Exclude files when publishing modules to Terraform Registry

I recently published some modules to the public Terraform registry (https://registry.terraform.io/) that contain the Terraform files and a mix of tests and other source code that are not needed when a user is pulling the module from the registry.

I was wondering if there is any possibility to define which files should end up in the registry, similar to what npm does with .npmignore.

Terraform has already a .terraformignore for preventing uploads to a remote backend, but it currently does not work for the terraform registry.

Splitting the repository in multiple smaller ones is not an option for me because I want the code and GitHub issues all in one place.

If you want to take a look at the structure of the module, you can take a look here:

Hi @ofhouse,

Unfortunately the Terraform Registry is just an index for the metadata about modules and it doesn’t contain its own copy of the files itself. When someone installs a module from the public registry, the registry returns a GitHub URL to Terraform and then Terraform retrieves the directory structure directly from your GitHub repository.

Given that design, the closest thing Terraform could do to what you asked would be to download the entire contents of the repository and then retroactively delete the “ignored” files, which I imagine would defeat your intent of optimizing what the user downloads.

1 Like

Thanks for the answer, not what I was hoping for but totally understandable since hosting a registry with its own artifacts can be an expensive hobby :grin:

Do you know if Terraform downloads the source code archive that is attached to the tag in GitHub (e.g. https://github.com/dealmore/terraform-aws-next-js/archive/v0.6.2.zip)?
Because according to this answer on StackOverflow it is possible to exclude content from the package by adding a .gitattributes file to the repository.

The exact way the Terraform Registry refers to module source code on GitHub has changed over time as GitHub’s own requirements and rate limits have change, and so I don’t think I’d recommend depending on it installing any particular way.

If my memory is correct (which it might not be), I think Terraform Registry did at one point link directly to archive files as you suggest, but then at some later point GitHub started rate limiting access to those and so the registry switched to using the Git protocol over HTTPS instead. Since those requirements are GitHub’s rather than Terraform’s, it’s possible that they will again change in the future. For that reason I would recommend against relying on this implementation detail.