From de46eb31d817a5d22390ab60fef7026056aa1a5b Mon Sep 17 00:00:00 2001 From: Robert Fairburn <8029478+rfairburn@users.noreply.github.com> Date: Mon, 27 Jan 2025 12:09:17 -0600 Subject: [PATCH] Terraform why this way (#25746) For #18191 Why add another repo? Terraform clones the entire repo for every submodule used when running `terraform init`. For our monorepo, that is 11GB, which significantly slows down deployment speed using Terraform. By moving our Terraform modules to a dedicated repo, we reduce this to <1MB, which will shave minutes off of `terraform init` for anyone who uses it. Because our CI deployment runs `terraform init` on every environment, this will result in savings of several hours of CI runners per month. --------- Co-authored-by: Luke Heath --- handbook/company/why-this-way.md | 1 + 1 file changed, 1 insertion(+) diff --git a/handbook/company/why-this-way.md b/handbook/company/why-this-way.md index 806adc1aeb..6331a85de7 100644 --- a/handbook/company/why-this-way.md +++ b/handbook/company/why-this-way.md @@ -132,6 +132,7 @@ The only exceptions are: 4. **Software vulnerabilities:** Since GitHub only allows one latest release per repository, we currently maintain two repositories to host our CVE/CPE database releases: - _vulnerabilities:_ [`fleetdm/vulnerabilities`](https://github.com/fleetdm/vulnerabilities) - _nvd:_ [`fleetdm/nvd`](https://github.com/fleetdm/nvd) +5. **Terraform modules:** Since Terraform clones the entire repo once per tagged version of a module, we maintain a separate repo for Terraform modules at [fleetdm/fleet-terraform](https://github.com/fleetdm/fleet-terraform) to expedite deployments using `terraform init`. Besides the exceptions above, Fleet does not use any other repositories. Other GitHub repositories in `fleetdm` should be archived and made private.