Implement turnkey integration with OpenTofu

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Implement Turnkey Integration with OpenTofu

Overview

As OpenTofu gains adoption as an open-source alternative to Terraform, customers need GitLab to provide seamless integration with OpenTofu while maintaining compatibility with existing Terraform workflows. This issue proposes implementing a turnkey OpenTofu integration to meet this growing need.

Problem Statement

Currently, GitLab provides first-class support for HashiCorp Terraform, but lacks similar capabilities for OpenTofu. As organizations evaluate or migrate to OpenTofu, they need GitLab to provide equivalent functionality and a smooth transition path. Without proper OpenTofu support, users face friction when trying to adopt this alternative, potentially requiring custom workarounds or third-party solutions.

User Stories

• As a DevOps engineer, I want to use OpenTofu in my GitLab CI/CD pipelines so I can benefit from its features while maintaining my existing workflows.
• As an infrastructure architect, I want documentation on migrating from Terraform to OpenTofu in GitLab so I can plan a smooth transition for my team.
• As a platform engineer, I want GitLab to recognize and properly display OpenTofu files and outputs so I can effectively manage my infrastructure.
• As a team lead, I want both Terraform and OpenTofu to work side-by-side in our GitLab environment so we can gradually migrate without disruption.
• As a security analyst, I want GitLab's security scanning to work with OpenTofu files so I can maintain infrastructure security during and after migration.

Requirements

Functional Requirements

OpenTofu Support

• Add official support for OpenTofu binary execution in GitLab CI/CD
• Implement syntax highlighting and validation for OpenTofu-specific features
• Enable state management for OpenTofu states
• Support the full OpenTofu command set in CI/CD pipelines
• Implement OpenTofu module registry support

Compatibility with Existing Terraform Workflows

• Ensure CI/CD templates work with both Terraform and OpenTofu
• Support side-by-side usage in the same repository/project
• Maintain backward compatibility with existing Terraform configurations
• Allow using the same state storage mechanisms for both tools

Migration Paths

• Create migration guides and tools for transitioning from Terraform to OpenTofu
• Implement tooling to validate compatibility of existing code with OpenTofu
• Provide examples of migration strategies (all-at-once, gradual, hybrid)
• Document potential challenges and solutions for common migration scenarios

Documentation Updates

• Create comprehensive OpenTofu integration documentation
• Update existing Terraform documentation to include OpenTofu equivalents
• Provide examples of GitLab CI/CD configurations for OpenTofu
• Create tutorials for common OpenTofu workflows in GitLab

CI/CD Integration

• Develop OpenTofu-specific CI/CD templates
• Implement pipeline visualization for OpenTofu plan and apply stages
• Support drift detection for OpenTofu-managed resources
• Enable review apps and environments with OpenTofu

Non-Functional Requirements

• Performance: OpenTofu operations should perform equivalently to Terraform
• Scalability: Support organizations with large OpenTofu deployments
• Security: Maintain same security standards for OpenTofu as for Terraform
• Usability: Provide a consistent user experience across both tools

Technical Considerations

• Evaluate differences between Terraform and OpenTofu APIs and CLI interfaces
• Assess impact on existing state management systems
• Review implications for GitLab registry and package management
• Consider versioning strategy for OpenTofu support
• Evaluate testing requirements for ensuring compatibility

Implementation Approach

1. Add basic OpenTofu binary support in CI/CD environments
2. Implement syntax highlighting and editor support
3. Extend registry capabilities to support OpenTofu modules
4. Develop migration tooling and documentation
5. Create dedicated OpenTofu CI/CD templates
6. Update UI components to recognize and display OpenTofu resources

Success Criteria

• Users can successfully run OpenTofu operations in GitLab CI/CD
• Existing Terraform workflows continue to function without interruption
• Migration guides enable successful transitions from Terraform to OpenTofu
• Documentation comprehensively covers OpenTofu usage in GitLab
• CI/CD pipeline visualization works correctly with OpenTofu

Out of Scope

• Feature development unique to OpenTofu not present in Terraform
• Automatic conversion of Terraform code to OpenTofu-specific syntax
• Support for versions of OpenTofu not compatible with Terraform's state format
• Deep integration with OpenTofu Enterprise features (if/when they emerge)

Mockups

[Placeholder for UI mockups showing OpenTofu integration points]