HashiCorp Abandons Open Source for Business Source License
thenewstack.io
external-link
Like many other companies, HashiCorp has dropped the open source approach that gave its products their start for the source-available Business Source License (BSL).
  • HashiCorp is moving its products previously licensed as Open Source away from it to Business Source License (BSL) moving forward
  • Terraform is a popular Infrastructure as Code tool used for provisioning cloud resources like AWS, Azure among others
  • Terraform version 1.5.5 and earlier are still open source
  • there is a push for a community maintained open source fork if this decision is not reversed, OpenTF

Gruntwork response on the problem with BSL

Fuck’em. 'Nuff said.

We will see how this plays out… Terraform is awesome but the product would not be very popular today if open source developers hadn’t worked for 10 years for free to maintain and update it.

Now they take all their work and decides it’s not open source anymore, because hashicorp needs to make money.

I wonder how many of those “open source developers”, are actually employees of the same companies HashiCorp is accusing now of competing against them. No company is going to pay their employees to contribute to a piece of software, that they then have to buy a license for… so this can very well mean that HashiCorp is cutting off contributions from the same people most capable of contributing in the first place.

No, just new versions.

@1984@lemmy.today
link
fedilink
6
edit-2
1Y

Not so “just”. Terraform open source version went into a fork. Who will work on that one and who will continue with the hashicorp version? It’s a split in the community now, and I bet most devs will continue on the hashicorp version.

@jarfil@beehaw.org
link
fedilink
9
edit-2
1Y

I bet most devs will continue on the hashicorp version

Only the hobbyist ones. Every dev paid for by a company using the products, will be on the OpenSource fork.

It’s something companies often forget: open source, and the GPL in particular, is a way for companies to cooperate. Use the AGPL if you want to prevent unfair server-side competition. Switching to the BSL is restricting cooperation to only those with less experience.

PS: IANAL, but by reading MariaDB’s guidelines for the BSL, HashiCorp may not even have applied it correctly.

I for one am recommending pulumi for any of my teams new infrastructure needs.

@1984@lemmy.today
link
fedilink
9
edit-2
1Y

I used pulumi but it’s much worse than terraform. I didn’t used to think so before I learned terraform however.

My main reason to dislike pulumi is that you have to work around it’s async behavior in python. Maybe it’s better and more natural if you use typescript, but I had to constantly wrap methods in Outputs and other things to get the code to work.

I had to adapt my code to how pulumi worked all the time. With terraform, I just write it and it works.

So I’m using it with Python. For me it’s able to do some stuff that terrafom never would be able to (Ive got a spot where resources are generated for each file/object on disk).

Give me an example… What file on disk are you generating a pulumi resource from?

We’ve got it rigged up for aws sso. Each department can make any number of permissions sets (and link to any number of groups). The config for that is all stored in git (with code owners configured so you can only mess up your own stuff).

Sibbo
link
fedilink
21Y

Not that I’d know much about this, but can’t you easily replace terraform with some script that remotely installs NixOS?

i dont think theyre equivalent tools since Terraform is used for things like creating cloud VMs with the selected OS image, configuring subnets and route tables among other things which i dont believe NixOS is meant for

@zagaberoo@beehaw.org
link
fedilink
English
21Y

Terraform is great automation, but it really shines over scripts in a few ways:

  • intrinsic documentation for your infrastructure
  • much less brittle to differences in the initial state
  • changing your setup later doesn’t require any new script logic, just a simple config change
  • much better support for collaborative editing
GreenDot 💚
link
fedilink
English
61Y

I was hit aggressively by HC sales team last year, we are using TF and Vault, and were looking to add consul, now it is pretty vauge how it will all pan put

@jet@hackertalks.com
link
fedilink
English
121Y

For the people who continue to work on the open source fork of terraform, can HashiCorp pull their commits into their closed source BSL fork?

I would assume not, but I am curious if there’s some weird workaround of their previous license that they still own contributions

deleted by creator

@jet@hackertalks.com
link
fedilink
English
21Y

ouch… Well, with the fork they wont have to do that anymore… so thats good.

NaN
link
fedilink
English
2
edit-2
1Y

When Canonical originally had such a CLA to contribute to Ubuntu it was pretty controversial (I don’t think it was common at all at the time), this situation with HashiCorp perfectly demonstrates why.

@robyoung@beehaw.org
link
fedilink
English
51Y

The integrations with other services are implemented in plugins which are separate programs, that are installed separately, and communicate with the core over RPC. I would imagine these plugins can continue to be licensed however their owners choose. I think this license change just applies to core.

NaN
link
fedilink
English
41Y

I’m not as familiar with MPLv2 but I don’t think they can with contributions to the fork. Since those contributions won’t be part of the original “we own all your work” agreement they couldn’t simply close source those contributions.

@jarfil@beehaw.org
link
fedilink
English
11Y

From the BSL FAQ:

Q: I have written a code patch to a BSL project and would like the BSL vendor to maintain the code as part of the BSL project. How do I contribute it?

A: License your code using the “new BSD” license or dedicate it to the public domain. Code contributions under “new BSD” is compatible with BSL. See BSD on Wikipedia.

That would seem to rule out the MPLv2.

NaN
link
fedilink
English
2
edit-2
1Y

That is for continuing contributions to the commercial project, the fork should be using the old license not the BSL.

If HashiCorp is unwilling to switch Terraform back to an open source license, we propose to fork the legacy MPL-licensed Terraform

The question was if HashiCorp could take contributions to the fork and put them into their commercial product.

@jarfil@beehaw.org
link
fedilink
English
11Y

That means HashiCorp could only take contributions licensed under the BSD or public domain, or under a CLA. The fork would be none of those.

@jherazob@beehaw.org
link
fedilink
English
171Y

We were considering Vault, I guess we’ll look into alternatives now, are there any decent Free Software ones in the first place?

@thewitchofcalamari@bookwormstory.social
creator
link
fedilink
English
4
edit-2
1Y

ive not done secrets management before but i came across this list on hackernews, a few non-cloud ones use open source license https://news.ycombinator.com/item?id=37133054#37151218

but another user there have mentioned that while most of them integrate with Kubernetes and AWS, short lived DB credentials are not in any of those listed

@rothaine@beehaw.org
link
fedilink
English
21Y

I’m not an infra dev, but a previous project used SOPS and it seemed alright

I’ve been using Infisical recently and I like it a lot.

Create a post

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

  • 1 user online
  • 60 users / day
  • 170 users / week
  • 619 users / month
  • 2.31K users / 6 months
  • 1 subscriber
  • 3.28K Posts
  • 67K Comments
  • Modlog