From 52755903804d389c33817921d4d7fa9cec30efa2 Mon Sep 17 00:00:00 2001
From: Joe Stuart <jstuart@redhat.com>
Date: Sun, 17 Sep 2023 09:33:14 -0500
Subject: [PATCH] document buildType config for slsa/v2alpha2 format. This is
 documentation for https://github.com/tektoncd/chains/pull/895

---
 docs/config.md | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/docs/config.md b/docs/config.md
index 70afaf76f1..7daf89cc73 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -51,7 +51,7 @@ Supported keys include:
 
 | Key | Description | Supported Values | Default |
 | :--- | :--- | :--- | :--- |
-| `artifacts.taskrun.format` | The format to store `TaskRun` payloads in. | `in-toto`, `slsa/v1` | `in-toto` |
+| `artifacts.taskrun.format` | The format to store `TaskRun` payloads in. | `in-toto`, `slsa/v1`, `slsa/v2alpha2` | `in-toto` |
 | `artifacts.taskrun.storage` | The storage backend to store `TaskRun` signatures in. Multiple backends can be specified with comma-separated list ("tekton,oci"). To disable the `TaskRun` artifact input an empty string ("").  | `tekton`, `oci`, `gcs`, `docdb`, `grafeas` | `tekton` |
 | `artifacts.taskrun.signer` | The signature backend to sign `TaskRun` payloads with. | `x509`, `kms` | `x509` |
 
@@ -61,7 +61,7 @@ Supported keys include:
 
 | Key | Description | Supported Values | Default |
 | :--- | :--- | :--- | :--- |
-| `artifacts.pipelinerun.format` | The format to store `PipelineRun` payloads in. | `in-toto`, `slsa/v1`| `in-toto` |
+| `artifacts.pipelinerun.format` | The format to store `PipelineRun` payloads in. | `in-toto`, `slsa/v1`, `slsa/v2alpha2`| `in-toto` |
 | `artifacts.pipelinerun.storage` | The storage backend to store `PipelineRun` signatures in. Multiple backends can be specified with comma-separated list ("tekton,oci"). To disable the `PipelineRun` artifact input an empty string ("").  | `tekton`, `oci`, `gcs`, `docdb`, `grafeas` | `tekton` |
 | `artifacts.pipelinerun.signer` | The signature backend to sign `PipelineRun` payloads with. | `x509`, `kms` | `x509` |
 | `artifacts.pipelinerun.enable-deep-inspection` | This boolean option will configure whether Chains should inspect child taskruns in order to capture inputs/outputs within a pipelinerun. `"false"` means that Chains only checks pipeline level results, whereas `"true"` means Chains inspects both pipeline level and task level results. | `"true"`, `"false"` | `"false"` | 
@@ -112,7 +112,14 @@ You can read more about Grafeas notes and occurrences [here](https://github.com/
 | Key | Description | Supported Values | Default |
 | :--- | :--- | :--- | :--- |
 | `builder.id` | The builder ID to set for in-toto attestations | | `https://tekton.dev/chains/v2`|
-
+| `builddefinition.buildtype` | The buildType for in-toto attestations | `https://tekton.dev/chains/v2/slsa`, `https://tekton.dev/chains/v2/slsa-tekton` | `https://tekton.dev/chains/v2/slsa`|
+
+> NOTE:
+> Considerations for the builddefinition.buildtype parameter:
+> * It is only valid for slsa/v2alpha2 configurations (see TaskRun or PipelineRun configuration). 
+> * The parameter can take one of two values:
+>   * https://tekton.dev/chains/v2/slsa: This buildType strictly conforms to the slsav1.0 spec.
+>   * https://tekton.dev/chains/v2/slsa-tekton: This buildType also conforms to the slsav1.0 spec, but adds additional informaton specific to Tekton. This information includes the PipelinRun/TaskRun labels and annotations as internalParameters. It also includes capturing each pipeline task in a PipelinRun under resolvedDependencies.
 ### Sigstore Features Configuration
 
 #### Transparency Log