Updating Terraform/OpenTofu packages and providers: request for review and testing

[Leonardo Taccari <leot%NetBSD.org@localhost>]

Hello folks,
in the last years I have worked on updating the Terraform and OpenTofu
packages and providers in pkgsrc-wip, introduced a
terraform/provider.mk to more easily package Terraform providers and I
would like to import them in pkgsrc after pkgsrc-2026Q1 freeze (so
please do not worry pkgsrc PMC and pkgsrc-releng! :)) if there are no
negative feedbacks.

What I worked on should permit to upgrade from Terraform 0.12.x
(current net/terraform version) to OpenTofu 1.11.x (current latest
stable version).


The visible user changes that it will introduce are:

- Terraform packages will be versioned, e.g. terraform012 will track
  Terraform 0.12.x.
- Terraform providers will no longer depends on any particular terraform
  or opentofu version. That means that after installing a provider we
  need to also install our desired Terraform or OpenTofu package
  (Strictly speaking Terraform providers are self-consistent gRPC
  servers and do not depends on Terraform.)
- Terraform and OpenTofu will pick up terraform-provider-* out of
  the box

A bit more context...

Terraform before version 1.x didn't have any "Compatibility Promises",
that means that to upgrade from Terraform 0.12.x to Terraform 1.5.x we
need to:

- upgrade to Terraform 0.13.x
- upgrade to Terraform 0.14.x
- upgrade to Terraform 1.5.x

...after that, if we would like to upgrade to OpenTofu 1.11.x we
need to:

- upgrade to OpenTofu 1.6.x
- upgrade to OpenTofu 1.11.x

Apart supporting a full migration path via pkgsrc I think it is nice to
have several Terraform/OpenTofu versions available because in possible
contexts folks may stick to a particular version (at my previous $DAYJOB
we were stuck on Terraform 0.14.x).

Similarly I have worked on terraform-provider-* so that we can install
different major versions together, e.g. terraform-provider-aws3 tracks
aws provider 3.x, terraform-provider-aws4 tracks aws provider 4.x and
so on.


I have also written wip/terraform/provider.mk, that permits to avoid
all the boilerplate for packaging Terraform providers.


So, for possible pkgsrc developers interested it would be great if you
can:

- review wip/terraform/provider.mk
  There is a kludge, but I think it is tolerable: I would like to
  override do-install: but lang/go/go-{module,package}.mk already
  overwrite them so the custom target actually defines pre-install.
  If there is some way to adjust that, please let me know!
  Also, any suggestions regarding the inline documentation is
  appreciated!
- review wip/terraform[0-9]*, wip/opentofu[0-9]* and all the
  wip/terraform-provider-* that sets
  TERRAFORM_PROVIDER_LEGACY_INSTALL=yes, they are the one that we need
  to import to not miss any functionality that we currently have.
  We can then import possible other terraform-provider-*-s

I have written some tests to exercise that via cram, they needs
devel/py-cram, net/py-moto and wip/terraform[0-9]* and
wip/opentofu[0-9]* and wip/terraform-provider-aws3 installed that you
can find at:

 <https://www.NetBSD.org/~leot/tmp/terraform-codes.tgz>


If you are currently using net/terraform or net/opentofu and some
possible net/terraform-provider-* any possible testing of the
corresponding packages in wip is very appreciated!


I have shared most of this work at EuroBSDCon 2025 at the NetBSD
developer summit and you can find my presentation at:

 <https://www.NetBSD.org/gallery/presentations/leot/eurobsdcon2025-devsummit-terraform/terraform.pdf>

I will also share this work at OpenTofu Day Europe at CNCF-Hosted
Colocated Events in Amsterdam, The Netherlands on 23 March 2026:

 <https://colocatedeventseu2026.sched.com/event/2DY5x/packaging-opentofu-in-pkgsrc-leonardo-taccari-the-netbsd-foundation>

(If you will be there feel free to contact me too! :))


Comments, feedback and/or anything else welcomed!
Thank you!