git.stella-ops.org/docs/implplan/SPRINT_0208_0001_0001_sdk.md

Sprint 0208 · Experience & SDKs

Topic & Scope

• Build a reproducible SDK generator toolchain and shared post-processing layer that stays air-gap safe.
• Ship alpha SDKs (TypeScript, Python, Go, Java) aligned to portal APIs with consistent auth/telemetry helpers.
• Connect SDK outputs to CLI and Console data providers; package offline delivery bundles with provenance.
• Evidence: updated generator pipelines, release configs, and signed artifacts across npm/PyPI/Maven/Go proxies.
• Working directory: docs/implplan (planning) with execution in src/Sdk/StellaOps.Sdk.*.

Dependencies & Concurrency

• Upstream sprints: Sprint 120.A (AirGap), 130.A (Scanner), 150.A (Orchestrator), 170.A (Notifier) for API and events readiness.
• Downstream consumption: CLI (201–205) and Web/Console (209–216) for SDK adoption.
• Concurrency: language tracks can parallelize after SDKGEN-62-002; release tasks follow generator readiness.

Documentation Prerequisites

• docs/README.md; docs/07_HIGH_LEVEL_ARCHITECTURE.md; docs/modules/platform/architecture-overview.md.
• docs/modules/cli/architecture.md; docs/modules/ui/architecture.md.
• API/OAS governance specs referenced by APIG0101 and portal contracts (DEVL0101) once published.

Delivery Tracker

#	Task ID	Status	Key dependency / next step	Owners	Task Definition
1	SDKGEN-62-001	TODO	Select/pin generator toolchain; lock template pipeline; define reproducibility criteria.	SDK Generator Guild · src/Sdk/StellaOps.Sdk.Generator	Choose/pin generator toolchain, set up language template pipeline, and enforce reproducible builds.
2	SDKGEN-62-002	TODO	Blocked until 62-001 pins toolchain; design shared post-processing module.	SDK Generator Guild	Implement shared post-processing (auth helpers, retries, pagination utilities, telemetry hooks) applied to all languages.
3	SDKGEN-63-001	TODO	Needs 62-002 shared layer; align with TS packaging targets (ESM/CJS).	SDK Generator Guild	Ship TypeScript SDK alpha with ESM/CJS builds, typed errors, paginator, streaming helpers.
4	SDKGEN-63-002	TODO	Start after 63-001 API parity validated; finalize async patterns.	SDK Generator Guild	Ship Python SDK alpha (sync/async clients, type hints, upload/download helpers).
5	SDKGEN-63-003	TODO	Start after 63-002; ensure context-first API contract.	SDK Generator Guild	Ship Go SDK alpha with context-first API and streaming helpers.
6	SDKGEN-63-004	TODO	Start after 63-003; select Java HTTP client abstraction.	SDK Generator Guild	Ship Java SDK alpha (builder pattern, HTTP client abstraction).
7	SDKGEN-64-001	TODO	Depends on 63-004; map CLI surfaces to SDK calls.	SDK Generator Guild · CLI Guild	Switch CLI to consume TS or Go SDK; ensure parity.
8	SDKGEN-64-002	TODO	Depends on 64-001; define Console data provider contracts.	SDK Generator Guild · Console Guild	Integrate SDKs into Console data providers where feasible.
9	SDKREL-63-001	TODO	Set up signing keys/provenance; stage CI pipelines across registries.	SDK Release Guild · src/Sdk/StellaOps.Sdk.Release	Configure CI pipelines for npm, PyPI, Maven Central staging, and Go proxies with signing and provenance attestations.
10	SDKREL-63-002	TODO	Requires 63-001; connect OAS diff feed.	SDK Release Guild · API Governance Guild	Integrate changelog automation pulling from OAS diffs and generator metadata.
11	SDKREL-64-001	TODO	Wait for 63-002; design Notifications Studio channel scopes.	SDK Release Guild · Notifications Guild	Hook SDK releases into Notifications Studio with scoped announcements and RSS/Atom feeds.
12	SDKREL-64-002	TODO	Requires 64-001; define offline bundle manifest.	SDK Release Guild · Export Center Guild	Add devportal --offline bundle job packaging docs, specs, SDK artifacts for air-gapped users.

Wave Coordination

• Single wave covering generator and release work; language tracks branch after SDKGEN-62-002.

Wave Detail Snapshots

• Not yet scheduled; populate once language alpha drop dates are set.

Interlocks

• API governance inputs: APIG0101 outputs for stable schemas.
• Portal contracts: DEVL0101 for auth/session helpers.
• Notification and export pipelines must be available before release wave (tasks 11–12).

Upcoming Checkpoints

• TBD — schedule after SDKGEN-62-001 toolchain decision.

Action Tracker

#	Action	Owner	Due (UTC)	Status
1	Confirm registry signing keys and provenance workflow per language	SDK Release Guild	2025-11-29	Open
2	Publish SDK language support matrix to CLI/UI guilds	SDK Generator Guild	2025-12-03	Open

Decisions & Risks

• Dependencies on upstream API/portal contracts may delay generator pinning; mitigation: align with APIG0101 / DEVL0101 milestones.
• Release automation requires registry credentials and signing infra; mitigation: reuse sovereign crypto enablement (SPRINT_0514_0001_0001_sovereign_crypto_enablement.md) practices and block releases until keys are validated.
• Offline bundle job (SDKREL-64-002) depends on Export Center artifacts; track alongside Export Center sprints.

Risk Register

Risk	Impact	Mitigation	Owner	Status
Upstream APIs change after generator pin	Rework across four SDKs	Freeze spec version before SDKGEN-63-x; gate via API governance sign-off	SDK Generator Guild	Open
Registry signing not provisioned	Cannot ship to npm/PyPI/Maven/Go	Coordinate with sovereign crypto enablement; dry-run staging before prod	SDK Release Guild	Open
Offline bundle inputs unavailable	Air-gapped delivery slips	Pull docs/specs from devportal cache; coordinate with Export Center	SDK Release Guild	Open

Execution Log

Date (UTC)	Update	Owner
2025-11-22	Normalised sprint to standard template; renamed file to SPRINT_0208_0001_0001_sdk.md; no status changes.	PM