From 8ec29354e1768aa34ac2531875ed0383405829b5 Mon Sep 17 00:00:00 2001
From: Fabrizio Gattuso <f.gattuso87@gmail.com>
Date: Thu, 23 Jan 2025 15:56:49 +0000
Subject: [PATCH] Add attestation guide

---
 .github/workflows/release.yaml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index cf47a33af..576fc09bf 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -54,7 +54,15 @@ jobs:
               owner: context.repo.owner,
               repo: context.repo.repo,
               release_id: context.payload.release.id,
-              body: `${context.payload.release.body}\n\n**Release Docker Image:** [https://${link}](https://${link})`
+              body: 
+                `
+                ${context.payload.release.body}
+                \n\n
+                **Release Docker Image:** [https://${link}](https://${link})
+                \n\n
+                You can verify the attestation using this [guide]
+                (https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds#verifying-artifact-attestations-with-the-github-cli).
+                `
             });
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file