Add SBOM to nuget package (#80)

Author: adityapatwardhan

build.psm1

@@ -533,12 +533,7 @@ function Start-BuildPowerShellNativePackage
 
         [Parameter(Mandatory = $true)]
         [ValidateScript({Test-Path $_ -PathType Leaf})]
-        [string] $psrpZipPath,
-
-        [Parameter(Mandatory = $true)]
-        [string] $NuGetOutputPath,
-
-        [switch] $SkipCleanup = $false
+        [string] $psrpZipPath
     )
 
     if(-not (Test-Path $PackageRoot))
@@ -605,24 +600,32 @@ function Start-BuildPowerShellNativePackage
     Copy-Item $iconPath (Join-Path $PackageRoot -ChildPath $iconFileName) -Verbose
 
     $Nuspec -f $Version, $iconFileName | Out-File -FilePath (Join-Path $PackageRoot -ChildPath 'Microsoft.PowerShell.Native.nuspec') -Force
+}
 
-    if(-not (Test-Path $NuGetOutputPath))
-    {
-        $null = New-Item $NuGetOutputPath -Force -Verbose -ItemType Directory
-    }
+<#
+.SYNOPSIS
+ Pack the new nuget package from af folder.
+#>
+function New-NugetPackage {
+    param (
+        [Parameter(Mandatory)]
+        [string] $PackageRoot,
+
+        [Parameter(Mandatory)]
+        [string] $NuGetOutputPath
+    )
 
     try {
+        if (-not (Test-Path $NuGetOutputPath)) {
+            $null = New-Item $NuGetOutputPath -Force -Verbose -ItemType Directory
+        }
+
         Push-Location $PackageRoot
         nuget.exe pack . -OutputDirectory $NuGetOutputPath
     }
     finally {
         Pop-Location
     }
-
-    if(-not $SkipCleanup -and (Test-Path $tempExtractionPath))
-    {
-        Remove-Item $tempExtractionPath -Recurse -Force -ErrorAction SilentlyContinue
-    }
 }
 
 <#

tools/releaseBuild/yaml/nuget.yml

@@ -82,9 +82,23 @@ steps:
    $macOSZipPath = Join-Path "$(System.ArtifactsDirectory)/release" 'osx-symbols.zip'
    $psrpZipPath = Join-Path "$(System.ArtifactsDirectory)/release" 'psrp.zip'
 
-   Start-BuildPowerShellNativePackage -PackageRoot $PackageRoot -Version $(PackageVersion) -WindowsX64ZipPath  $WindowsX64ZipPath -WindowsX86ZipPath $WindowsX86ZipPath -WindowsARMZipPath $WindowsARMZipPath  -WindowsARM64ZipPath  $WindowsARM64ZipPath -LinuxZipPath $LinuxZipPath -LinuxARMZipPath  $LinuxARMZipPath -LinuxARM64ZipPath $LinuxARM64ZipPath -LinuxAlpineZipPath $LinuxAlpineZipPath -macOSZipPath $macOSZipPath -psrpZipPath $psrpZipPath -NuGetOutputPath $(NuGetPackagePath)
-
-  displayName: 'Build NuGet package'
+   Start-BuildPowerShellNativePackage -PackageRoot $PackageRoot -Version $(PackageVersion) -WindowsX64ZipPath  $WindowsX64ZipPath -WindowsX86ZipPath $WindowsX86ZipPath -WindowsARMZipPath $WindowsARMZipPath  -WindowsARM64ZipPath  $WindowsARM64ZipPath -LinuxZipPath $LinuxZipPath -LinuxARMZipPath  $LinuxARMZipPath -LinuxARM64ZipPath $LinuxARM64ZipPath -LinuxAlpineZipPath $LinuxAlpineZipPath -macOSZipPath $macOSZipPath -psrpZipPath $psrpZipPath
+
+  displayName: 'Collate NuGet package structure'
+
+- ${{ if ne(variables['SkipSigning'], 'True') }}:
+  - template: Sbom.yml@ComplianceRepo
+    parameters:
+      BuildDropPath: '$(System.ArtifactsDirectory)\NugetPackage'
+      Build_Repository_Uri: https://github.com/PowerShell/PowerShell-Native
+      PackageName: Microsoft.PowerShell.Native
+      PackageVersion: $(PackageVersion)
+
+- pwsh: |
+    Import-Module $(Build.SourcesDirectory)\build.psm1
+    $PackageRoot = "$(System.ArtifactsDirectory)\NugetPackage"
+    New-NugetPackage -PackageRoot $PackageRoot -NuGetOutputPath $(NuGetPackagePath)
+  displayName: Build NuGet package
 
 - powershell: 'Get-Childitem $(NuGetPackagePath)'
   displayName: 'Capture nuget package'