Add documentation on fetching Knative supply-chain security attestations

[evankanderson]

Adds documentation on how to consume Knative supply chain attestations. Captures discussion from this comment, where they are unlikely otherwise to be found.

Proposed Changes

• Adds initial security documentation, focused on supply chain security. Future security configuration documents should probably be added to the same location.

[netlify]

✅ Deploy Preview for knative ready!

Built without sensitive environment variables

Name	Link
🔨 Latest commit	824841b
🔍 Latest deploy log	https://app.netlify.com/sites/knative/deploys/6785e9f36ea3850008b11a07
😎 Deploy Preview	https://deploy-preview-6193--knative.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[netlify]

✅ Deploy Preview for knative ready!

Built without sensitive environment variables

Name	Link
🔨 Latest commit	766dc5a
🔍 Latest deploy log	https://app.netlify.com/sites/knative/deploys/6785eec7c9b9e90008f1a9ac
😎 Deploy Preview	https://deploy-preview-6193--knative.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[dprotaso]

/lgtm
/approve
/cc @davidhadas for any follow up

[knative-prow]

@dprotaso: GitHub didn't allow me to request PR reviews from the following users: for, follow, up.

Note that only knative members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

/lgtm
/approve
/cc @davidhadas for any follow up

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[knative-prow]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dprotaso, evankanderson

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [dprotaso,evankanderson]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[dprotaso]

/cherry-pick release-1.16

[knative-prow-robot]

@dprotaso: once the present PR merges, I will cherry-pick it on top of release-1.16 in a new PR and assign it to you.

In response to this:

/cherry-pick release-1.16

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[knative-prow-robot]

@dprotaso: new pull request created: #6195

In response to this:

/cherry-pick release-1.16

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[dprotaso]

hey @evankanderson do you recommend we remove this section https://knative.dev/docs/install/yaml-install/serving/install-serving-with-yaml/#verifying-image-signatures and link to your new page?

If not then are the steps still relevant/up-to-date?

[evankanderson]

Good idea, I'll send a follow-up PR. I also want to revise some of the security documentation to give some more holistic guidance.