add newlines for additional policy info

Signed-off-by: Meredith Lancaster <malancas@github.com>

pkg/cmd/attestation/verification/policy.go

@@ -56,25 +56,24 @@ func (c EnforcementCriteria) BuildPolicyInformation() string {
 The following policy criteria will be enforced against all attestations:
 - Attestation predicate type must match %s
 - Attestation must be signed by a certificate whose OIDC issuer matches %s
-- Attestation must be associated with an artifact built in an organization whose URI is %s
-`
+- Attestation must be associated with an artifact built in an organization whose URI is %s`
 
 	info := fmt.Sprintf(template, c.PredicateType, c.Certificate.Issuer, c.Certificate.SourceRepositoryOwnerURI)
 
 	if c.Certificate.SourceRepositoryURI != "" {
-		info += fmt.Sprintf("- Attestation must be associated with an artifact built in a repository whose URI is %s", c.Certificate.SourceRepositoryURI)
+		info += fmt.Sprintf("\n- Attestation must be associated with an artifact built in a repository whose URI is %s", c.Certificate.SourceRepositoryURI)
 	}
 
 	if c.Certificate.RunnerEnvironment == GitHubRunner {
-		info += "- Attestation must be signed by a certificate that was generated by a Action workflow executed in a GitHub hosted runner"
+		info += "\n- Attestation must be signed by a certificate that was generated by a Action workflow executed in a GitHub hosted runner"
 	}
 
 	if c.SANRegex != "" {
-		info += fmt.Sprintf("- Attestation must be signed by a certificate with a Subject Alternative Name matching the regex %s", c.SANRegex)
+		info += fmt.Sprintf("\n- Attestation must be signed by a certificate with a Subject Alternative Name matching the regex %s", c.SANRegex)
 	}
 
 	if c.SAN != "" {
-		info += fmt.Sprintf("- Attestation must be signed by a certificate with a Subject Alternative Name matching the exact value %s", c.SAN)
+		info += fmt.Sprintf("\n- Attestation must be signed by a certificate with a Subject Alternative Name matching the exact value %s", c.SAN)
 	}
 
 	return info