feat: Add support for JUnit XML material type

docs/reference/operator/contract.mdx

@@ -48,7 +48,7 @@ A full example of a Workflow Contract looks like
 | Name       | Required | Default | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
 | ---------- | -------- | ------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | `name`     | yes      |         | unique identifier of the artifact                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
-| `type`     | yes      |         | <ul><li>`STRING` values will be injected in the attestation verbatim</li><li>`ARTIFACT` kinds will get uploaded to your OCI registry via the the built-in Content Addressable Storage proxy (CAS) and then referenced by their **content digest**</li><li>`CONTAINER_IMAGE` kinds will get resolved and referenced by **repository digest**</li><li>`SBOM_CYCLONEDX_JSON` or `SBOM_SPDX_JSON` will store and attach the Software Bill Of Materials (SBOM) to the attestation.</li></ul> |
+| `type`     | yes      |         | <ul><li>`STRING` values will be injected in the attestation verbatim</li><li>`ARTIFACT` kinds will get uploaded to your OCI registry via the the built-in Content Addressable Storage proxy (CAS) and then referenced by their **content digest**</li><li>`CONTAINER_IMAGE` kinds will get resolved and referenced by **repository digest**</li><li>`SBOM_CYCLONEDX_JSON` or `SBOM_SPDX_JSON` will store and attach the Software Bill Of Materials (SBOM) to the attestation.</li><li>`JUNIT_XML` will validate, store and attach the JUnit XML file to the attestation.</li></ul> |
 | `output`   | no       | `false` | If set to `true` the artifact will get injected in the `subject` section of the [in-toto statement](https://github.com/slsa-framework/slsa/blob/main/docs/attestation-model.md#overview).                                                                                                                                                                                                                                                                                               |
 | `optional` | no       | `false` | if set to `true`, providing this artifact during attestation will be optional. This is **useful for soft rollouts of new requirements**                                                                                                                                                                                                                                                                                                                                                 |