From 7b2a233a25c9d0c3fe6bbdd15911071e8afff5f2 Mon Sep 17 00:00:00 2001 From: Martin Atkins Date: Tue, 9 Dec 2025 11:10:47 -0800 Subject: [PATCH] blog: OpenTofu v1.11.0 release announcement (#396) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Martin Atkins Signed-off-by: James Humphries Signed-off-by: Diógenes Fernandes Signed-off-by: Christian Mesh Co-authored-by: James Humphries Co-authored-by: Diógenes Fernandes Co-authored-by: Christian Mesh --- blog/2025-12-09-opentofu-1-11-0.md | 75 ++++++++++++++++++++++++++++++ docusaurus.config.ts | 20 ++++---- 2 files changed, 85 insertions(+), 10 deletions(-) create mode 100644 blog/2025-12-09-opentofu-1-11-0.md diff --git a/blog/2025-12-09-opentofu-1-11-0.md b/blog/2025-12-09-opentofu-1-11-0.md new file mode 100644 index 0000000..91e882e --- /dev/null +++ b/blog/2025-12-09-opentofu-1-11-0.md @@ -0,0 +1,75 @@ +--- +title: "OpenTofu v1.11.0" +slug: opentofu-1-11-0 +description: OpenTofu 1.11.0 introduces ephemeral values and a new way to conditionally enable resources. +--- + +Today we've released OpenTofu v1.11.0, collecting together several months of work from the OpenTofu community, including some significant new features. + +## Ephemeral resources and write-only attributes + +**Ephemeral values** allow OpenTofu to work with data and resources that exist only in memory during a single OpenTofu phase, guaranteeing that those values will not be persisted in state snapshots or plan files: + +- Use [ephemeral resources](https://opentofu.org/docs/language/ephemerality/ephemeral-resources/) to request temporary access to stored credentials or network tunnels for use in provider or provisioner configurations, without the resulting values being saved in OpenTofu plan files or state snapshots. + + For example, you could use an ephemeral resource to request time-limited AWS credentials from [OpenBao](https://openbao.org/) and provide them to the `hashicorp/aws` provider, or to open a temporary SSH tunnel so that the `cyrilgdn/postgresql` provider can access a Postgres server on a remote network. + +- Use [write-only attributes](https://opentofu.org/docs/language/ephemerality/write-only-attributes/) to set resource arguments that OpenTofu needs access to only when they are changing, such as the initial administrator password for a database. + + For example, you could use an ephemeral resource to generate an SSH keypair and then save the private key in your secret store using a write-only attribute so that OpenTofu itself will not need to retain its own copy of the key material. + +For more information on these and other related OpenTofu language features, refer to [Ephemerality](https://opentofu.org/docs/language/ephemerality/). + +## `enabled` for resources and modules + +OpenTofu has traditionally allowed a module to dynamically enable or disable a particular module by using [the `count` meta-argument](https://opentofu.org/docs/v1.11/language/meta-arguments/count/) to choose between either zero or one instances of the object. + +OpenTofu v1.11.0 introduces the `enabled` meta-argument, which we hope will make it easier for readers to understand that only zero or one instances of a resource are possible: + +```hcl +variable "subnet" { + type = object({ + id = string + }) + default = null +} + +variable "enable_cluster" { + type = bool + default = false +} + +resource "aws_subnet" "example" { + # ... + + lifecycle { + enabled = var.subnet == null + } +} + +resource "aws_instance" "example" { + # ... + subnet_id = var.subnet != null ? var.subnet.id : aws_subnet.example.id + # ... +} + +module "servers" { + source = "./app-cluster" + servers = 5 + lifecycle { + enabled = var.enable_cluster + } +} +``` + +For more information, refer to [The `enabled` meta-argument](https://opentofu.org/docs/language/meta-arguments/enabled/). + +## Various other improvements + +There are numerous other improvements in OpenTofu v1.11. For more information, refer to [What's new in version v1.11](https://opentofu.org/docs/intro/whats-new/), or to [the OpenTofu v1.11.0 release notes](https://github.com/opentofu/opentofu/releases/tag/v1.11.0). + +## Download and Install + +You can download OpenTofu v1.11.0 directly from [our GitHub releases page](https://github.com/opentofu/opentofu/releases), install it using your preferred package manager, or use our official Docker images. + +**[View our installation guides](/docs/intro/install/)** diff --git a/docusaurus.config.ts b/docusaurus.config.ts index 4bd1748..3e42d4c 100644 --- a/docusaurus.config.ts +++ b/docusaurus.config.ts @@ -101,7 +101,7 @@ const config: Config = { }, docs: { includeCurrentVersion: false, - lastVersion: "v1.10", + lastVersion: "v1.11", docVersionRootComponent: "@theme/DocVersionRoot", versions: { "v1.6": { @@ -125,12 +125,12 @@ const config: Config = { }, "v1.10": { label: "1.10.x", - path: "", + path: "v1.10", + banner: "none", }, "v1.11": { - label: "1.11.x (beta)", - path: "v1.11", - banner: "none", + label: "1.11.x", + path: "", }, main: { label: "Development", @@ -217,7 +217,7 @@ const config: Config = { announcementBar: { id: "opentofu-1-11-ga", content: - '
🎉 OpenTofu 1.11.0 Beta1 is here!
', + '
🎉 OpenTofu 1.11.0 has arrived!
', backgroundColor: "#00000000", isCloseable: false, }, @@ -272,12 +272,12 @@ const config: Config = { position: "left", items: [ { - label: "v1.11.x (beta)", - href: "/docs/v1.11/", + label: "v1.11.x", + href: "/docs/", }, { - label: "v1.10.x (current)", - href: "/docs/", + label: "v1.10.x", + href: "/docs/v1.10/", }, { label: "v1.9.x",