Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Request to add OpenTofu as GitHub's supported ecosystem for Dependabot package updates #1236

Open
RDhar opened this issue Feb 7, 2024 · 4 comments
Open

Request to add OpenTofu as GitHub's supported ecosystem for Dependabot package updates #1236

RDhar opened this issue Feb 7, 2024 · 4 comments
Assignees
@Yantrio
Labels
accepted This issue has been accepted for implementation. blocked Issues which are blocked by inbound dependencies enhancement New feature or request

Comments

@RDhar
Copy link
Contributor

RDhar commented Feb 7, 2024
edited
Loading

OpenTofu Version

OpenTofu v1.6.1

Use Cases

For keeping up-to-date with the regular flow of dependency updates across all providers.

Attempted Solutions

Using terraform in dependabot.yml which, let's be frank, is "eugh" in 2024.

It's also interesting to note the supported version range is only >= 0.13, <= 1.5.x; I wonder why that may be...

Proposal

Use opentofu within dependabot.yml instead as a 1-to-1 replacement!

Following today's public dev-sync, here's a link to the current handling of dependabot-terraform (with a dash of Ruby).

References

https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates#supported-repositories-and-ecosystems
@RDhar RDhar added enhancement New feature or request pending-decision This issue has not been accepted for implementation nor rejected. It's still open to discussion. labels Feb 7, 2024
@RDhar RDhar changed the title Request to add OpenTofu as GitHub's support ecosystem for Dependabot package updates Request to add OpenTofu as GitHub's supported ecosystem for Dependabot package updates Feb 7, 2024
@janosdebugs janosdebugs added accepted This issue has been accepted for implementation. blocked Issues which are blocked by inbound dependencies and removed pending-decision This issue has not been accepted for implementation nor rejected. It's still open to discussion. labels Feb 13, 2024
@janosdebugs
Copy link
Contributor

Hi @RDhar thank you for this issue. We had a look with the core team and we tentatively decided to accept this issue based on Dependabot accepting us as a provider. We've assigned @Yantrio to track this down.

@joeybenamy
Copy link

Also interested in this.

@RDhar RDhar mentioned this issue Feb 24, 2024
Open
@Yantrio
Copy link
Member

Yantrio commented Apr 9, 2024

Just wanted to update people here, We've been really busy lately but this is high up on my TODO list and it will be tackled soon!

@joeybenamy
Copy link

Just wanted to update people here, We've been really busy lately but this is high up on my TODO list and it will be tackled soon!

Thanks so much! For us, this is the biggest pain point in the transition from Terraform to OpenTofu. Honestly, the only pain point since the rest was so easy!

@github-actions github-actions bot mentioned this issue Apr 16, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Yantrio Yantrio

Labels
accepted This issue has been accepted for implementation. blocked Issues which are blocked by inbound dependencies enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@Yantrio @RDhar @Evi1Pumpkin @janosdebugs @joeybenamy