coder
diff --git a/‎cli/cliui/provisionerjob.go
+29-2 b/‎cli/cliui/provisionerjob.go
+29-2
diff --git a/‎cli/create.go
+33-4 b/‎cli/create.go
+33-4
diff --git a/‎cli/create_test.go
+48 b/‎cli/create_test.go
+48
diff --git a/‎coderd/coderd.go
+7 b/‎coderd/coderd.go
+7
diff --git a/‎coderd/coderd_test.go
+26 b/‎coderd/coderd_test.go
+26
diff --git a/‎coderd/database/dump.sql
+2-1 b/‎coderd/database/dump.sql
+2-1
diff --git a/‎coderd/database/migrations/000099_provisioner_job_type_dry_run.down.sql
+9 b/‎coderd/database/migrations/000099_provisioner_job_type_dry_run.down.sql
+9
diff --git a/‎coderd/database/migrations/000099_provisioner_job_type_dry_run.up.sql
+2 b/‎coderd/database/migrations/000099_provisioner_job_type_dry_run.up.sql
+2
diff --git a/‎coderd/database/models.go
+1 b/‎coderd/database/models.go
+1
diff --git a/‎coderd/parameter/compute.go
+14-5 b/‎coderd/parameter/compute.go
+14-5
@@ -1,6 +1,7 @@
 package cliui
 
 import (
+	"bytes"
 	"context"
 	"fmt"
 	"io"
@@ -35,6 +36,9 @@ type ProvisionerJobOptions struct {
 	FetchInterval time.Duration
 	// Verbose determines whether debug and trace logs will be shown.
 	Verbose bool
+	// Silent determines whether log output will be shown unless there is an
+	// error.
+	Silent bool
 }
 
 // ProvisionerJob renders a provisioner job with interactive cancellation.
@@ -133,12 +137,30 @@ func ProvisionerJob(ctx context.Context, writer io.Writer, opts ProvisionerJobOp
 		return xerrors.Errorf("logs: %w", err)
 	}
 
+	var (
+		// logOutput is where log output is written
+		logOutput = writer
+		// logBuffer is where logs are buffered if opts.Silent is true
+		logBuffer = &bytes.Buffer{}
+	)
+	if opts.Silent {
+		logOutput = logBuffer
+	}
+	flushLogBuffer := func() {
+		if opts.Silent {
+			_, _ = io.Copy(writer, logBuffer)
+		}
+	}
+
 	ticker := time.NewTicker(opts.FetchInterval)
+	defer ticker.Stop()
 	for {
 		select {
 		case err = <-errChan:
+			flushLogBuffer()
 			return err
 		case <-ctx.Done():
+			flushLogBuffer()
 			return ctx.Err()
 		case <-ticker.C:
 			updateJob()
@@ -160,8 +182,10 @@ func ProvisionerJob(ctx context.Context, writer io.Writer, opts ProvisionerJobOp
 				}
 				err = xerrors.New(job.Error)
 				jobMutex.Unlock()
+				flushLogBuffer()
 				return err
 			}
+
 			output := ""
 			switch log.Level {
 			case codersdk.LogLevelTrace, codersdk.LogLevelDebug:
@@ -176,14 +200,17 @@ func ProvisionerJob(ctx context.Context, writer io.Writer, opts ProvisionerJobOp
 			case codersdk.LogLevelInfo:
 				output = log.Output
 			}
+
 			jobMutex.Lock()
 			if log.Stage != currentStage && log.Stage != "" {
 				updateStage(log.Stage, log.CreatedAt)
 				jobMutex.Unlock()
 				continue
 			}
-			_, _ = fmt.Fprintf(writer, "%s %s\n", Styles.Placeholder.Render(" "), output)
-			didLogBetweenStage = true
+			_, _ = fmt.Fprintf(logOutput, "%s %s\n", Styles.Placeholder.Render(" "), output)
+			if !opts.Silent {
+				didLogBetweenStage = true
+			}
 			jobMutex.Unlock()
 		}
 	}
 
@@ -170,10 +170,40 @@ func create() *cobra.Command {
 			}
 			_, _ = fmt.Fprintln(cmd.OutOrStdout())
 
-			resources, err := client.TemplateVersionResources(cmd.Context(), templateVersion.ID)
+			// Run a dry-run with the given parameters to check correctness
+			after := time.Now()
+			dryRun, err := client.CreateTemplateVersionDryRun(cmd.Context(), templateVersion.ID, codersdk.CreateTemplateVersionDryRunRequest{
+				WorkspaceName:   workspaceName,
+				ParameterValues: parameters,
+			})
 			if err != nil {
-				return err
+				return xerrors.Errorf("begin workspace dry-run: %w", err)
+			}
+			_, _ = fmt.Fprintln(cmd.OutOrStdout(), "Planning workspace...")
+			err = cliui.ProvisionerJob(cmd.Context(), cmd.OutOrStdout(), cliui.ProvisionerJobOptions{
+				Fetch: func() (codersdk.ProvisionerJob, error) {
+					return client.TemplateVersionDryRun(cmd.Context(), templateVersion.ID, dryRun.ID)
+				},
+				Cancel: func() error {
+					return client.CancelTemplateVersionDryRun(cmd.Context(), templateVersion.ID, dryRun.ID)
+				},
+				Logs: func() (<-chan codersdk.ProvisionerJobLog, error) {
+					return client.TemplateVersionDryRunLogsAfter(cmd.Context(), templateVersion.ID, dryRun.ID, after)
+				},
+				// Don't show log output for the dry-run unless there's an error.
+				Silent: true,
+			})
+			if err != nil {
+				// TODO (Dean): reprompt for parameter values if we deem it to
+				// be a validation error
+				return xerrors.Errorf("dry-run workspace: %w", err)
 			}
+
+			resources, err := client.TemplateVersionDryRunResources(cmd.Context(), templateVersion.ID, dryRun.ID)
+			if err != nil {
+				return xerrors.Errorf("get workspace dry-run resources: %w", err)
+			}
+
 			err = cliui.WorkspaceResources(cmd.OutOrStdout(), resources, cliui.WorkspaceResourcesOptions{
 				WorkspaceName: workspaceName,
 				// Since agent's haven't connected yet, hiding this makes more sense.
@@ -192,7 +222,6 @@ func create() *cobra.Command {
 				return err
 			}
 
-			before := time.Now()
 			workspace, err := client.CreateWorkspace(cmd.Context(), organization.ID, codersdk.CreateWorkspaceRequest{
 				TemplateID:        template.ID,
 				Name:              workspaceName,
@@ -204,7 +233,7 @@ func create() *cobra.Command {
 				return err
 			}
 
-			err = cliui.WorkspaceBuild(cmd.Context(), cmd.OutOrStdout(), client, workspace.LatestBuild.ID, before)
+			err = cliui.WorkspaceBuild(cmd.Context(), cmd.OutOrStdout(), client, workspace.LatestBuild.ID, after)
 			if err != nil {
 				return err
 			}
 
@@ -2,6 +2,7 @@ package cli_test
 
 import (
 	"context"
+	"database/sql"
 	"fmt"
 	"os"
 	"testing"
@@ -12,6 +13,8 @@ import (
 
 	"github.com/coder/coder/cli/clitest"
 	"github.com/coder/coder/coderd/coderdtest"
+	"github.com/coder/coder/coderd/database"
+	"github.com/coder/coder/codersdk"
 	"github.com/coder/coder/provisioner/echo"
 	"github.com/coder/coder/provisionersdk/proto"
 	"github.com/coder/coder/pty/ptytest"
@@ -249,6 +252,7 @@ func TestCreate(t *testing.T) {
 		<-doneChan
 		removeTmpDirUntilSuccess(t, tempDir)
 	})
+
 	t.Run("WithParameterFileNotContainingTheValue", func(t *testing.T) {
 		t.Parallel()
 		client := coderdtest.New(t, &coderdtest.Options{IncludeProvisionerD: true})
@@ -279,6 +283,50 @@ func TestCreate(t *testing.T) {
 		<-doneChan
 		removeTmpDirUntilSuccess(t, tempDir)
 	})
+
+	t.Run("FailedDryRun", func(t *testing.T) {
+		t.Parallel()
+		client, api := coderdtest.NewWithAPI(t, &coderdtest.Options{IncludeProvisionerD: true})
+		user := coderdtest.CreateFirstUser(t, client)
+		version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, &echo.Responses{
+			Parse: echo.ParseComplete,
+			ProvisionDryRun: []*proto.Provision_Response{
+				{
+					Type: &proto.Provision_Response_Complete{
+						Complete: &proto.Provision_Complete{
+							Error: "test error",
+						},
+					},
+				},
+			},
+		})
+
+		// The template import job should end up failed, but we need it to be
+		// succeeded so the dry-run can begin.
+		version = coderdtest.AwaitTemplateVersionJob(t, client, version.ID)
+		require.Equal(t, codersdk.ProvisionerJobFailed, version.Job.Status, "job is not failed")
+		err := api.Database.UpdateProvisionerJobWithCompleteByID(context.Background(), database.UpdateProvisionerJobWithCompleteByIDParams{
+			ID: version.Job.ID,
+			CompletedAt: sql.NullTime{
+				Time:  time.Now(),
+				Valid: true,
+			},
+			UpdatedAt: time.Now(),
+			Error:     sql.NullString{},
+		})
+		require.NoError(t, err, "update provisioner job")
+
+		_ = coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
+		cmd, root := clitest.New(t, "create", "test")
+		clitest.SetupConfig(t, client, root)
+		pty := ptytest.New(t)
+		cmd.SetIn(pty.Input())
+		cmd.SetOut(pty.Output())
+
+		err = cmd.Execute()
+		require.Error(t, err)
+		require.ErrorContains(t, err, "dry-run workspace")
+	})
 }
 
 func createTestParseResponseWithDefault(defaultValue string) []*proto.Parse_Response {
 
@@ -207,6 +207,13 @@ func New(options *Options) *API {
 			r.Get("/parameters", api.templateVersionParameters)
 			r.Get("/resources", api.templateVersionResources)
 			r.Get("/logs", api.templateVersionLogs)
+			r.Route("/dry-run", func(r chi.Router) {
+				r.Post("/", api.postTemplateVersionDryRun)
+				r.Get("/{jobID}", api.templateVersionDryRun)
+				r.Get("/{jobID}/resources", api.templateVersionDryRunResources)
+				r.Get("/{jobID}/logs", api.templateVersionDryRunLogs)
+				r.Patch("/{jobID}/cancel", api.patchTemplateVersionDryRunCancel)
+			})
 		})
 		r.Route("/users", func(r chi.Router) {
 			r.Get("/first", api.firstUser)
 
@@ -96,6 +96,10 @@ func TestAuthorizeAllEndpoints(t *testing.T) {
 	require.NoError(t, err, "upload file")
 	workspaceResources, err := client.WorkspaceResourcesByBuild(ctx, workspace.LatestBuild.ID)
 	require.NoError(t, err, "workspace resources")
+	templateVersionDryRun, err := client.CreateTemplateVersionDryRun(ctx, version.ID, codersdk.CreateTemplateVersionDryRunRequest{
+		ParameterValues: []codersdk.CreateParameterRequest{},
+	})
+	require.NoError(t, err, "template version dry-run")
 
 	// Always fail auth from this point forward
 	authorizer.AlwaysReturn = rbac.ForbiddenWithInternal(xerrors.New("fake implementation"), nil, nil)
@@ -262,6 +266,27 @@ func TestAuthorizeAllEndpoints(t *testing.T) {
 			AssertAction: rbac.ActionRead,
 			AssertObject: rbac.ResourceTemplate.InOrg(template.OrganizationID).WithID(template.ID.String()),
 		},
+		"POST:/api/v2/templateversions/{templateversion}/dry-run": {
+			// The first check is to read the template
+			AssertAction: rbac.ActionRead,
+			AssertObject: rbac.ResourceTemplate.InOrg(version.OrganizationID).WithID(template.ID.String()),
+		},
+		"GET:/api/v2/templateversions/{templateversion}/dry-run/{templateversiondryrun}": {
+			AssertAction: rbac.ActionRead,
+			AssertObject: rbac.ResourceTemplate.InOrg(version.OrganizationID).WithID(template.ID.String()),
+		},
+		"GET:/api/v2/templateversions/{templateversion}/dry-run/{templateversiondryrun}/resources": {
+			AssertAction: rbac.ActionRead,
+			AssertObject: rbac.ResourceTemplate.InOrg(version.OrganizationID).WithID(template.ID.String()),
+		},
+		"GET:/api/v2/templateversions/{templateversion}/dry-run/{templateversiondryrun}/logs": {
+			AssertAction: rbac.ActionRead,
+			AssertObject: rbac.ResourceTemplate.InOrg(version.OrganizationID).WithID(template.ID.String()),
+		},
+		"PATCH:/api/v2/templateversions/{templateversion}/dry-run/{templateversiondryrun}/cancel": {
+			AssertAction: rbac.ActionRead,
+			AssertObject: rbac.ResourceTemplate.InOrg(version.OrganizationID).WithID(template.ID.String()),
+		},
 		"GET:/api/v2/provisionerdaemons": {
 			StatusCode:   http.StatusOK,
 			AssertObject: rbac.ResourceProvisionerDaemon.WithID(provisionerds[0].ID.String()),
@@ -350,6 +375,7 @@ func TestAuthorizeAllEndpoints(t *testing.T) {
 			route = strings.ReplaceAll(route, "{hash}", file.Hash)
 			route = strings.ReplaceAll(route, "{workspaceresource}", workspaceResources[0].ID.String())
 			route = strings.ReplaceAll(route, "{templateversion}", version.ID.String())
+			route = strings.ReplaceAll(route, "{templateversiondryrun}", templateVersionDryRun.ID.String())
 			route = strings.ReplaceAll(route, "{templatename}", template.Name)
 			// Only checking org scoped params here
 			route = strings.ReplaceAll(route, "{scope}", string(organizationParam.Scope))
 
@@ -0,0 +1,9 @@
+-- It's not possible to drop enum values from enum types, so the UP has "IF NOT
+-- EXISTS".
+
+-- Delete all jobs that use the new enum value.
+DELETE FROM
+    provisioner_jobs
+WHERE
+    type = 'template_version_dry_run'
+;
@@ -0,0 +1,2 @@
+ALTER TYPE provisioner_job_type
+ADD VALUE IF NOT EXISTS 'template_version_dry_run';
@@ -13,11 +13,12 @@ import (
 
 // ComputeScope targets identifiers to pull parameters from.
 type ComputeScope struct {
-	TemplateImportJobID uuid.UUID
-	OrganizationID      uuid.UUID
-	UserID              uuid.UUID
-	TemplateID          uuid.NullUUID
-	WorkspaceID         uuid.NullUUID
+	TemplateImportJobID       uuid.UUID
+	OrganizationID            uuid.UUID
+	UserID                    uuid.UUID
+	TemplateID                uuid.NullUUID
+	WorkspaceID               uuid.NullUUID
+	AdditionalParameterValues []database.ParameterValue
 }
 
 type ComputeOptions struct {
@@ -142,6 +143,14 @@ func Compute(ctx context.Context, db database.Store, scope ComputeScope, options
 		}
 	}
 
+	// Finally, any additional parameter values declared in the input
+	for _, v := range scope.AdditionalParameterValues {
+		err = compute.injectSingle(v, false)
+		if err != nil {
+			return nil, xerrors.Errorf("inject single parameter value: %w", err)
+		}
+	}
+
 	values := make([]ComputedValue, 0, len(compute.computedParameterByName))
 	for _, value := range compute.computedParameterByName {
 		values = append(values, value)
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+ALTER TYPE provisioner_job_type`
	`2`	`+ADD VALUE IF NOT EXISTS 'template_version_dry_run';`