openbao
opentofu
openbao | opentofu | |
---|---|---|
14 | 41 | |
2,333 | 20,847 | |
29.6% | 7.9% | |
9.9 | 9.8 | |
5 days ago | about 18 hours ago | |
Go | Go | |
Mozilla Public License 2.0 | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
openbao
- OpenBAO: Manage, store, distribute sensitive data – secrets, certificates, keys
- Show HN: Open-source alternative to HashiCorp/IBM Vault
-
IBM Planning to Acquire HashiCorp
FWIW, most of the code and docs contributions have come from non-IBMers [0]. That said, IBM has done a lot of great work building the foundation and initial community and without them, OpenBao wouldn't be here. :-)
Speaking for myself, but I do not get any monetary compensation from IBM and I suspect this is true for all of the other non-IBM contributors.
[0]: https://github.com/openbao/openbao/releases/tag/v2.0.0-alpha...
-
Software Company HashiCorp Is Weighing a Potential Sale
on the off chance one hasn't been tracking it, there were several "we don't need your stinking BuSL" projects when this drama first started:
https://github.com/opentofu#why-opentofu (Terraform)
https://github.com/openbao/openbao#readme (Vault)
and I know of several attempts at Vagrant <https://github.com/hashicorp/vagrant/forks> but I don't believe one of them has caught traction yet
There are also some who have talked about an "open Nomad" but since I don't play in that space I can't speak to it
- OpenBAO – Fork of HashiCorp's Vault
-
OpenBao – FOSS Fork of HashiCorp Vault
Oops https://github.com/openbao/openbao/tree/development?tab=read...
-
HashiCorp Vault Forked into OpenBao
Well, lucky you, because now there's new management :-)
In all seriousness, you may want to open an issue <https://github.com/openbao/openbao/issues> as they have weighed in on a few threads here saying they're open to suggestions
Having implemented a reader for 1Password's "old" opvault format, I would imagine the threat model is not just searching, so it may be a heavy lift to coerce ~~Vault~~ OpenBao's mental model over into one that can be used as a consumer a password manager but I'll admit that would be pretty cool to unify vaultwarden and OpenBao into one stop shopping for all one's cryptographic needs
opentofu
-
OpenTofu v1.7: Enhanced Security with State File Encryption
and more.
-
OpenTofu 1.7.0 is out with State Encryption, Dynamic Provider-defined Functions
Hey!
> With OpenTofu exclusive features making such an early debut, is the intention to remain a superset of upstream Terraform functionality and spec, or allow OpenTofu to diverge and move in its own direction?
The intention is to let it diverge. There will surely be some amount of shared new features, but we're generally going our own way.
> Will you aim to stick to compatibility with Terraform providers/modules?
Yes.
Regarding providers, we might introduce some kind of superset protocol for providers at some point, for tofu-exclusive functionality, but we'll make sure to design it in a way where providers keep working with both Terraform and OpenTofu.
Regarding modules, this one will be more tricky, as there might Terraform languages features that aren't supported in OpenTofu and vice-versa. We have a proposal[0] to tackle this, and enable module authors to easily create modules with support for both, even when using some exclusive features of any one of them.
> Is the potential impact of community fragmentation on your mind as many commercial users who don’t care about open source ideology stick to the tried-and-true Hashicorp Terraform?
We've talked to a lot of people, and we've met many who see the license changes as a risk for them, while OpenTofu, with its open-source nature, is the less-risky choice. That includes large enterprises.
> Is there any intention to try and supplement the tooling around the core product to provide an answer to features like Terraform Cloud dashboard, sentinel policies and other things companies may want out of the product outside of the command line tool itself?
That's mostly covered by the companies sponsoring OpenTofu's development: Spacelift (I work here), env0, Scalr, Harness, Gruntworks.
[0]: https://github.com/opentofu/opentofu/issues/1328
- IBM to Acquire HashiCorp, Inc
-
IBM Planning to Acquire HashiCorp
Please remember to file in a calm and orderly fashion toward the exits and remember: IBM killed Centos for profit.
Terraform users can pick up their new alternative here:
https://opentofu.org/
and for those of you with Vault, you can find your new alternative here:
https://openbao.org/
-
Grant Kubernetes Pods Access to AWS Services Using OpenID Connect
OpenTofu v1.6
-
Terraform vs. AWS CloudFormation
Note: New versions of Terraform will be placed under the BUSL license, but everything created before version 1.5.x stays open-source. OpenTofu is an open-source version of Terraform that will expand on Terraform's existing concepts and offerings. It is a viable alternative to HashiCorp's Terraform, being forked from Terraform version 1.5.6. OpenTofu retained all the features and functionalities that had made Terraform popular among developers while also introducing improvements and enhancements. OpenTofu is not going to have its own providers and modules, but it is going to use its own registry for them.
-
Why CISA Is Warning CISOs About a Breach at Sisense
opentofu is solving this with proper state encryption support: https://github.com/opentofu/opentofu/issues/874
- OpenTofu Response to HashiCorp's Cease and Desist Letter
- Ask HN: What's better Terraform or AWS CDK?
-
OpenTofu: The Open Source Terraform Alternative
As with all other Linux Foundation and CNCF projects, OpenTofu is guided by the Technical Steering Committee(TSC), which works in open collaboration with the community on the development of new features, upgrades, bug fixes, etc. The current TSC consists of representatives from Harness, Spacelift, Scalr, Gruntworks, and env0.
What are some alternatives?
infisical - ♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure and prevent secret leaks.
datadog-static-analyzer - Datadog Static Analyzer
Nomad - Nomad is an easy-to-use, flexible, and performant workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications. Nomad is easy to operate and scale and has native Consul and Vault integrations.
adoptium
cryptr - Cryptr: a GUI for Hashicorp's Vault
hnrss - Custom, realtime RSS feeds for Hacker News
Gravitational Teleport - The easiest, and most secure way to access and protect all of your infrastructure.
tabby - Self-hosted AI coding assistant
nomad - CircleCI fork of nomad - use circleci/main branch
Cap'n Proto - Cap'n Proto serialization/RPC system - core tools and C++ library
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
awesome-ai-safety - 📚 A curated list of papers & technical articles on AI Quality & Safety