aaron-prindle
commented
8 months ago Analysis on tektoncd/chains usage as a client library externally. The below methods are those that are relied on for client library external usage to be considered/hopefully-kept-available when limiting client libraries:
"github.com/tektoncd/chains/pkg/chains/formats/formats”
- formats.GetPayloader
- formats.PayloadTypeSlsav2alpha3
"github.com/tektoncd/chains/pkg/chains/objects/objects"
- objects.TektonObject
- objects.NewPipelineRunObjectV1
- objects.NewTaskRunObjectV1
"github.com/tektoncd/chains/pkg/config/config"
- config.Config
- config.BuilderConfig
- config.ArtifactConfig
- config.BuildDefinitionConfig
"github.com/tektoncd/chains/pkg/chains/formats/slsa/extract/extract"
- extract.RetrieveAllArtifactURIs
"github.com/tektoncd/chains/pkg/chains/formats/slsa/v2alpha3/v2alpha3"
- Imported as underscore “_” for side-effects:
This issue tracks the work required to limit tektoncd/chains usage as a client library. Currently some methods/structs are exposed to users that we don't want to be public (eg: don't want them to depend-on/use). Work required is likely a refactor to make some currently public methods, interfaces, structs, etc. private