Create generic SLSA policies #926
Description
The policy rules in the slsa3 collection assume the SLSA Provenance was created for images built from a Tekton Pipeline.
This makes them not suitable for verifying images built on other build systems like GitLab and GitHub.
Acceptance Criteria
- It is possible to perform basic SLSA checks with EC on images built outside of Tekton.