I would like to personally thank #Hashicorp for providing the final push I needed to finally replace the remaining #Terraform stuff in our infrastructure. #opensource
Anyone else remember how #MariaDB company adopting the "Business Source License" for MaxScale made MaxScale and the company super-profitable? No one? Oh yeah, that's because it didn't. #Hashicorp#BUSL#opensource
As much flack as I've given #RedHat over #RHEL source shenanigans, they've kept #Ansible AWX #opensource and available to the public, very much to their credit. Tower was proprietary when they bought it and they opened it and kept it open.
And yes, this post is really about #Hashicorp. Don't do false equivalent arguments. Hashicorp definitely did the worse thing.
Idea: An #opensource#secrets manager, with a fancy web UI like #Hashicorp#Vault, that can organize secrets by folders and deployment target (dev, staging, prod) and the CLI tool can translate those folders, keys, and values into structured YAML or JSON output in addition to environment variables. Additionally, it can import secrets into new projects with structure YAML/JSON into the format.
One of the mechanisms that let #Hashicorp relicense their stack was the CLA. Whenever you see an "open core" shop (ie, they have proprietary "Enterprise" versions or extensions) and they require you to agree to a CLA before accepting a PR, be aware that the company may not be using #opensource in good faith and may relicense your contributions to be proprietary. Think twice about spending your time and efforts if such a move would bother you.
Terraform remains open-source-enough for me—and there is no viable alternative today—but I am still disappointed in HashiCorp adopting Business Source License as a customer, open source contributor, and shareholder.
I know someone will come at me for saying there is no viable alternative, so preemptively: There is no declarative alternative that’s extensively & officially supported by infrastructure providers, “more” open source, not problematically financed.
When a (VC backed) Open Source project demands from you, a community member, to sign a CLA (Contributory License Agreement) that forces you to give up your rights on your code - RUN. #Hashicorp et all who unfortunately, really sorry, kudos, love you switch their licenses to proprietary whenever they feel like it.
I don’t know what to think about it. Yes, it’s incredibly hard to create a business and a market when making everything open source. I’m not familiar with this new license and I don’t know if that’s a valid move or not.
If you're a #HashiCorpNomad user, or even just interested, and you're nervous about how today's BUSL announcement impacts your use case: please feel free to reach out to me directly: DMs here, HashiCorp Discord, or my nick at hashicorp email.
I can't promise anything, but I'd love to make sure your concerns are at least heard and any questions you have answered.
If someone is packaging #Hashicorp software and not aware of the license change, and your company uses that downstream software that now pulls in the BUSL code, and your company competes with Hashicorp in some conceivable way (deploys VMs, stores passwords, builds images), is your company now in violation and liable even if the vendor you got it from still has a (now-incompatible) MPL license in their repo? The audits of this are not going to be fun.
#HashiCorp: "We consulted with OSS licensing experts and other industry stakeholders when developing our license, so that our efforts would be in line with industry practices."
So, either they brought in OSS licensing experts to give them a participitation award or checked a checkbox while they had already made up their mind to flip off OSS folks.
The #HashiCorp license change is just the most recent example of a company that no longer needs to drive adoption with #OpenSource claims. I wrote about the phenomenon in 2021 but it's been around for about 20 years. It is not "the end of open source", just a lifecycle stage for a VC funded software startup that was leveraging it.
Unimpressed by #HashiCorp
We use #terraform in our service deployments and now the teams that do that will be having to decide what to do. All actions are going to cost.
The danger Hashicorp have to fear is if another open source fork of their current code gains traction. I can see motivation there
> While the Jitsi projects are released under the Apache License 2.0, the copyright holder and principal creator is 8x8. To ensure that we can continue making these projects available under an Open Source license, we need you to sign our Apache-based contributor license agreement as either a corporation or an individual.
I am wondering if the CLAs are OK to stop an incident like one on #hashicorp from happening.
When I heard that Teleport ist gonna change their license, I almost had a "aight, here we go again" moment after being fucked with by #Lightbend and #HashiCorp recently. Thankfully they switched to AGPL and not BSL (which I think stands for bullshit license).
The common tactics of companies "promoting #opensource" to gobble up a larger audience and then pull a bait and switch with the licensing seems to have caused me some serious PTSD.