1.4.1.1. One Module, One Repository
In practice, the "One Module, One Repository" organization strategy is recommended, meaning each Terraform module possesses its own independent Git repository. Although this approach may seem to increase the number of repositories at first glance, it offers significant advantages in terms of module governance, version management, and community collaboration.
First, version control becomes much clearer and more manageable. When each module has an independent repository, changes to a module can be released with independent version tags. These are then automatically recognized and synced by the Terraform Registry. This allows module consumers to depend precisely on a specific version of a module, ensuring consistency in infrastructure behavior. Conversely, if all modules are consolidated into a single repository (monorepo), every release must capture the state of the entire codebase. Changes between modules are difficult to release independently, introducing complexity to dependency management and change tracking.
Second, it offers stronger isolation and greater flexibility in collaboration. By decoupling modules into separate repositories, different teams can take responsibility for maintaining their respective modules without worrying about interfering with the development and release cycles of others. Furthermore, permissions, code review processes, and CI/CD pipelines can be customized with greater flexibility for each module.
While this pattern may result in a proliferation of repositories, this is considered beneficial complexity. As long as uniform naming conventions and governance systems are established at the organizational level (to be detailed later), this complexity can be effectively managed.
This distinction sets open-source Terraform Module projects—like Azure Verified Modules—apart from the governance models of other common open-source software. Such projects involve managing hundreds, or even thousands, of repositories that are highly consistent in structure yet diverse in implementation code, all while adhering to uniformly high standards. Consequently, this requires specialized management approaches and toolchains.