Same HashiCorp BSL switch. 100+ contributors. Released v2.0.0 on 2024-07-25. GitLab integrating.
HashiCorp Vault (and OpenBao) is a secrets management tool that provides secure storage, dynamic secrets generation, encryption as a service, and identity-based access control. It's used by enterprises to manage API keys, passwords, certificates, and other sensitive data across distributed infrastructure. It integrates with cloud providers, databases, and CI/CD pipelines.
OpenBao is the quieter, scrappier sibling of OpenTofu — born from the same HashiCorp BSL license change in August 2023, but with far fewer resources and a more grassroots development model. While OpenTofu had multiple companies pledging full-time developers from day one, OpenBao emerged in December 2023 as a more organic community effort, primarily initiated by IBM engineers Nathan Phelps and Joe Pearson.
The genesis was straightforward: HashiCorp Vault, the industry-standard secrets management tool, was caught in the same BSL switch as Terraform. Organizations that had built their security infrastructure around Vault suddenly faced licensing uncertainty. IBM engineers took the lead, forking the last MPL-licensed version and bringing it under the Linux Foundation umbrella.
Despite IBM's involvement, the company maintained a curious arm's-length relationship — hosting a forwarding link to the project but never officially endorsing it. This lack of corporate heavyweight sponsorship meant OpenBao had to grow more organically. The project built its Technical Steering Committee, published governing documents, and shipped 8 releases including two major versions and six bug fixes.
GitLab became a crucial ally, joining the project officially in July 2024 and achieving voting status by October. GitLab architected a native integration of OpenBao for CI/CD pipelines, providing practical enterprise validation that the fork could serve as a real Vault replacement. The collaboration was showcased at FOSDEM 2025.
OpenBao's slower, community-driven pace is both its challenge and its strength. It lacks the corporate firepower of OpenTofu, but it also demonstrates that meaningful open-source alternatives can emerge from genuine community need rather than corporate strategy.
HashiCorp switches Vault license from MPL to BSL 1.1
OpenBao v2.0.0 initial GA release
GitLab officially joins the OpenBao project
GitLab achieves voting status in OpenBao governance
OpenBao showcased at FOSDEM 2025 with GitLab CI/CD integration
Project reaches 100+ contributors and 2,800+ GitHub stars
OpenBao proved that even without massive corporate sponsorship, a fork of critical infrastructure software can gain traction through steady, community-driven development. GitLab's integration gave the project enterprise credibility, and the growing contributor base suggests sustainable momentum.
The project also highlighted that HashiCorp's BSL switch created vulnerabilities across their entire product portfolio, not just Terraform. Organizations evaluating Vault alternatives now have a genuine open-source option, which was precisely what HashiCorp hoped to prevent.