Add SBOM template

Author: andyleejordan

.vsts-ci/templates/ci-general.yml

@@ -28,6 +28,15 @@ steps:
     archiveFile: PowerShellEditorServices-Build.zip
     verbose: true
 
+- task: ArchiveFiles@2
+  displayName: Zip sources for SBOM
+  inputs:
+    rootFolderOrFile: src
+    includeRootFolder: false
+    archiveType: zip
+    archiveFile: PowerShellEditorServices-Sources.zip
+    verbose: true
+
 - publish: PowerShellEditorServices-Build.zip
   artifact: PowerShellEditorServices-Build-$(System.JobId)
   displayName: Publish unsigned pipeline artifacts

.vsts-ci/templates/release-general.yml

@@ -48,6 +48,23 @@ steps:
       **/Serilog*.dll
       **/UnixConsoleEcho.dll
 
+# The SBOM generation requires our original sources with the `dotnet restore`
+# produced `project.assets.json` files.
+- task: ExtractFiles@1
+  displayName: Extract source artifacts
+  inputs:
+    archiveFilePatterns: $(Pipeline.Workspace)/PowerShellEditorServices-Build-*/PowerShellEditorServices-Sources.zip
+    destinationFolder: $(Pipeline.Workspace)/Sources
+    cleanDestinationFolder: true
+
+- template: Sbom.yml@ComplianceRepo
+  parameters:
+    BuildDropPath: $(Pipeline.Workspace)/ThirdPartySigned
+    Build_Repository_Uri: https://github.com/PowerShell/PowerShellEditorServices.git
+    packageName: PowerShellEditorServices
+    packageVersion: $(System.JobId)
+    sourceScanPath: $(Pipeline.Workspace)/Sources
+
 - task: ArchiveFiles@2
   displayName: Zip signed artifacts
   inputs: