I think the license change is a pretty bad reason to feel smug - unless you are building a competitor to or platform on top of Terraform. Spacelift is stuck in a weird place because of this, but most users won't be.

Technically, according to HashiCorp's BSL, using GitHub Actions to apply Terraform could be a license violation.

I... do not think so? Yes, creating a commercial github action to apply terraform would, but any non-commercial and/or non-distributed one should be fine, no?

> You may make production use of the Licensed Work, provided such use does not include offering the Licensed Work to third parties on a hosted or embedded basis which is competitive with HashiCorp's products.

Using GitHub Actions to deploy your Terraform code (you becoming the third party) is competitive with HashiCorp's products. There is no delineation about commercialization.

HashiCorp probably won't come after you, but to me it shows this wasn't really thought through or it's maliciously ambiguous.

But you are the second party, there is no third party involved when you use the software for yourself.

You're not using the software, you're using it on a 3rd party (GitHub).

You running a thing on third-party infrastructure for your own use is now offering the licensed work to third parties? How do you figure?

No, I don't see how you could arrive at that interpretation. Unless you're providing a "competitive offering" invoking terraform on Github Actions, or on any platform, or on your laptop, going by terms of their BSL that would not constitute a license violation.

This doesn't affect day to day operations for the vast majority of users, though. Unless you're these guys (and maybe Pulumi and a handful of others), one's ability to use Terraform as the way you manage your cloud infrastructure is unaffected.

Not necessarily true, see my comment above. The BSL additional grant statement is vague enough that it should be reviewed by legal departments.

That really seems like a misunderstanding - you building something for your own use is not offering a service to third parties.

I think everyone who use terraform to manage cloud infra eventually end up hating it anyway.

Hate is a very strong claim. Nothing is perfect but in my experience all of the strong negative reactions were fundamentally attribution error where some combination of culture, limited technical depth, and poor architecture skills created a problem but it was politically appealing to say it was Terraform rather than, say, not reading a plan before destroying resources or building something far more complicated than the business needed.

In every case, the same people made the same mistakes with other tools. A common trait was that they [incorrectly] thought they were rock star developers and boring details like how their code actually runs were beneath them so they wasted huge amounts of time on deep module structures (or with CDK, elaborate TypeScript hierarchies) but resisted learning how the AWS resources they used actually worked.

I love Pulumi, but I can't in good conscience hand it to a group of developers when I know at least one of them will want to be extremely clever and abuse the fact that it runs real code to do cursed things that will make the code not just not idempotent (i.e. picking the most recent secret from somewhere, or a new AMI), but anti-idempotent (it doesn't run the second time around, it does things to the filesystem, it provisions things outside of the pulumi ecosystem).

Much easier to hand them Terraform and reject anything with local-exec provisioner, the official worst piece of terraform.

local-exec is like Rust’s unsafe: essential when you need it but something which should stick out in reviews to make sure it actually is needed.

We avoid it entirely. If it can't be done in Terraform, it must be done outside Terraform and fed in via variables.

Though of course there's also teams that run ansible from it with lots of implicit settings, making it a pain to move from dev machines to CI.

I mean, everyone who uses any could infra tool ends up hating it for some reason or another, there's nothing close to perfection in that realm!

Sure, you can. It's still probably the best way to spin up a lot of cloud resources, though.