From 9fb092fdf3ff84d63e75a0b5441b8289cefe25c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rafa=C5=82=20Ku=C4=87?= <r.kuc@solr.pl>
Date: Tue, 15 Apr 2025 11:31:04 +0200
Subject: [PATCH] feat(examples) - example contract with container image, SLSA
 provenance and policy group for SLSA
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rafał Kuć <r.kuc@solr.pl>
---
 docs/examples/contracts/slsa/github.yaml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 docs/examples/contracts/slsa/github.yaml

diff --git a/docs/examples/contracts/slsa/github.yaml b/docs/examples/contracts/slsa/github.yaml
new file mode 100644
index 000000000..aead5fd6a
--- /dev/null
+++ b/docs/examples/contracts/slsa/github.yaml
@@ -0,0 +1,15 @@
+# Require a container image reference, SLSA provenance and include SLSA complicance verification
+schemaVersion: v1
+
+materials:
+  - type: CONTAINER_IMAGE
+    name: container
+  - type: SLSA_PROVENANCE
+    name: slsa-attestation
+
+policyGroups:
+  - ref: slsa-checks
+    with:
+      provenance_material_name: slsa-attestation
+      runner: GITHUB_ACTION
+      issuer: "GitHub"
\ No newline at end of file