docs: add current SLSA status

[ktusawrk]

Added the description of the current Ghaf CI/CD SLSA level status into new 'Current Ghaf SLSA Status' paragraph. Split long lines into several shorter lines for easier editing, no impact to web page rendering.

Type of Change

• New Feature
• Bug Fix
• Improvement / Refactor

Related Issues / Tickets

Checklist

• Clear summary in PR description
• Detailed and meaningful commit message(s)
• [] Commits are logically organized and squashed if appropriate
• [X ] Contribution guidelines followed
• Ghaf documentation updated with the commit - https://tiiuae.github.io/ghaf/
• Author has run make-checks and it passes
• All automatic GitHub Action checks pass - see actions
• Author has added reviewers and removed PR draft status

Testing Instructions

Applicable Targets

• Orin AGX aarch64
• Orin NX aarch64
• Lenovo X1 x86_64
• Dell Latitude x86_64
• System 76 x86_64

Installation Method

• Requires full re-installation
• Can be updated with nixos-rebuild ... switch
• Other:

Test Steps To Verify:

1. Check out ghaf
2. nix build .#doc
3. cd result
4. Start a local http server, for example "python3 -m http.server 8080"
5. Open http://localhost:8080/ in browser

[vunnyso]

Git commits can be squashed into one.

[ktusawrk]

@vunnyso Squashed

[vunnyso]

@vunnyso Squashed

Thanks @ktusawrk!

[cazfi]

Maybe clarify "Ghaf archive" -> "Ghaf archive site". For a moment I were confused by the idea that this sentence talks about the ghaf tarball.

[cazfi]

To make it absolute clear clarify that "signature verification" is that of the binary image itself ("its" is sufficient), not the provenance signature verification that earlier paragraphs talk about.