[new23d]

As an end-user, not competing with HashiCorp, this change doesn't worry me. According to their FAQ [1]:

  10. What are the usage limitations for HashiCorp’s products under BSL?
  All non-production uses are permitted. All production uses are allowed other than hosting or embedding the software in an offering competitive with HashiCorp commercial products, hosted or self-managed.

  24. Can I host the HashiCorp products as a service internal to my organization?
  Yes. The terms of the BSL allow for all non-production and production usage, except for providing competitive offerings to third parties that embed or host our software. Hosting the products for your internal use of your organization is permitted.

[1] https://www.hashicorp.com/license-faq

[JeremyNT]

Even if you don't mind abiding by the terms of the BSL, the licensing change is a signal that Hashicorp is in dire straits and doesn't know how to operate as a sustainable business. They're flailing about trying to increase revenue, and in so doing they're removing one of the core components (the open source licensing) that made their tools ubiquitous to begin with. And what will their next cash grab be?

Here's the kicker though... before the change to BSL, the future of Hashicorp didn't really matter as much, since somebody could fork their projects and keep them going. But with this licensing change, if Hashicorp shuts down one day, nobody could create a fork for several years.

So to me, whether or not I can use the software as currently licensed isn't the biggest issue. I want the ability to have an "escape hatch" should Hashicorp continue its downward trajectory or shut down completely.

[colechristensen]

Giving away most of your product for free and selling commercial services on top when it's very easy to compete with you on that front is.... well it's not a sustainable business model.

It would be troublesome if any of the vendors at $work past or present went bankrupt, this is the nature of having external vendors. I am not particularly concerned.

I was not the biggest fan of Terraform in the first place, I don't like some of the language choices, but it works better than anything else that exists out there.

[ryanisnan]

I think it should, to some extent. A really quick example comes to mind. Some of the best documentation on how to use Terraform properly comes from folks who provide competitive offerings.

I could also see someome like Amazon eventually launching a CloudFormation like tool that works natively with Terraform, but now that's off the table and I think a net negative.

It also sounds like projects like Atlantis also would be against the BSL, including self-managed installations of the tool.

[brikis98]

How do you know you're not competing with HashiCorp?

That's not meant to be a redundant or snarky question. The key issue with the BSL and that FAQ is that the wording is intentionally vague. What does "competing" mean? What does "hosting or embedding" mean? Who decides?

In order to really know if you're a competitor, you have to reach out to HashiCorp (as the FAQ tells you to do). So whether your usage is valid is not controlled by the license terms, but is instead entirely at the whim of HashiCorp. So they switched from a permissive open source license to a HashiCorp decides license: they get to decide on a case by case basis now—and they can change their mind at any time.

That is very shaky footing on which to build anything.

See https://blog.gruntwork.io/the-future-of-terraform-must-be-op... for more info.

[nikolay]

It should worry you - it hurts the ecosystem. Terraform is just a tool. The providers, modules, not supported by HashiCorp, is what makes Terraform useful. Ige the ecosystem dies, Terraform becomes useless.

[jen20]

The ecosystem outside of providers is far less important than people like to claim. Open source modules are almost all poorly scoped, often just wrapping a single resource completely unnecessarily - simultaneously over- and under-abstracted. It's also a huge security risk to pull them in.

[colechristensen]

The only providers I have ever used in production, or would likely ever consider using would be published by Hashicorp or the software vendor for the resource being managed (for example [1]). Much would need to be done to trust any other third party without good reason.

I have had similar experiences poking around other tf providers which were of apparently low quality.

[1] https://registry.terraform.io/providers/elastic/ec/latest/do...

[nikolay]

That's really not the case. Most of the provider I use are third-party - Datadog, Cloudflare, GitHub, PostreSQL, RabbitMQ, MySQL, and tons more. Regarding the module - you should choose them the way use you any other third-party library. I use reputable modules for many things that save me tons of work.

[diarrhea]

It’s not about individual usage but the ecosystem around and on top of Terraform, whose foundation just got a lot more shaky.

[orochimaaru]

It won't affect you unless you're selling tooling that embeds TF in some form. That, unfortunately, covers too wide a space and there is no telling when your offering is going to be in competition with Hashi's.

[bloopernova]

It's more that hashicorp leadership has shown themselves to be untrustworthy custodians of an infrastructure tool.