The DevSecOps Talks Podcast #85 - Is It Time for OpenTofu? Our HashiConf Takeaways
Oct 23, 2025
The discussion dives into ten years of HashiConf, focusing on significant Terraform updates. The integration of Terraform Actions with Ansible is explored, highlighting use cases for day-two workflows. Risks associated with self-hosting tackle recent GitLab incidents. Listeners learn about new HCP-only features and their implications for enterprise targeting. There's an interesting look at Project Infograph, aiming to centralize product data for AI integration. Finally, the team reflects on the rise of OpenTofu and its potential impact on the open-source community.
AI Snips
Chapters
Transcript
Episode notes
Use Terraform Actions For Day-Two Tasks
- Use Terraform Actions plus Ansible for follow-up day-two tasks like cache invalidation instead of hacks like null_resource bash scripts.
- Integrate Ansible only when immutable infrastructure can't cover required post-deploy operations.
Cautionary Tale About Self-Hosting GitLab
- Andrey recounts seeing Red Hat's GitLab breach and warns against public self-hosting without proper protection.
- He recommends at least placing self-hosted GitLab behind a VPN instead of exposing it to the internet.
Stacks Are A Platform Engineering Play
- Terraform Stacks give a higher-level platform abstraction to group components and orchestrate deployments across environments.
- HashiCorp positions stacks as a platform-engineering play that favors HCP customers.