feat: extract version bump logic into reusable script

Co-authored-by: Atif Ali <atif@coder.com>

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,18 @@
+## Choose a PR Template
+
+Please select the appropriate PR template for your contribution:
+
+- 🆕 [New Module](?template=new_module.md) - Adding a new module to the registry
+- 🐛 [Bug Fix](?template=bug_fix.md) - Fixing an existing issue
+- ✨ [Feature](?template=feature.md) - Adding new functionality to a module
+- 📝 [Documentation](?template=documentation.md) - Improving docs only
+
+---
+
+If you've already started your PR, add `?template=TEMPLATE_NAME.md` to your URL.
+
+### Quick Checklist
+
+- [ ] Tests pass (`bun test`)
+- [ ] Code formatted (`bun run fmt`)
+- [ ] Following contribution guidelines

.github/PULL_REQUEST_TEMPLATE/bug_fix.md

@@ -0,0 +1,22 @@
+## Bug Fix: [Brief Description]
+
+**Module:** `registry/[namespace]/modules/[module-name]`
+**Version:** `v1.2.3` → `v1.2.4`
+
+### Problem
+
+<!-- What was broken? -->
+
+### Solution
+
+<!-- How did you fix it? -->
+
+### Testing
+
+- [ ] Tests pass (`bun test`)
+- [ ] Code formatted (`bun run fmt`)
+- [ ] Fix verified locally
+
+### Related Issue
+
+<!-- Link to issue if applicable -->

.github/PULL_REQUEST_TEMPLATE/documentation.md

@@ -0,0 +1,23 @@
+## Documentation Update
+
+### Description
+
+<!-- What documentation did you improve? -->
+
+### Changes
+
+<!-- What specific changes were made? -->
+
+-
+-
+
+### Checklist
+
+- [ ] README validation passes (if applicable)
+- [ ] Code examples tested
+- [ ] Links verified
+- [ ] Formatting consistent
+
+### Context
+
+<!-- Why were these changes needed? -->

.github/PULL_REQUEST_TEMPLATE/feature.md

@@ -0,0 +1,32 @@
+## Feature: [Brief Description]
+
+**Module:** `registry/[namespace]/modules/[module-name]`
+**Version:** `v1.2.3` → `v1.3.0` (or `v2.0.0` for breaking changes)
+
+### Description
+
+<!-- What does this feature add? -->
+
+### Changes
+
+<!-- List key changes -->
+
+-
+-
+
+### Breaking Changes
+
+<!-- List any breaking changes (if major version bump) -->
+
+- None / _Remove if not applicable_
+
+### Testing
+
+- [ ] Tests pass (`bun test`)
+- [ ] Code formatted (`bun run fmt`)
+- [ ] New tests added for feature
+- [ ] Backward compatibility maintained
+
+### Documentation
+
+<!-- Did you update the README? -->

.github/PULL_REQUEST_TEMPLATE/new_module.md

@@ -0,0 +1,25 @@
+## New Module: [Module Name]
+
+**Module Path:** `registry/[namespace]/modules/[module-name]`
+**Initial Version:** `v1.0.0`
+
+### Description
+
+<!-- Brief description of what this module does -->
+
+### Checklist
+
+- [ ] All required files included (`main.tf`, `main.test.ts`, `README.md`)
+- [ ] Tests pass (`bun test`)
+- [ ] Code formatted (`bun run fmt`)
+- [ ] README has proper frontmatter
+- [ ] Icon path is valid
+- [ ] Namespace has avatar (if first-time contributor)
+
+### Testing
+
+<!-- How did you test this module? -->
+
+### Additional Notes
+
+<!-- Any special setup or dependencies? -->

.github/scripts/README.md

@@ -0,0 +1,65 @@
+# GitHub Scripts
+
+This directory contains reusable scripts for GitHub Actions workflows.
+
+## version-bump.sh
+
+Extracts version bump logic from GitHub Actions workflows into a reusable script.
+
+### Usage
+
+```bash
+./version-bump.sh <bump_type> [base_ref]
+```
+
+**Parameters:**
+- `bump_type`: Type of version bump (`patch`, `minor`, or `major`)
+- `base_ref`: Base reference for diff comparison (default: `origin/main`)
+
+### Examples
+
+```bash
+# Bump patch version for modules changed since origin/main
+./version-bump.sh patch
+
+# Bump minor version for modules changed since a specific commit
+./version-bump.sh minor abc123
+
+# Bump major version for modules changed since a specific branch
+./version-bump.sh major origin/develop
+```
+
+### What it does
+
+1. **Detects modified modules** from git diff changes
+2. **Gets current version** from latest release tag or README
+3. **Calculates new version** based on bump type
+4. **Updates README versions** in module documentation
+5. **Provides summary** of changes and next steps
+
+### Version Detection
+
+- **Tagged modules**: Uses latest `release/namespace/module/vX.Y.Z` tag
+- **Untagged modules**: Extracts version from README `version = "X.Y.Z"` 
+- **New modules**: Start from v1.0.0
+
+### Exit Codes
+
+- `0`: Success (with or without changes)
+- `1`: Error (invalid arguments, no modules found, invalid version format, etc.)
+
+### Integration with GitHub Actions
+
+This script is designed to be called from GitHub Actions workflows. See `.github/workflows/version-bump.yaml` for an example implementation that:
+
+- Triggers on PR labels (`version:patch`, `version:minor`, `version:major`)
+- Runs the script with appropriate parameters
+- Commits any README changes
+- Comments on the PR with results
+
+### Notes
+
+- Only updates READMEs that contain version references matching the module source
+- Warns about modules missing proper git tags
+- Follows semantic versioning (X.Y.Z format)
+- Validates all version components are numeric

CONTRIBUTING.md

@@ -1,294 +1,297 @@
-# Contributing
+# Contributing to the Coder Registry
 
-## Getting started
+Welcome! This guide covers how to contribute to the Coder Registry, whether you're creating a new module or improving an existing one.
 
-This repo uses two main runtimes to verify the correctness of a module/template before it is published:
+## What is the Coder Registry?
 
-- [Bun](https://bun.sh/) – Used to run tests for each module/template to validate overall functionality and correctness of Terraform output
-- [Go](https://go.dev/) – Used to validate all README files in the directory. The README content is used to populate [the Registry website](https://registry.coder.com).
+The Coder Registry is a collection of Terraform modules that extend Coder workspaces with development tools like VS Code, Cursor, JetBrains IDEs, and more.
 
-### Installing Bun
+## Types of Contributions
 
-To install Bun, you can run this command on Linux/MacOS:
+- **[New Modules](#creating-a-new-module)** - Add support for a new tool or functionality
+- **[Existing Modules](#contributing-to-existing-modules)** - Fix bugs, add features, or improve documentation
+- **[Bug Reports](#reporting-issues)** - Report problems or request features
 
-```shell
+## Setup
+
+### Prerequisites
+
+- Basic Terraform knowledge (for module development)
+- Terraform installed ([installation guide](https://developer.hashicorp.com/terraform/install))
+- Docker (for running tests)
+
+### Install Dependencies
+
+Install Bun:
+
+```bash
 curl -fsSL https://bun.sh/install | bash
 ```
 
-Or this command on Windows:
+Install project dependencies:
 
-```shell
-powershell -c "irm bun.sh/install.ps1 | iex"
+```bash
+bun install
 ```
 
-Follow the instructions to ensure that Bun is available globally. Once Bun is installed, install all necessary dependencies from the root of the repo:
+### Understanding Namespaces
 
-Via NPM:
+All modules are organized under `/registry/[namespace]/modules/`. Each contributor gets their own namespace (e.g., `/registry/your-username/modules/`). If a namespace is taken, choose a different unique namespace, but you can still use any display name on the Registry website.
 
-```shell
-npm i
+### Images and Icons
+
+- **Namespace avatars**: Must be named `avatar.png` or `avatar.svg` in `/registry/[namespace]/.images/`
+- **Module screenshots/demos**: Use `/registry/[namespace]/.images/` for module-specific images
+- **Module icons**: Use the shared `/.icons/` directory at the root for module icons
+
+---
+
+## Creating a New Module
+
+### 1. Create Your Namespace (First Time Only)
+
+If you're a new contributor, create your namespace:
+
+```bash
+mkdir -p registry/[your-username]
+mkdir -p registry/[your-username]/.images
 ```
 
-Via PNPM:
+#### Add Your Avatar
 
-```shell
-pnpm i
+Every namespace must have an avatar. We recommend using your GitHub avatar:
+
+1. Download your GitHub avatar from `https://github.com/[your-username].png`
+2. Save it as `avatar.png` in `registry/[your-username]/.images/`
+3. This gives you a properly sized, square image that's already familiar to the community
+
+The avatar must be:
+
+- Named exactly `avatar.png` or `avatar.svg`
+- Square image (recommended: 400x400px minimum)
+- Supported formats: `.png` or `.svg` only
+
+#### Create Your Namespace README
+
+Create `registry/[your-username]/README.md`:
+
+```markdown
+---
+display_name: "Your Name"
+bio: "Brief description of who you are and what you do"
+avatar_url: "./.images/avatar.png"
+github: "your-username"
+linkedin: "https://www.linkedin.com/in/your-username" # Optional
+website: "https://yourwebsite.com" # Optional
+support_email: "you@example.com" # Optional
+status: "community"
+---
+
+# Your Name
+
+Brief description of who you are and what you do.
 ```
 
-This repo does not support Yarn.
+> **Note**: The `avatar_url` must point to `./.images/avatar.png` or `./.images/avatar.svg`.
 
-### Installing Go (optional)
+### 2. Generate Module Files
 
-This step can be skipped if you are not working on any of the README validation logic. The validation will still run as part of CI.
-
-[Navigate to the official Go Installation page](https://go.dev/doc/install), and install the correct version for your operating system.
-
-Once Go has been installed, verify the installation via:
-
-```shell
-go version
+```bash
+./scripts/new_module.sh [your-username]/[module-name]
+cd registry/[your-username]/modules/[module-name]
 ```
 
-## Namespaces
+This script generates:
 
-All Coder resources are scoped to namespaces placed at the top level of the `/registry` directory. Any modules or templates must be placed inside a namespace to be accepted as a contribution. For example, all modules created by CoderEmployeeBob would be placed under `/registry/coderemployeebob/modules`, with a subdirectory for each individual module the user has published.
+- `main.tf` - Terraform configuration template
+- `README.md` - Documentation template with frontmatter
+- `run.sh` - Script for module execution (can be deleted if not required)
 
-If a namespace is already taken, you will need to create a different, unique namespace, but will still be able to choose any display name. (The display name is shown in the Registry website. More info below.)
+### 3. Build Your Module
 
-### Namespace (contributor profile) README files
+1. **Edit `main.tf`** to implement your module's functionality
+2. **Update `README.md`** with:
+   - Accurate description and usage examples
+   - Correct icon path (usually `../../../../.icons/your-icon.svg`)
+   - Proper tags that describe your module
+3. **Create `main.test.ts`** to test your module
+4. **Add any scripts** or additional files your module needs
 
-More information about contributor profile README files can be found below.
+### 4. Test and Submit
 
-### Images
+```bash
+# Test your module
+bun test -t 'module-name'
 
-Any images needed for either the main namespace directory or a module/template can be placed in a relative `/images` directory at the top of the namespace directory. (e.g., CoderEmployeeBob can have a `/registry/coderemployeebob/images` directory, that can be referenced by the main README file, as well as a README file in `/registry/coderemployeebob/modules/custom_module/README.md`.) This is to minimize the risk of file name conflicts between different users as they add images to help illustrate parts of their README files.
+# Format code
+bun fmt
 
-## Coder modules
-
-### Adding a new module
-
-> [!WARNING]
-> These instructions cannot be followed just yet; the script referenced will be made available shortly. Contributors looking to add modules early will need to create all directories manually.
-
-Once Bun (and possibly Go) have been installed, clone the Coder Registry repository. From there, you can run this script to make it easier to start contributing a new module or template:
-
-```shell
-./new.sh USER_NAMESPACE/NAME_OF_NEW_MODULE
+# Commit and create PR
+git add .
+git commit -m "Add [module-name] module"
+git push origin your-branch
 ```
 
-You can also create a module file manually by creating the necessary files and directories.
+> **Important**: It is your responsibility to implement tests for every new module. Test your module locally before opening a PR. The testing suite requires Docker containers with the `--network=host` flag, which typically requires running tests on Linux (this flag doesn't work with Docker Desktop on macOS/Windows). macOS users can use [Colima](https://github.com/abiosoft/colima) or [OrbStack](https://orbstack.dev/) instead of Docker Desktop.
 
-### The composition of a Coder module
+---
 
-Each Coder Module must contain the following files:
+## Contributing to Existing Modules
 
-- A `main.tf` file that defines the main Terraform-based functionality
-- A `main.test.ts` file that is used to validate that the module works as expected
-- A `README.md` file containing required information (listed below)
+### 1. Find the Module
 
-You are free to include any additional files in the module, as needed by the module. For example, the [Windows RDP module](https://github.com/coder/registry/tree/main/registry/coder/modules/windows-rdp) contains additional files for injecting specific functionality into a Coder Workspace.
-
-> [!NOTE]
-> Some legacy modules do not have test files defined just yet. This will be addressed soon.
-
-### The `main.tf` file
-
-This file defines all core Terraform functionality, to be mixed into your Coder workspaces. More information about [Coder's use of Terraform can be found here](https://coder.com/docs/admin/templates/extending-templates/modules), and [general information about the Terraform language can be found in the official documentation](https://developer.hashicorp.com/terraform/docs).
-
-### The structure of a module README
-
-Validation criteria for module README files is listed below.
-
-### Testing a Module
-
-> [!IMPORTANT]
-> It is the responsibility of the module author to implement tests for every new module they wish to contribute. It is expected the author has tested the module locally before opening a PR. Feel free to reference existing test files to get an idea for how to set them up.
-
-All general-purpose test helpers for validating Terraform can be found in the top-level `/testing` directory. The helpers run `terraform apply` on modules that use variables, testing the script output against containers.
-
-When writing a test file, you can import the test utilities via the `~test` import alias:
-
-```ts
-// This works regardless of how deeply-nested your test file is in the file
-// structure
-import {
-  runTerraformApply,
-  runTerraformInit,
-  testRequiredVariables,
-} from "~test";
+```bash
+find registry -name "*[module-name]*" -type d
 ```
 
-> [!NOTE]
-> The testing suite must be able to run docker containers with the `--network=host` flag. This typically requires running the tests on Linux as this flag does not apply to Docker Desktop for MacOS or Windows. MacOS users can work around this by using something like [colima](https://github.com/abiosoft/colima) or [Orbstack](https://orbstack.dev/) instead of Docker Desktop.
+### 2. Make Your Changes
 
-#### Running tests
+**For bug fixes:**
 
-You can run all tests by running this command from the root of the Registry directory:
+- Reproduce the issue
+- Fix the code in `main.tf`
+- Add/update tests
+- Update documentation if needed
 
-```shell
+**For new features:**
+
+- Add new variables with sensible defaults
+- Implement the feature
+- Add tests for new functionality
+- Update README with new variables
+
+**For documentation:**
+
+- Fix typos and unclear explanations
+- Add missing variable documentation
+- Improve usage examples
+
+### 3. Test Your Changes
+
+```bash
+# Test a specific module
+bun test -t 'module-name'
+
+# Test all modules
 bun test
 ```
 
-Note that running _all_ tests can take some time, so you likely don't want to be running this command as part of your core development loop.
+### 4. Maintain Backward Compatibility
 
-To run specific tests, you can use the `-t` flag, which accepts a filepath regex:
+- New variables should have default values
+- Don't break existing functionality
+- Test that minimal configurations still work
 
-```shell
-bun test -t '<regex_pattern>'
+---
+
+## Submitting Changes
+
+1. **Fork and branch:**
+
+   ```bash
+   git checkout -b fix/module-name-issue
+   ```
+
+2. **Commit with clear messages:**
+
+   ```bash
+   git commit -m "Fix version parsing in module-name"
+   ```
+
+3. **Open PR with:**
+   - Clear title describing the change
+   - What you changed and why
+   - Any breaking changes
+
+### Using PR Templates
+
+We have different PR templates for different types of contributions. GitHub will show you options to choose from, or you can manually select:
+
+- **New Module**: Use `?template=new_module.md`
+- **Bug Fix**: Use `?template=bug_fix.md`
+- **Feature**: Use `?template=feature.md`
+- **Documentation**: Use `?template=documentation.md`
+
+Example: `https://github.com/coder/registry/compare/main...your-branch?template=new_module.md`
+
+---
+
+## Requirements
+
+### Every Module Must Have
+
+- `main.tf` - Terraform code
+- `main.test.ts` - Working tests
+- `README.md` - Documentation with frontmatter
+
+### README Frontmatter
+
+Module README frontmatter must include:
+
+```yaml
+---
+display_name: "Module Name" # Required - Name shown on Registry website
+description: "What it does" # Required - Short description
+icon: "../../../../.icons/tool.svg" # Required - Path to icon file
+verified: false # Optional - Set by maintainers only
+tags: ["tag1", "tag2"] # Required - Array of descriptive tags
+---
 ```
 
-To ensure that the module runs predictably in local development, you can update the Terraform source as follows:
+### README Requirements
 
-```tf
-module "example" {
-  # You may need to remove the 'version' field, it is incompatible with some sources.
-  source = "git::https://github.com/<USERNAME>/<REPO>.git//<MODULE-NAME>?ref=<BRANCH-NAME>"
-}
-```
+All README files must follow these rules:
 
-## Updating README files
+- Must have frontmatter section with proper YAML
+- Exactly one h1 header directly below frontmatter
+- When increasing header levels, increment by one each time
+- Use `tf` instead of `hcl` for code blocks
 
-This repo uses Go to validate each README file. If you are working with the README files at all (i.e., creating them, modifying them), it is strongly recommended that you install Go (installation instructions mentioned above), so that the files can be validated locally.
+### Best Practices
 
-### Validating all README files
+- Use descriptive variable names and descriptions
+- Include helpful comments
+- Test all functionality
+- Follow existing code patterns in the module
 
-To validate all README files throughout the entire repo, you can run the following:
+---
 
-```shell
-go build ./cmd/readmevalidation && ./readmevalidation
-```
+## Versioning Guidelines
 
-The resulting binary is already part of the `.gitignore` file, but you can remove it with:
+After your PR is merged, maintainers will handle the release. Understanding version numbers helps you describe the impact of your changes:
 
-```shell
-rm ./readmevalidation
-```
+- **Patch** (1.2.3 → 1.2.4): Bug fixes
+- **Minor** (1.2.3 → 1.3.0): New features, adding inputs
+- **Major** (1.2.3 → 2.0.0): Breaking changes (removing inputs, changing types)
 
-### README validation criteria
+**Important**: Always specify the version change in your PR (e.g., `v1.2.3 → v1.2.4`). This helps maintainers create the correct release tag.
 
-The following criteria exists for two reasons:
+---
 
-1. Content accessibility
-2. Having content be designed in a way that's easy for the Registry site build step to use
+## Reporting Issues
 
-#### General README requirements
+When reporting bugs, include:
 
-- There must be a frontmatter section.
-- There must be exactly one h1 header, and it must be at the very top, directly below the frontmatter.
-- The README body (if it exists) must start with an h1 header. No other content (including GitHub-Flavored Markdown alerts) is allowed to be placed above it.
-- When increasing the level of a header, the header's level must be incremented by one each time.
-- Any `.hcl` code snippets must be labeled as `.tf` snippets instead
+- Module name and version
+- Expected vs actual behavior
+- Minimal reproduction case
+- Error messages
+- Environment details (OS, Terraform version)
 
-  ````txt
-  ```tf
-  Content
-  ```
-  ````
+---
 
-#### Namespace (contributor profile) criteria
+## Getting Help
 
-In addition to the general criteria, all README files must have the following:
+- **Examples**: Check `/registry/coder/modules/` for well-structured modules
+- **Issues**: Open an issue for technical problems
+- **Community**: Reach out to the Coder community for questions
 
-- Frontmatter metadata with support for the following fields:
+## Common Pitfalls
 
-  - `display_name` (required string) – The name to use when displaying your user profile in the Coder Registry site.
-  - `bio` (optional string) – A short description of who you are.
-  - `github` (optional string) – Your GitHub handle.
-  - `avatar_url` (optional string) – A relative/absolute URL pointing to your avatar for the Registry site. It is strongly recommended that you commit avatar images to this repo and reference them via a relative URL.
-  - `linkedin` (optional string) – A URL pointing to your LinkedIn page.
-  - `support_email` (optional string) – An email for users to reach you at if they need help with a published module/template.
-  - `status` (string union) – If defined, this must be one of `"community"`, `"partner"`, or `"official"`. `"community"` should be used for the majority of external contributions. `"partner"` is for companies who have a formal business partnership with Coder. `"official"` should be used only by Coder employees.
+1. **Missing frontmatter** in README
+2. **No tests** or broken tests
+3. **Hardcoded values** instead of variables
+4. **Breaking changes** without defaults
+5. **Not running** `bun fmt` before submitting
 
-- The README body (the content that goes directly below the frontmatter) is allowed to be empty, but if it isn't, it must follow all the rules above.
-
-You are free to customize the body of a contributor profile however you like, adding any number of images or information. Its content will never be rendered in the Registry website.
-
-Additional information can be placed in the README file below the content listed above, using any number of headers.
-
-Additional image/video assets can be placed in the same user namespace directory where that user's main content lives.
-
-#### Module criteria
-
-In addition to the general criteria, all README files must have the following:
-
-- Frontmatter that describes metadata for the module:
-  - `display_name` (required string) – This is the name displayed on the Coder Registry website
-  - `description` (required string) – A short description of the module, which is displayed on the Registry website
-  - `icon` (required string) – A relative/absolute URL pointing to the icon to display for the module in the Coder Registry website.
-  - `verified` (optional boolean) – Indicates whether the module has been officially verified by Coder. Please do not set this without approval from a Coder employee.
-  - `tags` (required string array) – A list of metadata tags to describe the module. Used in the Registry site for search and navigation functionality.
-  - `maintainer_github` (deprecated string) – The name of the creator of the module. This field exists for backwards compatibility with previous versions of the Registry, but going forward, the value will be inferred from the namespace directory.
-  - `partner_github` (deprecated string) - The name of any additional creators for a module. This field exists for backwards compatibility with previous versions of the Registry, but should not ever be used going forward.
-- The following content directly under the h1 header (without another header between them):
-
-  - A description of what the module does
-  - A Terraform snippet for letting other users import the functionality
-
-    ```tf
-    module "cursor" {
-      count    = data.coder_workspace.me.start_count
-      source   = "registry.coder.com/coder/cursor/coder"
-      version  = "1.0.19"
-      agent_id = coder_agent.example.id
-    }
-    ```
-
-Additional information can be placed in the README file below the content listed above, using any number of headers.
-
-Additional image/video assets can be placed in one of two places:
-
-1. In the same user namespace directory where that user's main content lives
-2. If the image is an icon, it can be placed in the top-level `.icons` directory (this is done because a lot of modules will be based off the same products)
-
-## Releases
-
-The release process involves the following steps:
-
-### 1. Create and merge a new PR
-
-- Create a PR with your module changes
-- Get your PR reviewed, approved, and merged into the `main` branch
-
-### 2. Prepare Release (Maintainer Task)
-
-After merging to `main`, a maintainer will:
-
-- Check out the merge commit:
-
-  ```shell
-  git checkout MERGE_COMMIT_ID
-  ```
-
-- Create annotated tags for each module that was changed:
-
-  ```shell
-  git tag -a "release/$namespace/$module/v$version" -m "Release $namespace/$module v$version"
-  ```
-
-- Push the tags to origin:
-
-  ```shell
-  git push origin release/$namespace/$module/v$version
-  ```
-
-For example, to release version 1.0.14 of the coder/aider module:
-
-```shell
-git tag -a "release/coder/aider/v1.0.14" -m "Release coder/aider v1.0.14"
-git push origin release/coder/aider/v1.0.14
-```
-
-### Version Numbers
-
-Version numbers should follow semantic versioning:
-
-- **Patch version** (1.2.3 → 1.2.4): Bug fixes
-- **Minor version** (1.2.3 → 1.3.0): New features, adding inputs, deprecating inputs
-- **Major version** (1.2.3 → 2.0.0): Breaking changes (removing inputs, changing input types)
-
-### 3. Publishing to Coder Registry
-
-After tags are pushed, the changes will be published to [registry.coder.com](https://registry.coder.com).
-
-> [!NOTE]
-> Some data in registry.coder.com is fetched on demand from this repository's `main` branch. This data should update almost immediately after a release, while other changes will take some time to propagate.
+Happy contributing! 🚀

MAINTAINER.md

@@ -0,0 +1,103 @@
+# Maintainer Guide
+
+Quick reference for maintaining the Coder Registry repository.
+
+## Setup
+
+Install Go for README validation:
+
+```bash
+# macOS
+brew install go
+
+# Linux
+sudo apt install golang-go
+```
+
+## Daily Tasks
+
+### Review PRs
+
+Check that PRs have:
+
+- [ ] All required files (`main.tf`, `main.test.ts`, `README.md`)
+- [ ] Proper frontmatter in README
+- [ ] Working tests (`bun test`)
+- [ ] Formatted code (`bun run fmt`)
+- [ ] Avatar image for new namespaces (`avatar.png` or `avatar.svg` in `.images/`)
+
+#### Version Guidelines
+
+When reviewing PRs, ensure the version change follows semantic versioning:
+
+- **Patch** (1.2.3 → 1.2.4): Bug fixes
+- **Minor** (1.2.3 → 1.3.0): New features, adding inputs
+- **Major** (1.2.3 → 2.0.0): Breaking changes (removing inputs, changing types)
+
+PRs should clearly indicate the version change (e.g., `v1.2.3 → v1.2.4`).
+
+### Validate READMEs
+
+```bash
+go build ./cmd/readmevalidation && ./readmevalidation
+```
+
+## Releases
+
+### Create Release Tags
+
+After merging a PR:
+
+1. Get the new version from the PR (shown as `old → new`)
+2. Checkout the merge commit and create the tag:
+
+```bash
+# Checkout the merge commit
+git checkout MERGE_COMMIT_ID
+
+# Create and push the release tag using the version from the PR
+git tag -a "release/$namespace/$module/v$version" -m "Release $namespace/$module v$version"
+git push origin release/$namespace/$module/v$version
+```
+
+Example: If PR shows `v1.2.3 → v1.2.4`, use `v1.2.4` in the tag.
+
+### Publishing
+
+Changes are automatically published to [registry.coder.com](https://registry.coder.com) after tags are pushed.
+
+## README Requirements
+
+### Module Frontmatter (Required)
+
+```yaml
+display_name: "Module Name"
+description: "What it does"
+icon: "../../../../.icons/tool.svg"
+maintainer_github: "username"
+partner_github: "partner-name" # Optional - For official partner modules
+verified: false # Optional - Set by maintainers only
+tags: ["tag1", "tag2"]
+```
+
+### Namespace Frontmatter (Required)
+
+```yaml
+display_name: "Your Name"
+bio: "Brief description of who you are and what you do"
+avatar_url: "./.images/avatar.png"
+github: "username"
+linkedin: "https://www.linkedin.com/in/username" # Optional
+website: "https://yourwebsite.com" # Optional
+support_email: "you@example.com" # Optional
+status: "community" # or "partner", "official"
+```
+
+## Common Issues
+
+- **README validation fails**: Check YAML syntax, ensure h1 header after frontmatter
+- **Tests fail**: Ensure Docker with `--network=host`, check Terraform syntax
+- **Wrong file structure**: Use `./scripts/new_module.sh` for new modules
+- **Missing namespace avatar**: Must be `avatar.png` or `avatar.svg` in `.images/` directory
+
+That's it. Keep it simple.

cmd/readmevalidation/coderresources.go

@@ -2,8 +2,8 @@ package main
 
 import (
 	"bufio"
+	"context"
 	"errors"
-	"log"
 	"net/url"
 	"os"
 	"path"
@@ -15,7 +15,14 @@ import (
 	"gopkg.in/yaml.v3"
 )
 
-var supportedResourceTypes = []string{"modules", "templates"}
+var (
+	supportedResourceTypes = []string{"modules", "templates"}
+
+	// TODO: This is a holdover from the validation logic used by the Coder Modules repo. It gives us some assurance, but
+	// realistically, we probably want to parse any Terraform code snippets, and make some deeper guarantees about how it's
+	// structured. Just validating whether it *can* be parsed as Terraform would be a big improvement.
+	terraformVersionRe = regexp.MustCompile(`^\s*\bversion\s+=`)
+)
 
 type coderResourceFrontmatter struct {
 	Description string   `yaml:"description"`
@@ -49,36 +56,36 @@ func validateCoderResourceDescription(description string) error {
 	return nil
 }
 
-func validateCoderResourceIconURL(iconURL string) []error {
-	problems := []error{}
+func isPermittedRelativeURL(checkURL string) bool {
+	// Would normally be skittish about having relative paths like this, but it should be safe because we have
+	// guarantees about the structure of the repo, and where this logic will run.
+	return strings.HasPrefix(checkURL, "./") || strings.HasPrefix(checkURL, "/") || strings.HasPrefix(checkURL, "../../../../.icons")
+}
 
+func validateCoderResourceIconURL(iconURL string) []error {
 	if iconURL == "" {
-		problems = append(problems, xerrors.New("icon URL cannot be empty"))
-		return problems
+		return []error{xerrors.New("icon URL cannot be empty")}
 	}
 
-	isAbsoluteURL := !strings.HasPrefix(iconURL, ".") && !strings.HasPrefix(iconURL, "/")
-	if isAbsoluteURL {
+	errs := []error{}
+
+	// If the URL does not have a relative path.
+	if !strings.HasPrefix(iconURL, ".") && !strings.HasPrefix(iconURL, "/") {
 		if _, err := url.ParseRequestURI(iconURL); err != nil {
-			problems = append(problems, xerrors.New("absolute icon URL is not correctly formatted"))
+			errs = append(errs, xerrors.New("absolute icon URL is not correctly formatted"))
 		}
 		if strings.Contains(iconURL, "?") {
-			problems = append(problems, xerrors.New("icon URLs cannot contain query parameters"))
+			errs = append(errs, xerrors.New("icon URLs cannot contain query parameters"))
 		}
-		return problems
+		return errs
 	}
 
-	// Would normally be skittish about having relative paths like this, but it
-	// should be safe because we have guarantees about the structure of the
-	// repo, and where this logic will run.
-	isPermittedRelativeURL := strings.HasPrefix(iconURL, "./") ||
-		strings.HasPrefix(iconURL, "/") ||
-		strings.HasPrefix(iconURL, "../../../../.icons")
-	if !isPermittedRelativeURL {
-		problems = append(problems, xerrors.Errorf("relative icon URL %q must either be scoped to that module's directory, or the top-level /.icons directory (this can usually be done by starting the path with \"../../../.icons\")", iconURL))
+	// If the URL has a relative path.
+	if !isPermittedRelativeURL(iconURL) {
+		errs = append(errs, xerrors.Errorf("relative icon URL %q must either be scoped to that module's directory, or the top-level /.icons directory (this can usually be done by starting the path with \"../../../.icons\")", iconURL))
 	}
 
-	return problems
+	return errs
 }
 
 func validateCoderResourceTags(tags []string) error {
@@ -89,9 +96,8 @@ func validateCoderResourceTags(tags []string) error {
 		return nil
 	}
 
-	// All of these tags are used for the module/template filter controls in the
-	// Registry site. Need to make sure they can all be placed in the browser
-	// URL without issue.
+	// All of these tags are used for the module/template filter controls in the Registry site. Need to make sure they
+	// can all be placed in the browser URL without issue.
 	invalidTags := []string{}
 	for _, t := range tags {
 		if t != url.QueryEscape(t) {
@@ -105,16 +111,11 @@ func validateCoderResourceTags(tags []string) error {
 	return nil
 }
 
-// Todo: This is a holdover from the validation logic used by the Coder Modules
-// repo. It gives us some assurance, but realistically, we probably want to
-// parse any Terraform code snippets, and make some deeper guarantees about how
-// it's structured. Just validating whether it *can* be parsed as Terraform
-// would be a big improvement.
-var terraformVersionRe = regexp.MustCompile(`^\s*\bversion\s+=`)
-
 func validateCoderResourceReadmeBody(body string) []error {
-	trimmed := strings.TrimSpace(body)
 	var errs []error
+
+	trimmed := strings.TrimSpace(body)
+	// TODO: this may cause unexpected behavior since the errors slice may have a 0 length. Add a test.
 	errs = append(errs, validateReadmeBody(trimmed)...)
 
 	foundParagraph := false
@@ -130,9 +131,8 @@ func validateCoderResourceReadmeBody(body string) []error {
 		lineNum++
 		nextLine := lineScanner.Text()
 
-		// Code assumes that invalid headers would've already been handled by
-		// the base validation function, so we don't need to check deeper if the
-		// first line isn't an h1.
+		// Code assumes that invalid headers would've already been handled by the base validation function, so we don't
+		// need to check deeper if the first line isn't an h1.
 		if lineNum == 1 {
 			if !strings.HasPrefix(nextLine, "# ") {
 				break
@@ -159,15 +159,13 @@ func validateCoderResourceReadmeBody(body string) []error {
 			continue
 		}
 
-		// Code assumes that we can treat this case as the end of the "h1
-		// section" and don't need to process any further lines.
+		// Code assumes that we can treat this case as the end of the "h1 section" and don't need to process any further lines.
 		if lineNum > 1 && strings.HasPrefix(nextLine, "#") {
 			break
 		}
 
-		// Code assumes that if we've reached this point, the only other options
-		// are: (1) empty spaces, (2) paragraphs, (3) HTML, and (4) asset
-		// references made via [] syntax.
+		// Code assumes that if we've reached this point, the only other options are:
+		// (1) empty spaces, (2) paragraphs, (3) HTML, and (4) asset references made via [] syntax.
 		trimmedLine := strings.TrimSpace(nextLine)
 		isParagraph := trimmedLine != "" && !strings.HasPrefix(trimmedLine, "![") && !strings.HasPrefix(trimmedLine, "<")
 		foundParagraph = foundParagraph || isParagraph
@@ -250,7 +248,7 @@ func parseCoderResourceReadmeFiles(resourceType string, rms []readme) (map[strin
 	}
 	if len(yamlParsingErrs) != 0 {
 		return nil, validationPhaseError{
-			phase:  validationPhaseReadmeParsing,
+			phase:  validationPhaseReadme,
 			errors: yamlParsingErrs,
 		}
 	}
@@ -264,7 +262,7 @@ func parseCoderResourceReadmeFiles(resourceType string, rms []readme) (map[strin
 	}
 	if len(yamlValidationErrors) != 0 {
 		return nil, validationPhaseError{
-			phase:  validationPhaseReadmeParsing,
+			phase:  validationPhaseReadme,
 			errors: yamlValidationErrors,
 		}
 	}
@@ -274,7 +272,7 @@ func parseCoderResourceReadmeFiles(resourceType string, rms []readme) (map[strin
 
 // Todo: Need to beef up this function by grabbing each image/video URL from
 // the body's AST.
-func validateCoderResourceRelativeUrls(_ map[string]coderResourceReadme) error {
+func validateCoderResourceRelativeURLs(_ map[string]coderResourceReadme) error {
 	return nil
 }
 
@@ -321,7 +319,7 @@ func aggregateCoderResourceReadmeFiles(resourceType string) ([]readme, error) {
 
 	if len(errs) != 0 {
 		return nil, validationPhaseError{
-			phase:  validationPhaseFileLoad,
+			phase:  validationPhaseFile,
 			errors: errs,
 		}
 	}
@@ -338,17 +336,16 @@ func validateAllCoderResourceFilesOfType(resourceType string) error {
 		return err
 	}
 
-	log.Printf("Processing %d README files\n", len(allReadmeFiles))
+	logger.Info(context.Background(), "rocessing README files", "num_files", len(allReadmeFiles))
 	resources, err := parseCoderResourceReadmeFiles(resourceType, allReadmeFiles)
 	if err != nil {
 		return err
 	}
-	log.Printf("Processed %d README files as valid Coder resources with type %q", len(resources), resourceType)
+	logger.Info(context.Background(), "rocessed README files as valid Coder resources", "num_files", len(resources), "type", resourceType)
 
-	err = validateCoderResourceRelativeUrls(resources)
-	if err != nil {
+	if err := validateCoderResourceRelativeURLs(resources); err != nil {
 		return err
 	}
-	log.Printf("All relative URLs for %s READMEs are valid\n", resourceType)
+	logger.Info(context.Background(), "all relative URLs for READMEs are valid", "type", resourceType)
 	return nil
 }

cmd/readmevalidation/contributors.go

@@ -1,7 +1,7 @@
 package main
 
 import (
-	"log"
+	"context"
 	"net/url"
 	"os"
 	"path"
@@ -50,6 +50,9 @@ func validateContributorLinkedinURL(linkedinURL *string) error {
 	return nil
 }
 
+// validateContributorSupportEmail does best effort validation of a contributors email address.	We can't 100% validate
+// that this is correct without actually sending an email, especially because some contributors are individual developers
+// and we don't want to do that on every single run of the CI pipeline. The best we can do is verify the general structure.
 func validateContributorSupportEmail(email *string) []error {
 	if email == nil {
 		return nil
@@ -57,10 +60,6 @@ func validateContributorSupportEmail(email *string) []error {
 
 	errs := []error{}
 
-	// Can't 100% validate that this is correct without actually sending
-	// an email, and especially with some contributors being individual
-	// developers, we don't want to do that on every single run of the CI
-	// pipeline. Best we can do is verify the general structure.
 	username, server, ok := strings.Cut(*email, "@")
 	if !ok {
 		errs = append(errs, xerrors.Errorf("email address %q is missing @ symbol", *email))
@@ -110,21 +109,18 @@ func validateContributorStatus(status string) error {
 	return nil
 }
 
-// Can't validate the image actually leads to a valid resource in a pure
-// function, but can at least catch obvious problems.
+// Can't validate the image actually leads to a valid resource in a pure function, but can at least catch obvious problems.
 func validateContributorAvatarURL(avatarURL *string) []error {
 	if avatarURL == nil {
 		return nil
 	}
 
-	errs := []error{}
 	if *avatarURL == "" {
-		errs = append(errs, xerrors.New("avatar URL must be omitted or non-empty string"))
-		return errs
+		return []error{xerrors.New("avatar URL must be omitted or non-empty string")}
 	}
 
-	// Have to use .Parse instead of .ParseRequestURI because this is the
-	// one field that's allowed to be a relative URL.
+	errs := []error{}
+	// Have to use .Parse instead of .ParseRequestURI because this is the one field that's allowed to be a relative URL.
 	if _, err := url.Parse(*avatarURL); err != nil {
 		errs = append(errs, xerrors.Errorf("URL %q is not a valid relative or absolute URL", *avatarURL))
 	}
@@ -132,7 +128,7 @@ func validateContributorAvatarURL(avatarURL *string) []error {
 		errs = append(errs, xerrors.New("avatar URL is not allowed to contain search parameters"))
 	}
 
-	matched := false
+	var matched bool
 	for _, ff := range supportedAvatarFileFormats {
 		matched = strings.HasSuffix(*avatarURL, ff)
 		if matched {
@@ -210,22 +206,21 @@ func parseContributorFiles(readmeEntries []readme) (map[string]contributorProfil
 	}
 	if len(yamlParsingErrors) != 0 {
 		return nil, validationPhaseError{
-			phase:  validationPhaseReadmeParsing,
+			phase:  validationPhaseReadme,
 			errors: yamlParsingErrors,
 		}
 	}
 
 	yamlValidationErrors := []error{}
 	for _, p := range profilesByNamespace {
-		errors := validateContributorReadme(p)
-		if len(errors) > 0 {
+		if errors := validateContributorReadme(p); len(errors) > 0 {
 			yamlValidationErrors = append(yamlValidationErrors, errors...)
 			continue
 		}
 	}
 	if len(yamlValidationErrors) != 0 {
 		return nil, validationPhaseError{
-			phase:  validationPhaseReadmeParsing,
+			phase:  validationPhaseReadme,
 			errors: yamlValidationErrors,
 		}
 	}
@@ -241,12 +236,13 @@ func aggregateContributorReadmeFiles() ([]readme, error) {
 
 	allReadmeFiles := []readme{}
 	errs := []error{}
+	dirPath := ""
 	for _, e := range dirEntries {
-		dirPath := path.Join(rootRegistryPath, e.Name())
 		if !e.IsDir() {
 			continue
 		}
 
+		dirPath = path.Join(rootRegistryPath, e.Name())
 		readmePath := path.Join(dirPath, "README.md")
 		rmBytes, err := os.ReadFile(readmePath)
 		if err != nil {
@@ -261,7 +257,7 @@ func aggregateContributorReadmeFiles() ([]readme, error) {
 
 	if len(errs) != 0 {
 		return nil, validationPhaseError{
-			phase:  validationPhaseFileLoad,
+			phase:  validationPhaseFile,
 			errors: errs,
 		}
 	}
@@ -269,18 +265,18 @@ func aggregateContributorReadmeFiles() ([]readme, error) {
 	return allReadmeFiles, nil
 }
 
-func validateContributorRelativeUrls(contributors map[string]contributorProfileReadme) error {
-	// This function only validates relative avatar URLs for now, but it can be
-	// beefed up to validate more in the future.
+func validateContributorRelativeURLs(contributors map[string]contributorProfileReadme) error {
+	// This function only validates relative avatar URLs for now, but it can be beefed up to validate more in the future.
 	var errs []error
+
 	for _, con := range contributors {
+		// If the avatar URL is missing, we'll just assume that the Registry site build step will take care of filling
+		// in the data properly.
 		if con.frontmatter.AvatarURL == nil {
 			continue
 		}
 
-		isRelativeURL := strings.HasPrefix(*con.frontmatter.AvatarURL, ".") ||
-			strings.HasPrefix(*con.frontmatter.AvatarURL, "/")
-		if !isRelativeURL {
+		if !strings.HasPrefix(*con.frontmatter.AvatarURL, ".") || !strings.HasPrefix(*con.frontmatter.AvatarURL, "/") {
 			continue
 		}
 
@@ -291,10 +287,8 @@ func validateContributorRelativeUrls(contributors map[string]contributorProfileR
 			continue
 		}
 
-		absolutePath := strings.TrimSuffix(con.filePath, "README.md") +
-			*con.frontmatter.AvatarURL
-		_, err := os.Stat(absolutePath)
-		if err != nil {
+		absolutePath := strings.TrimSuffix(con.filePath, "README.md") + *con.frontmatter.AvatarURL
+		if _, err := os.ReadFile(absolutePath); err != nil {
 			errs = append(errs, xerrors.Errorf("%q: relative avatar path %q does not point to image in file system", con.filePath, absolutePath))
 		}
 	}
@@ -303,7 +297,7 @@ func validateContributorRelativeUrls(contributors map[string]contributorProfileR
 		return nil
 	}
 	return validationPhaseError{
-		phase:  validationPhaseAssetCrossReference,
+		phase:  validationPhaseCrossReference,
 		errors: errs,
 	}
 }
@@ -314,19 +308,18 @@ func validateAllContributorFiles() error {
 		return err
 	}
 
-	log.Printf("Processing %d README files\n", len(allReadmeFiles))
+	logger.Info(context.Background(), "processing README files", "num_files", len(allReadmeFiles))
 	contributors, err := parseContributorFiles(allReadmeFiles)
 	if err != nil {
 		return err
 	}
-	log.Printf("Processed %d README files as valid contributor profiles", len(contributors))
+	logger.Info(context.Background(), "processed README files as valid contributor profiles", "num_contributors", len(contributors))
 
-	err = validateContributorRelativeUrls(contributors)
-	if err != nil {
+	if err := validateContributorRelativeURLs(contributors); err != nil {
 		return err
 	}
-	log.Println("All relative URLs for READMEs are valid")
+	logger.Info(context.Background(), "all relative URLs for READMEs are valid")
 
-	log.Printf("Processed all READMEs in the %q directory\n", rootRegistryPath)
+	logger.Info(context.Background(), "processed all READMEs in directory", "dir", rootRegistryPath)
 	return nil
 }

cmd/readmevalidation/errors.go

@@ -6,10 +6,8 @@ import (
 	"golang.org/x/xerrors"
 )
 
-// validationPhaseError represents an error that occurred during a specific
-// phase of README validation. It should be used to collect ALL validation
-// errors that happened during a specific phase, rather than the first one
-// encountered.
+// validationPhaseError represents an error that occurred during a specific phase of README validation. It should be
+// used to collect ALL validation errors that happened during a specific phase, rather than the first one encountered.
 type validationPhaseError struct {
 	phase  validationPhase
 	errors []error

cmd/readmevalidation/main.go

@@ -7,7 +7,6 @@ package main
 
 import (
 	"context"
-	"log"
 	"os"
 
 	"cdr.dev/slog"
@@ -19,12 +18,11 @@ var logger = slog.Make(sloghuman.Sink(os.Stdout))
 func main() {
 	logger.Info(context.Background(), "starting README validation")
 
-	// If there are fundamental problems with how the repo is structured, we
-	// can't make any guarantees that any further validations will be relevant
-	// or accurate.
+	// If there are fundamental problems with how the repo is structured, we can't make any guarantees that any further
+	// validations will be relevant or accurate.
 	err := validateRepoStructure()
 	if err != nil {
-		log.Println(err)
+		logger.Error(context.Background(), "error when validating the repo structure", "error", err.Error())
 		os.Exit(1)
 	}
 

cmd/readmevalidation/readmefiles.go

@@ -2,26 +2,55 @@ package main
 
 import (
 	"bufio"
+	"fmt"
 	"regexp"
 	"strings"
 
 	"golang.org/x/xerrors"
 )
 
-const rootRegistryPath = "./registry"
+// validationPhase represents a specific phase during README validation. It is expected that each phase is discrete, and
+// errors during one will prevent a future phase from starting.
+type validationPhase string
 
-var supportedAvatarFileFormats = []string{".png", ".jpeg", ".jpg", ".gif", ".svg"}
+const (
+	rootRegistryPath = "./registry"
 
-// readme represents a single README file within the repo (usually within the
-// top-level "/registry" directory).
+	// --- validationPhases ---
+	// validationPhaseStructure indicates when the entire Registry
+	// directory is being verified for having all files be placed in the file
+	// system as expected.
+	validationPhaseStructure validationPhase = "File structure validation"
+
+	// ValidationPhaseFile indicates when README files are being read from
+	// the file system.
+	validationPhaseFile validationPhase = "Filesystem reading"
+
+	// ValidationPhaseReadme indicates when a README's frontmatter is
+	// being parsed as YAML. This phase does not include YAML validation.
+	validationPhaseReadme validationPhase = "README parsing"
+
+	// ValidationPhaseCrossReference indicates when a README's frontmatter
+	// is having all its relative URLs be validated for whether they point to
+	// valid resources.
+	validationPhaseCrossReference validationPhase = "Cross-referencing relative asset URLs"
+	// --- end of validationPhases ---.
+)
+
+var (
+	supportedAvatarFileFormats = []string{".png", ".jpeg", ".jpg", ".gif", ".svg"}
+	// Matches markdown headers, must be at the beginning of a line, such as "# " or "### ".
+	readmeHeaderRe = regexp.MustCompile(`^(#+)(\s*)`)
+)
+
+// readme represents a single README file within the repo (usually within the top-level "/registry" directory).
 type readme struct {
 	filePath string
 	rawText  string
 }
 
-// separateFrontmatter attempts to separate a README file's frontmatter content
-// from the main README body, returning both values in that order. It does not
-// validate whether the structure of the frontmatter is valid (i.e., that it's
+// separateFrontmatter attempts to separate a README file's frontmatter content from the main README body, returning
+// both values in that order. It does not validate whether the structure of the frontmatter is valid (i.e., that it's
 // structured as YAML).
 func separateFrontmatter(readmeText string) (readmeFrontmatter string, readmeBody string, err error) {
 	if readmeText == "" {
@@ -29,8 +58,9 @@ func separateFrontmatter(readmeText string) (readmeFrontmatter string, readmeBod
 	}
 
 	const fence = "---"
-	fm := ""
-	body := ""
+
+	var fm strings.Builder
+	var body strings.Builder
 	fenceCount := 0
 
 	lineScanner := bufio.NewScanner(strings.NewReader(strings.TrimSpace(readmeText)))
@@ -40,36 +70,32 @@ func separateFrontmatter(readmeText string) (readmeFrontmatter string, readmeBod
 			fenceCount++
 			continue
 		}
-		// Break early if the very first line wasn't a fence, because then we
-		// know for certain that the README has problems.
+		// Break early if the very first line wasn't a fence, because then we know for certain that the README has problems.
 		if fenceCount == 0 {
 			break
 		}
 
-		// It should be safe to trim each line of the frontmatter on a per-line
-		// basis, because there shouldn't be any extra meaning attached to the
-		// indentation. The same does NOT apply to the README; best we can do is
-		// gather all the lines, and then trim around it.
+		// It should be safe to trim each line of the frontmatter on a per-line basis, because there shouldn't be any
+		// extra meaning attached to the indentation. The same does NOT apply to the README; best we can do is gather
+		// all the lines and then trim around it.
 		if inReadmeBody := fenceCount >= 2; inReadmeBody {
-			body += nextLine + "\n"
+			fmt.Fprintf(&body, "%s\n", nextLine)
 		} else {
-			fm += strings.TrimSpace(nextLine) + "\n"
+			fmt.Fprintf(&fm, "%s\n", strings.TrimSpace(nextLine))
 		}
 	}
 	if fenceCount < 2 {
 		return "", "", xerrors.New("README does not have two sets of frontmatter fences")
 	}
-	if fm == "" {
+	if fm.Len() == 0 {
 		return "", "", xerrors.New("readme has frontmatter fences but no frontmatter content")
 	}
 
-	return fm, strings.TrimSpace(body), nil
+	return fm.String(), strings.TrimSpace(body.String()), nil
 }
 
-var readmeHeaderRe = regexp.MustCompile(`^(#+)(\s*)`)
-
-// Todo: This seems to work okay for now, but the really proper way of doing
-// this is by parsing this as an AST, and then checking the resulting nodes.
+// TODO: This seems to work okay for now, but the really proper way of doing this is by parsing this as an AST, and then
+// checking the resulting nodes.
 func validateReadmeBody(body string) []error {
 	trimmed := strings.TrimSpace(body)
 
@@ -77,9 +103,8 @@ func validateReadmeBody(body string) []error {
 		return []error{xerrors.New("README body is empty")}
 	}
 
-	// If the very first line of the README, there's a risk that the rest of the
-	// validation logic will break, since we don't have many guarantees about
-	// how the README is actually structured.
+	// If the very first line of the README doesn't start with an ATX-style H1 header, there's a risk that the rest of the
+	// validation logic will break, since we don't have many guarantees about how the README is actually structured.
 	if !strings.HasPrefix(trimmed, "# ") {
 		return []error{xerrors.New("README body must start with ATX-style h1 header (i.e., \"# \")")}
 	}
@@ -93,9 +118,8 @@ func validateReadmeBody(body string) []error {
 	for lineScanner.Scan() {
 		nextLine := lineScanner.Text()
 
-		// Have to check this because a lot of programming languages support #
-		// comments (including Terraform), and without any context, there's no
-		// way to tell the difference between a markdown header and code comment.
+		// Have to check this because a lot of programming languages support # comments (including Terraform), and
+		// without any context, there's no way to tell the difference between a markdown header and code comment.
 		if strings.HasPrefix(nextLine, "```") {
 			isInCodeBlock = !isInCodeBlock
 			continue
@@ -109,8 +133,8 @@ func validateReadmeBody(body string) []error {
 			continue
 		}
 
-		spaceAfterHeader := headerGroups[2]
-		if spaceAfterHeader == "" {
+		// In the Markdown spec it is mandatory to have a space following the header # symbol(s).
+		if headerGroups[2] == "" {
 			errs = append(errs, xerrors.New("header does not have space between header characters and main header text"))
 		}
 
@@ -121,8 +145,7 @@ func validateReadmeBody(body string) []error {
 			continue
 		}
 
-		// If we have obviously invalid headers, it's not really safe to keep
-		// proceeding with the rest of the content.
+		// If we have obviously invalid headers, it's not really safe to keep proceeding with the rest of the content.
 		if nextHeaderLevel == 1 {
 			errs = append(errs, xerrors.New("READMEs cannot contain more than h1 header"))
 			break
@@ -132,43 +155,16 @@ func validateReadmeBody(body string) []error {
 			break
 		}
 
-		// This is something we need to enforce for accessibility, not just for
-		// the Registry website, but also when users are viewing the README
-		// files in the GitHub web view.
+		// This is something we need to enforce for accessibility, not just for the Registry website, but also when
+		// users are viewing the README files in the GitHub web view.
 		if nextHeaderLevel > latestHeaderLevel && nextHeaderLevel != (latestHeaderLevel+1) {
 			errs = append(errs, xerrors.New("headers are not allowed to increase more than 1 level at a time"))
 			continue
 		}
 
-		// As long as the above condition passes, there's no problems with
-		// going up a header level or going down 1+ header levels.
+		// As long as the above condition passes, there's no problems with going up a header level or going down 1+ header levels.
 		latestHeaderLevel = nextHeaderLevel
 	}
 
 	return errs
 }
-
-// validationPhase represents a specific phase during README validation. It is
-// expected that each phase is discrete, and errors during one will prevent a
-// future phase from starting.
-type validationPhase string
-
-const (
-	// ValidationPhaseFileStructureValidation indicates when the entire Registry
-	// directory is being verified for having all files be placed in the file
-	// system as expected.
-	validationPhaseFileStructureValidation validationPhase = "File structure validation"
-
-	// ValidationPhaseFileLoad indicates when README files are being read from
-	// the file system.
-	validationPhaseFileLoad = "Filesystem reading"
-
-	// ValidationPhaseReadmeParsing indicates when a README's frontmatter is
-	// being parsed as YAML. This phase does not include YAML validation.
-	validationPhaseReadmeParsing = "README parsing"
-
-	// ValidationPhaseAssetCrossReference indicates when a README's frontmatter
-	// is having all its relative URLs be validated for whether they point to
-	// valid resources.
-	validationPhaseAssetCrossReference = "Cross-referencing relative asset URLs"
-)

cmd/readmevalidation/repostructure.go

@@ -13,40 +13,33 @@ import (
 var supportedUserNameSpaceDirectories = append(supportedResourceTypes, ".icons", ".images")
 
 func validateCoderResourceSubdirectory(dirPath string) []error {
-	errs := []error{}
-
 	subDir, err := os.Stat(dirPath)
 	if err != nil {
-		// It's valid for a specific resource directory not to exist. It's just
-		// that if it does exist, it must follow specific rules.
+		// It's valid for a specific resource directory not to exist. It's just that if it does exist, it must follow specific rules.
 		if !errors.Is(err, os.ErrNotExist) {
-			errs = append(errs, addFilePathToError(dirPath, err))
+			return []error{addFilePathToError(dirPath, err)}
 		}
-		return errs
 	}
 
 	if !subDir.IsDir() {
-		errs = append(errs, xerrors.Errorf("%q: path is not a directory", dirPath))
-		return errs
+		return []error{xerrors.Errorf("%q: path is not a directory", dirPath)}
 	}
 
 	files, err := os.ReadDir(dirPath)
 	if err != nil {
-		errs = append(errs, addFilePathToError(dirPath, err))
-		return errs
+		return []error{addFilePathToError(dirPath, err)}
 	}
+
+	errs := []error{}
 	for _, f := range files {
-		// The .coder subdirectories are sometimes generated as part of Bun
-		// tests. These subdirectories will never be committed to the repo, but
-		// in the off chance that they don't get cleaned up properly, we want to
-		// skip over them.
+		// The .coder subdirectories are sometimes generated as part of Bun tests. These subdirectories will never be
+		// committed to the repo, but in the off chance that they don't get cleaned up properly, we want to skip over them.
 		if !f.IsDir() || f.Name() == ".coder" {
 			continue
 		}
 
 		resourceReadmePath := path.Join(dirPath, f.Name(), "README.md")
-		_, err := os.Stat(resourceReadmePath)
-		if err != nil {
+		if _, err := os.Stat(resourceReadmePath); err != nil {
 			if errors.Is(err, os.ErrNotExist) {
 				errs = append(errs, xerrors.Errorf("%q: 'README.md' does not exist", resourceReadmePath))
 			} else {
@@ -55,8 +48,7 @@ func validateCoderResourceSubdirectory(dirPath string) []error {
 		}
 
 		mainTerraformPath := path.Join(dirPath, f.Name(), "main.tf")
-		_, err = os.Stat(mainTerraformPath)
-		if err != nil {
+		if _, err := os.Stat(mainTerraformPath); err != nil {
 			if errors.Is(err, os.ErrNotExist) {
 				errs = append(errs, xerrors.Errorf("%q: 'main.tf' file does not exist", mainTerraformPath))
 			} else {
@@ -64,7 +56,6 @@ func validateCoderResourceSubdirectory(dirPath string) []error {
 			}
 		}
 	}
-
 	return errs
 }
 
@@ -83,8 +74,7 @@ func validateRegistryDirectory() []error {
 		}
 
 		contributorReadmePath := path.Join(dirPath, "README.md")
-		_, err := os.Stat(contributorReadmePath)
-		if err != nil {
+		if _, err := os.Stat(contributorReadmePath); err != nil {
 			allErrs = append(allErrs, err)
 		}
 
@@ -95,8 +85,7 @@ func validateRegistryDirectory() []error {
 		}
 
 		for _, f := range files {
-			// Todo: Decide if there's anything more formal that we want to
-			// ensure about non-directories scoped to user namespaces.
+			// TODO: Decide if there's anything more formal that we want to ensure about non-directories scoped to user namespaces.
 			if !f.IsDir() {
 				continue
 			}
@@ -110,8 +99,7 @@ func validateRegistryDirectory() []error {
 			}
 
 			if slices.Contains(supportedResourceTypes, segment) {
-				errs := validateCoderResourceSubdirectory(filePath)
-				if len(errs) != 0 {
+				if errs := validateCoderResourceSubdirectory(filePath); len(errs) != 0 {
 					allErrs = append(allErrs, errs...)
 				}
 			}
@@ -122,20 +110,19 @@ func validateRegistryDirectory() []error {
 }
 
 func validateRepoStructure() error {
-	var problems []error
-	if errs := validateRegistryDirectory(); len(errs) != 0 {
-		problems = append(problems, errs...)
+	var errs []error
+	if vrdErrs := validateRegistryDirectory(); len(vrdErrs) != 0 {
+		errs = append(errs, vrdErrs...)
 	}
 
-	_, err := os.Stat("./.icons")
-	if err != nil {
-		problems = append(problems, xerrors.New("missing top-level .icons directory (used for storing reusable Coder resource icons)"))
+	if _, err := os.Stat("./.icons"); err != nil {
+		errs = append(errs, xerrors.New("missing top-level .icons directory (used for storing reusable Coder resource icons)"))
 	}
 
-	if len(problems) != 0 {
+	if len(errs) != 0 {
 		return validationPhaseError{
-			phase:  validationPhaseFileStructureValidation,
-			errors: problems,
+			phase:  validationPhaseStructure,
+			errors: errs,
 		}
 	}
 	return nil

go.mod

@@ -20,7 +20,7 @@ require (
 	github.com/rivo/uniseg v0.4.4 // indirect
 	go.opentelemetry.io/otel v1.16.0 // indirect
 	go.opentelemetry.io/otel/trace v1.16.0 // indirect
-	golang.org/x/crypto v0.35.0 // indirect
-	golang.org/x/sys v0.30.0 // indirect
-	golang.org/x/term v0.29.0 // indirect
+	golang.org/x/crypto v0.11.0 // indirect
+	golang.org/x/sys v0.10.0 // indirect
+	golang.org/x/term v0.10.0 // indirect
 )

go.sum

@@ -51,17 +51,17 @@ go.opentelemetry.io/otel/sdk v1.16.0 h1:Z1Ok1YsijYL0CSJpHt4cS3wDDh7p572grzNrBMiM
 go.opentelemetry.io/otel/sdk v1.16.0/go.mod h1:tMsIuKXuuIWPBAOrH+eHtvhTL+SntFtXF9QD68aP6p4=
 go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs=
 go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0=
-golang.org/x/crypto v0.35.0 h1:b15kiHdrGCHrP6LvwaQ3c03kgNhhiMgvlhxHQhmg2Xs=
-golang.org/x/crypto v0.35.0/go.mod h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ=
-golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
-golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
+golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA=
+golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio=
+golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50=
+golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
-golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU=
-golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s=
-golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
-golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
+golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
+golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c=
+golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o=
+golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4=
+golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da h1:noIWHXmPHxILtqtCOPIhSt0ABwskkZKjD3bXGnZGpNY=
 golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90=
 google.golang.org/genproto v0.0.0-20230726155614-23370e0ffb3e h1:xIXmWJ303kJCuogpj0bHq+dcjcZHU+XFyc1I0Yl9cRg=

registry/coder/modules/claude-code/README.md

@@ -14,7 +14,7 @@ Run the [Claude Code](https://docs.anthropic.com/en/docs/agents-and-tools/claude
 ```tf
 module "claude-code" {
   source              = "registry.coder.com/coder/claude-code/coder"
-  version             = "1.3.0"
+  version             = "1.3.1"
   agent_id            = coder_agent.example.id
   folder              = "/home/coder"
   install_claude_code = true
@@ -88,7 +88,7 @@ resource "coder_agent" "main" {
 module "claude-code" {
   count               = data.coder_workspace.me.start_count
   source              = "registry.coder.com/coder/claude-code/coder"
-  version             = "1.1.0"
+  version             = "1.3.1"
   agent_id            = coder_agent.example.id
   folder              = "/home/coder"
   install_claude_code = true
@@ -107,7 +107,7 @@ Run Claude Code as a standalone app in your workspace. This will install Claude
 ```tf
 module "claude-code" {
   source              = "registry.coder.com/coder/claude-code/coder"
-  version             = "1.3.0"
+  version             = "1.3.1"
   agent_id            = coder_agent.example.id
   folder              = "/home/coder"
   install_claude_code = true

registry/coder/modules/claude-code/main.tf

@@ -131,6 +131,11 @@ resource "coder_script" "claude_code" {
       npm install -g @anthropic-ai/claude-code@${var.claude_code_version}
     fi
 
+    if [ "${var.experiment_report_tasks}" = "true" ]; then
+      echo "Configuring Claude Code to report tasks via Coder MCP..."
+      coder exp mcp configure claude-code ${var.folder}
+    fi
+
     # Run post-install script if provided
     if [ -n "${local.encoded_post_install_script}" ]; then
       echo "Running post-install script..."
@@ -139,11 +144,6 @@ resource "coder_script" "claude_code" {
       /tmp/post_install.sh
     fi
 
-    if [ "${var.experiment_report_tasks}" = "true" ]; then
-      echo "Configuring Claude Code to report tasks via Coder MCP..."
-      coder exp mcp configure claude-code ${var.folder}
-    fi
-
     # Handle terminal multiplexer selection (tmux or screen)
     if [ "${var.experiment_use_tmux}" = "true" ] && [ "${var.experiment_use_screen}" = "true" ]; then
       echo "Error: Both experiment_use_tmux and experiment_use_screen cannot be true simultaneously."
@@ -167,14 +167,8 @@ resource "coder_script" "claude_code" {
       export LC_ALL=en_US.UTF-8
 
       # Create a new tmux session in detached mode
-      tmux new-session -d -s claude-code -c ${var.folder} "claude --dangerously-skip-permissions"
+      tmux new-session -d -s claude-code -c ${var.folder} "claude --dangerously-skip-permissions \"$CODER_MCP_CLAUDE_TASK_PROMPT\""
 
-      # Send the prompt to the tmux session if needed
-      if [ -n "$CODER_MCP_CLAUDE_TASK_PROMPT" ]; then
-        tmux send-keys -t claude-code "$CODER_MCP_CLAUDE_TASK_PROMPT"
-        sleep 5
-        tmux send-keys -t claude-code Enter
-      fi
     fi
 
     # Run with screen if enabled
@@ -209,15 +203,9 @@ resource "coder_script" "claude_code" {
 
       screen -U -dmS claude-code bash -c '
         cd ${var.folder}
-        claude --dangerously-skip-permissions | tee -a "$HOME/.claude-code.log"
+        claude --dangerously-skip-permissions "$CODER_MCP_CLAUDE_TASK_PROMPT" | tee -a "$HOME/.claude-code.log"
         exec bash
       '
-      # Extremely hacky way to send the prompt to the screen session
-      # This will be fixed in the future, but `claude` was not sending MCP
-      # tasks when an initial prompt is provided.
-      screen -S claude-code -X stuff "$CODER_MCP_CLAUDE_TASK_PROMPT"
-      sleep 5
-      screen -S claude-code -X stuff "^M"
     else
       # Check if claude is installed before running
       if ! command_exists claude; then