Improve styling, add explanation for screencasts, update verify cli script.

Signed-off-by: Fabian Kammel <fk@edgeless.systems>

docs/screencasts/README.md

@@ -34,12 +34,14 @@ There are three different locations were styling is applied:
 
 1. **The prompt** is styled using [ANSI escape codes](https://en.wikipedia.org/wiki/ANSI_escape_code).
 More explanation and the actual color codes can be found in [Dockerfile](docker/Dockerfile).
-2. **Font size and player dimensions** are passed to the [`AsciinemaWidget`](../src/components/AsciinemaWidget/index.js)
+2. **Player dimensions** are passed to the [`AsciinemaWidget`](../src/components/AsciinemaWidget/index.js)
 when it is [embedded in the docs](../docs/workflows/verify-cli.md#5). Check the `asciinema-player` for a
 [full list of options](https://github.com/asciinema/asciinema-player#options).
 3. **Everything else** is [styled via CSS](../src/css/custom.css). This includes the option to build a custom
 [player theme](https://github.com/asciinema/asciinema-player/wiki/Custom-terminal-themes).
 
+###
+
 ## GitHub README.md
 
 The GitHub `README.md` does not support embedding the `asciinema-player`, therefore we generate an

docs/screencasts/docker/verify-cli.expect

@@ -22,41 +22,26 @@ spawn asciinema rec --overwrite /recordings/verify-cli.cast
 send "\r"
 expect_prompt
 
-### Step 0: Requirements
-run_command "echo Step 0: Installing requirements"
+run_command "# Step 0: Installing SLSA verifier"
 expect_prompt
-run_command "go install github.com/sigstore/cosign/cmd/cosign@latest"
+run_command "curl -sLO https://github.com/slsa-framework/slsa-verifier/releases/latest/download/slsa-verifier-linux-amd64"
 expect_prompt
-run_command "go install github.com/sigstore/rekor/cmd/rekor-cli@latest"
+run_command "sudo install slsa-verifier-linux-amd64 /usr/local/bin/slsa-verifier"
 expect_prompt
 
-### Step 1: Download CLI
-run_command "echo Step 1: Download CLI and signature"
+run_command "# Step 1: Download Constellation and provenance file"
 expect_prompt
-run_command "curl -sLO https://github.com/edgelesssys/constellation/releases/download/v2.2.2/constellation-linux-amd64"
+run_command "curl -sLO https://github.com/edgelesssys/constellation/releases/latest/download/constellation-linux-amd64"
 expect_prompt
-run_command "curl -sLO https://github.com/edgelesssys/constellation/releases/download/v2.2.2/constellation-linux-amd64.sig"
+run_command "curl -sLO https://github.com/edgelesssys/constellation/releases/latest/download/constellation.intoto.jsonl"
 expect_prompt
 
-### Step 2: Verify the CLI using cosign
-run_command "echo Step 2: Verify the CLI using cosign and the public Rekor transparency log"
+run_command "# Step 2: Verify provenance"
 expect_prompt
-# run_command "COSIGN_EXPERIMENTAL=1 cosign verify-blob --key https://edgeless.systems/es.pub --signature constellation-linux-amd64.sig constellation-linux-amd64"
-run_command "COSIGN_EXPERIMENTAL=1 cosign verify-blob --key https://github.com/edgelesssys/constellation/releases/download/v2.2.2/cosign.pub --signature constellation-linux-amd64.sig constellation-linux-amd64"
+run_command "slsa-verifier verify-artifact constellation-linux-amd64 --provenance-path constellation.intoto.jsonl --source-uri github.com/edgelesssys/constellation"
 expect_prompt
 
-### Step 2b: Verify the CLI manually
-run_command "echo Optional Step 2b: Manually inspect the Rekor transparency log"
-expect_prompt
-run_command "rekor-cli search --artifact constellation-linux-amd64"
-expect -re "\n(\[a-f0-9]+)\r"
-set uuid '$expect_out(1,string)'
-expect_prompt
-run_command "rekor-cli get --uuid=$uuid"
-expect_prompt
-
-### Step 3: Install the CLI
-run_command "echo Step 4: Install the CLI"
+run_command "# Step 3: Install the CLI"
 expect_prompt
 run_command "sudo install constellation-linux-amd64 /usr/local/bin/constellation"
 expect_prompt