provider-defined functions you can use directly in OpenTofu. This is a significant improvement over using data sources as provider-defined functions don't increase the size of your state file and require less code to write.
+
+To test, you can use the [corefunc](https://github.com/northwood-labs/terraform-provider-corefunc) provider by Ryan Parman:
+
+```hcl
+terraform {
+  required_providers {
+    corefunc = {
+      source = "northwood-labs/corefunc"
+      version = "1.4.0"
+    }
+  }
+}
+
+provider "corefunc" {
+}
+
+output "test" {
+  value = provider::corefunc::str_snake("Hello world!")
+  # Prints: hello_world
+}
+```
+
+:::tip
+
+If you are interested in a detailed breakdown of this function and some of the unique features OpenTofu brings in this area, [join our live stream on April 24](https://www.youtube.com/watch?v=6OXBv0MYalY). 
+
+:::
+
+## Loopable import blocks
+
+We made several improvements to the declarative import blocks, most prominently you can now use the `for_each` instruction on the block.
+
+In previous OpenTofu versions, you could already use the `import` block to declaratively import resources, for example:
+
+```hcl
+resource "random_id" "test_id" {
+  byte_length = 8
+}
+
+import {
+  to = random_id.test_id
+  id = "Y2FpOGV1Mkk"
+}
+
+output "id" {
+  value = random_id.test_id.b64_url
+}
+```
+
+In this new version you can now also declaratively import resources in a loop: 
+
+```hcl
+variable "server_ids" {
+  type = list(string)
+}
+
+resource "random_id" "test_id" {
+  byte_length = 8
+  count = 2
+}
+
+import {
+  to = random_id.test_id[tonumber(each.key)]
+  id = each.value
+  for_each = {
+    for idx, item in var.server_ids: idx => item
+  }
+}
+
+output "id" {
+  value = random_id.test_id.*.b64_url
+}
+```
+
+The example above will let you specify some random IDs from a variable, and let others be automatically generated.
+
+## State encryption
+
+State encryption is one of the flagship features of this release. Since the alpha release we overhauled the migration process from unencrypted to encrypted state files and the rollback mechanism to make the syntax more explicit.
+
+Before you test this feature, please **make a backup** of your state file. You can then add the following block to enable state encryption:
+
+```hcl
+terraform {
+  encryption {
+    key_provider "pbkdf2" "my_passphrase" {
+      ## Enter a passphrase here:
+      passphrase = ""
+    }
+
+    method "aes_gcm" "my_method" {
+      keys = key_provider.pbkdf2.my_passphrase
+    }
+
+    ## Remove this after the migration:
+    method "unencrypted" "migration" {
+    }
+
+    state {
+      method = method.aes_gcm.my_method
+
+      ## Remove the fallback block after migration:
+      fallback{
+        method = method.unencrypted.migration
+      }
+      ## Enable this after migration:
+      #enforced = true
+    }
+  }
+}
+```
+
+You can migrate back using the following syntax:
+
+```hcl
+terraform {
+  encryption {
+    key_provider "pbkdf2" "my_passphrase" {
+      ## Enter a passphrase here:
+      passphrase = ""
+    }
+
+    method "aes_gcm" "my_method" {
+      keys = key_provider.pbkdf2.my_passphrase
+    }
+
+    method "unencrypted" "migration" {
+    }
+
+    state {
+      method  = method.unencrypted.migration
+      enforced = false
+      fallback{
+        method = method.aes_gcm.my_method
+      }
+    }
+  }
+}
+```
+
+If you have access to an AWS, GCP account, or an OpenBao/MPL-licensed HashiCorp Vault installation, you can also [test these key providers](/docs/language/state/encryption/#key-providers).
+
+## Removed block
+
+The removed block lets you remove a resource from the state file but keep it on the infrastructure. We have prepared a [full documentation](/docs/language/resources/syntax/#removing-resources) for this feature. You can test it by creating a resource first:
+
+```hcl
+resource "local_file" "test" {
+  content = "Hello world!"
+  filename = "test.txt"
+}
+```
+
+After applying, you can replace the resource with a removed block:
+
+```hcl
+removed {
+  from = local_file.test
+}
+```
+
+After the next apply, you will see that the `local_file.test` resource no longer exists in your state file, but the `test.txt` file should still exist on your disk. You can now remove the removed block safely.
+
+## Built-in function changes
+
+This release also contains several new functions and changes to existing functions:
+
+- New function: [templatestring](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/templatestring/)
+- New function: [base64gunzip](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/base64gunzip/)
+- New function: [cidrcontains](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/cidrcontains/)
+- New function: [urldecode](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/urldecode/)
+- New function: [issensitive](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/issensitive/)
+- [nonsensitive](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/nonsensitive/) no longer returns an error when the applied values are not sensitive.
+- [templatefile](https://1-7-0-alpha1.opentofu.pages.dev/docs/language/functions/templatefile/) now supports recursion up to a depth of 1024.
+
+## CLI changes
+
+There are also several changes to the CLI:
+
+- `tofu init` now supports the `-json` flag for JSON output.
+- `tofu plan` now has a `-concise` flag to shorten the plan output.
+- `tofu console` now works on Solaris and AIX.
+- The CLI now supports the XDG directory specification.
+- Aliases for `state list` &rarr; `state ls`, `state mv` &rarr; `state move`, `state rm` &rarr; `state remove`.
+
+## Testing feature changes
+
+- Tofu now reads the `.tfvars` file from the tests folder.
+
+## Providing feedback
+
+Thank you for taking the time to test this preview release. If you have any feedback, please use [this feedback form](https://github.com/opentofu/opentofu/issues/new?assignees=&labels=preview-release-feedback&projects=&template=1_7_0_alpha1_feedback.yml) or chat with us on the [OpenTofu Slack](https://opentofu.org/slack/).

docusaurus.config.ts

@@ -190,7 +190,7 @@ const config: Config = {
     announcementBar: {
       id: "opentofu-ga",
       content:
-        '<a target="_blank" rel="noopener noreferrer" href="/blog/our-response-to-hashicorps-cease-and-desist/">Our Response to Hashicorp\'s Cease and Desist Letter</a>',
+        'OpenTofu 1.7.0-beta1 is now availabe &mdash; <a target="_blank" rel="noopener noreferrer" href="/blog/opentofu-1-7-0-beta1/">learn more</a>.',
       backgroundColor: "#ffda18",
       textColor: "#1b1d20",
       isCloseable: false,