WS4

Author: tzanko-matev

.github/ISSUE_TEMPLATE/recorder-release.yml

@@ -0,0 +1,52 @@
+name: Recorder Release Tracker
+description: Plan, execute, and verify a codetracer-python-recorder release
+title: "Release: codetracer-python-recorder vX.Y.Z"
+labels: ["release", "codetracer-python-recorder"]
+body:
+  - type: markdown
+    attributes:
+      value: >
+        Use this issue to coordinate a release of `codetracer-python-recorder`.
+        Follow the release checklist in `design-docs/codetracer-python-recorder-pypi-release-checklist.md`
+        and record progress below.
+  - type: input
+    id: version
+    attributes:
+      label: Target version
+      description: The version you plan to publish (e.g., 0.2.0)
+      placeholder: 0.2.0
+    validations:
+      required: true
+  - type: textarea
+    id: planning
+    attributes:
+      label: Pre-release planning notes
+      description: Capture any blockers, feature highlights, or coordination tasks.
+      placeholder: >
+        - Pending PRs
+        - Docs to update
+        - Coordination with downstream teams
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Checklist
+      description: >
+        Tick each item as you complete the steps in the release checklist.
+        Reference links or PRs next to each item where useful.
+      options:
+        - label: Changelog updated and version bumped (pyproject.toml / Cargo.toml)
+        - label: Local validation complete (`just test`, `just smoke-wheel`)
+        - label: Annotated tag pushed (`recorder-vX.Y.Z`)
+        - label: TestPyPI workflow run passed and smoke install verified
+        - label: PyPI promotion approved and workflow completed
+        - label: Post-release validation on Linux, macOS, Windows (3.12 / 3.13)
+        - label: Release notes published and stakeholders notified
+  - type: textarea
+    id: retrospective
+    attributes:
+      label: Post-release notes
+      description: >
+        Document any follow-up work, incidents, or improvements spotted during the release.
+      placeholder: >
+        - Follow-up issue: ...
+        - Automation improvement: ...

codetracer-python-recorder/CHANGELOG.md

@@ -0,0 +1,19 @@
+# Changelog
+
+All notable changes to `codetracer-python-recorder` will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/)
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.1.0] - 2025-10-13
+
+### Added
+- Initial public release of the Rust-backed recorder with PyO3 bindings.
+- Python façade (`codetracer_python_recorder`) exposing `start`, `stop`, `trace`,
+  and CLI entry point (`python -m codetracer_python_recorder`).
+- Support for generating `trace_metadata.json` and `trace_paths.json`
+  artefacts compatible with the Codetracer db-backend importer.
+- Cross-platform packaging definition targeting CPython 3.12 and 3.13 on
+  Linux (manylinux2014 `x86_64`/`aarch64`), macOS universal2, and Windows `amd64`.
+
+[0.1.0]: https://github.com/metacraft-labs/cpr-main/releases/tag/recorder-v0.1.0

design-docs/codetracer-python-recorder-pypi-release-checklist.md

@@ -7,21 +7,23 @@
    - Bump the version in both `codetracer-python-recorder/pyproject.toml` and `codetracer-python-recorder/Cargo.toml`.
    - Run `python scripts/check_recorder_version.py` to confirm parity.
    - Regenerate or update documentation if required (`README.md`, API docs).
+   - Add a changelog entry in `codetracer-python-recorder/CHANGELOG.md` summarising the release.
 3. **Validate locally**
    - Execute `just venv 3.12 dev` (or preferred interpreter) and run `just test`.
    - Build wheels and sdist (`just build` or `maturin build --release --sdist`) and perform a smoke install in a clean virtualenv (`python -m pip install dist/*.whl` and run `python -m codetracer_python_recorder --help`).
 4. **Prepare the release tag**
-   - Commit changes following Conventional Commits.
-   - Tag the release with `git tag -a recorder-vX.Y.Z -m "codetracer-python-recorder vX.Y.Z"` and push (`git push origin recorder-vX.Y.Z`).
+   - Commit changes following Conventional Commits (`feat:`/`fix:` etc.).
+   - Run `git tag -a recorder-vX.Y.Z -m "codetracer-python-recorder vX.Y.Z"` and push with `git push origin recorder-vX.Y.Z`.
+   - If a dry run is required, trigger `workflow_dispatch` on the release workflow with the desired tag before creating it.
 5. **Trigger CI publishing**
    - Monitor the `recorder-release` workflow.
    - Verify that TestPyPI publishing succeeds and smoke tests pass on all platforms.
 6. **Promote to PyPI**
    - Approve the protected “Promote to PyPI” environment to publish the previously built artefacts.
    - Confirm the workflow completes without errors.
 7. **Post-release tasks**
-   - Validate installation directly from PyPI on Linux, macOS, and Windows for Python 3.12 and 3.13.
-   - Publish release notes (GitHub Release) and notify stakeholders.
+   - Validate installation directly from PyPI on Linux, macOS, and Windows for Python 3.12 and 3.13 (`pip install codetracer-python-recorder && python -m codetracer_python_recorder --help`).
+   - Publish or update release notes on GitHub (linking to `CHANGELOG.md`) and notify stakeholders.
    - Create follow-up issues for any tasks deferred from the release.
 
 Refer to the Python Packaging User Guide packaging flow (<https://packaging.python.org/en/latest/flow/>)

design-docs/codetracer-python-recorder-pypi-release-implementation-plan.status.md

@@ -17,5 +17,11 @@
 - ✅ Integrated artefact collection plus a TestPyPI smoke install that exercises the CLI before invoking Trusted Publishing-friendly uploads.
 - ✅ Added a guarded PyPI promotion job that reuses the staged artefacts and requires environment approval prior to publishing.
 
+## Workstream 4 – Operational readiness & documentation
+- ✅ Created `codetracer-python-recorder/CHANGELOG.md` and wired the release checklist to keep it current.
+- ✅ Expanded the release checklist with explicit tagging commands and cross-platform post-release validation steps.
+- ✅ Added a GitHub issue template (`.github/ISSUE_TEMPLATE/recorder-release.yml`) to coordinate future releases using the documented checklist.
+- ✅ Documented operational procedures and Trusted Publishing details in `design-docs/codetracer-python-recorder-release-operations.md`.
+
 ## Next Tasks
 - First tagged release should monitor the new workflow end-to-end and capture any follow-up improvements in the release tracker issue.

design-docs/codetracer-python-recorder-release-operations.md

@@ -0,0 +1,66 @@
+# `codetracer-python-recorder` Release Operations
+
+This note supplements the release checklist with details about the automated workflow,
+Trusted Publishing setup, and manual approvals required to promote artefacts from
+TestPyPI to PyPI.
+
+## GitHub Actions workflow
+
+- Workflow file: `.github/workflows/recorder-release.yml`.
+- Triggers:
+  - `workflow_dispatch` – run a staged release without creating a tag. Supply the
+    target ref (branch/tag) and monitor the jobs; artefacts are still produced but
+    PyPI promotion is skipped unless the ref is a tagged release.
+  - `push` to tags matching `recorder-v*`.
+- Job sequence:
+  1. `verify` (ubuntu) – prepares the dev environment via Nix, runs `just test`,
+     and confirms Python/Rust version parity.
+  2. `build` matrix (linux-x86_64, linux-aarch64, macos-universal2, windows-amd64) –
+     uses maturin to build wheels (and the sdist on linux-x86_64) and uploads artefacts.
+  3. `publish-testpypi` – aggregates artefacts, performs a Linux smoke install using
+     `scripts/select_recorder_artifact.py`, then publishes to TestPyPI.
+  4. `publish-pypi` – gated behind the protected environment. Runs only for tag pushes
+     after manual approval, reusing artefacts from earlier jobs.
+
+## Trusted Publishing configuration
+
+- TestPyPI and PyPI both list `metacraft-labs/cpr-main` as a Trusted Publisher.
+- The workflow requests OIDC tokens automatically; no API tokens are stored in secrets.
+- GitHub environments:
+  - `testpypi` – no approval required; used to track audit logs and enforce environment
+    level variables if needed.
+  - `pypi-production` – requires manual approval by a Release Engineer before the
+    `publish-pypi` job starts. Approvers can approve directly from the workflow run UI.
+
+## Maintainer checklist highlights
+
+1. **Before dispatching the workflow**
+   - Update version numbers in `pyproject.toml` and `Cargo.toml`.
+   - Append a section to `codetracer-python-recorder/CHANGELOG.md`.
+   - Ensure `python3 scripts/check_recorder_version.py` succeeds.
+   - Optionally run `just smoke-wheel` locally.
+
+2. **Running the workflow**
+   - For dry runs (no tagging yet) use `workflow_dispatch` targeting the release branch.
+   - For real releases, push the annotated tag (`recorder-vX.Y.Z`). The workflow validates
+     the tag against the pyproject version.
+
+3. **Approvals**
+   - Watch the `publish-testpypi` job; ensure the smoke install step passes.
+   - Approve the `pypi-production` environment to trigger promotion. Include a note in the
+     approval dialog referencing the TestPyPI run result.
+
+4. **Post-release**
+   - Install from PyPI on Linux/macOS/Windows for Python 3.12 and 3.13
+     (`pip install codetracer-python-recorder && python -m codetracer_python_recorder --help`).
+   - Publish GitHub release notes that link back to the changelog entry.
+   - Close the release tracker issue once validation is complete.
+
+## Fallback procedure
+
+If the workflow cannot obtain an OIDC token (e.g., PyPI incidents):
+
+1. Temporarily disable the Trusted Publishing requirement in PyPI/TestPyPI.
+2. Configure a scoped API token as an environment secret and rerun the failed publish job.
+3. Re-enable Trusted Publishing immediately after resolving the incident.
+4. Document the incident in the release tracker issue.