Split CI/CD pipeline into separate test and publish jobs with comprehensive template validation

[Copilot]

This PR implements a streamlined CI/CD pipeline that separates PR testing from production deployment using two distinct GitHub Actions jobs. The solution follows Coder's recommended patterns while providing comprehensive testing and proper resource management.

Key Changes

Two-Job Architecture:

• Test Job (Pull Requests): Validates Terraform syntax and formatting, tests template deployment with temporary resources using ci-{short_sha} naming, and performs automatic cleanup
• Publish Job (Main Branch): Handles production deployment with proper template versioning

Enhanced Testing Pipeline:

• Dedicated Terraform linting with terraform init, terraform fmt -check -diff and validation
• Template deployment testing using commit-specific naming (kubernetes-ci-{short_sha})
• Workspace creation and verification with proper workspace parameters (cpu=2, memory=2, home_disk_size=10)
• Comprehensive cleanup of both templates and workspaces

Production Deployment:

• Clean separation between testing and production workflows
• Proper template versioning and activation for main branch merges
• Clear logging and error handling
• Template variable configuration with namespace=coder-workspace

Code Quality Improvements:

• Template directory specification using -d template-kubernetes option
• Proper separation of template variables (used during push) from workspace parameters (used during creation)
• Enhanced cleanup procedures with error handling
• Template naming optimized for Coder's 32 character limit

The workflow ensures templates are syntactically correct, properly formatted, and can be successfully deployed before merging, while maintaining clean separation between test and production environments.

Fixes #14.

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

[Copilot]

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses

I tried to connect to the following addresses, but was blocked by firewall rules:

• checkpoint-api.hashicorp.com
  • Triggering command: terraform fmt -check -diff (dns block)
• esm.ubuntu.com
  • Triggering command: /usr/lib/apt/methods/https (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[Copilot]

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses

I tried to connect to the following addresses, but was blocked by firewall rules:

• checkpoint-api.hashicorp.com
  • Triggering command: terraform init (dns block)
  • Triggering command: terraform validate (dns block)
  • Triggering command: terraform fmt (dns block)
• esm.ubuntu.com
  • Triggering command: /usr/lib/apt/methods/https (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[Copilot]

Pull Request Overview

This PR restructures the CI/CD pipeline to implement a two-job architecture that separates testing for pull requests from production deployment on the main branch. The changes enhance the validation process and provide comprehensive testing of Coder templates before production deployment.

• Split single job into separate test and publish workflows for better separation of concerns
• Added comprehensive Terraform validation and template deployment testing for PRs
• Introduced temporary resource naming with automatic cleanup for test environments

Reviewed Changes

Copilot reviewed 2 out of 4 changed files in this pull request and generated 3 comments.

File	Description
.github/workflows/coder-template-update.yaml	Complete restructure into separate test and publish jobs with enhanced validation and cleanup
validate.sh	New local validation script for Terraform template testing