Version 1.9.0 of OpenTofu - the infrastructure-as-code tool forked a year ago from Hashicorp's Terraform - has been released. This release brings several significant features, including provider iteration capabilities through for_each, to enable simplified multi-zone and multi-region deployments.
According to the OpenTofu "what's new" page, for_each is a meta-argument that can be used with modules and with any resource type. It creates an instance for each item in a map or set of strings, allowing each individual instance to be created, updated or destroyed. The developers urge caution as this functionality is a significant change to how OpenTofu works - so it can only be used on static variables and locals, not those obtained from another data source or resource.
The new -exclude flag allows users to skip specific resources during plan or apply operations - effectively the opposite of the existing -target option. This feature was one of the most upvoted feature requests for this release. A simple example shows how the following configuration, when run with tofu apply -exclude local_file.b
, would cause a.txt and c.txt to be created, but not
Other improvements in this release include better early evaluation capabilities, and updates to encryption and the AzureRM and HTTP backends. There are also performance improvements.
In a post on LinkedIn, Matt Gowie from MasterPoint welcomes the new release, though urges caution due to the power of the new for_each functionality:
"If you know what you're doing and you don't point it at your own foot, [for_each] could be a fantastic addition to your IaC toolbox on tofu"
- Matt Gowie
Replying to that post, Tomas Dabašinskas from Datolabs adds:
for_each is gonna be a lifesaver for providers that require a narrow scope at provider level, e.g. OpenStack (managing multiple projects), GitHub (managing multiple organizations), PostgreSQL (managing multiple databases). So glad OpenTofu added this!"
Users on Reddit have mixed feelings with the OpenTofu project's trajectory being independent of Terraform. Some are happy with functionality added to OpenTofu that is not yet in Terraform, whilst others lament OpenTofu not keeping up with changes made to Terraform since the fork. User "wywywywy" praises the new for_each functionality:
"Wow. That's not even in terraform, right? This will simplify my code so much"
Other users comment on how for_each works similarly to Terraform Stacks - available in the commercial HCP Terraform offering but not yet in the open-source Terraform product. User "aleques-itj" laments the lack of ephemeral resources in OpenTofu - introduced last year in Terraform - with one of the OpenTofu maintainers "fooallthebar" explaining that this has not been added to OpenTofu yet because the AWS functionality is still experimental.
The post also describes how the OpenTofu Search interface now indexes documentation for more than 4,000 providers and 20,000 modules, updating every 15-30 minutes. JetBrains has announced OpenTofu support in their 2024.3 release, with features including OpenTofu-specific code completion and state encryption detection.
The news release also emphasises the success of OpenTofu since it was created as a fork of Terraform last year. The OpenTofu project has seen registry requests tripling to over 6 million per day and data transfer reaching peaks of 140 GB daily. GitHub downloads have increased by approximately 30% to 1.5 million, with the project now exceeding 23,000 GitHub stars.
Community involvement has been strong, with 49 contributors submitting over 200 pull requests for the main repository. More than 150 new issues have been created, indicating a busy user base with active community participation.
The OpenTofu team is now focusing on developing an OCI provider registry, with a working prototype already in development.