Since this repo uses Arcade, it made sense to use the already available YAML template for running SBOM. The issue was that this repo's CI pipeline is a GUI-based pipeline. Meaning, it could not utilize the YAML template. You need a YAML pipeline to use the YAML template.
To fix this, I've created a YAML pipeline for this repo. This will be the pipeline used going forward to create our signed builds. I got the signage approval and added our publishing variable group to this pipeline. Then, I've added the SBOM template after the build step in the YAML. Other than adding the use of the SBOM template, this pipeline does the same thing as the old GUI pipeline. I've set up the build trigger for this new pipeline, so the old pipeline will no longer run automatically.
See full details on SBOM here: https://github.com/dotnet/project-system/pull/7955 Related service ticket: https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1529424
Since this repo uses Arcade, it made sense to use the already available YAML template for running SBOM. The issue was that this repo's CI pipeline is a GUI-based pipeline. Meaning, it could not utilize the YAML template. You need a YAML pipeline to use the YAML template.
To fix this, I've created a YAML pipeline for this repo. This will be the pipeline used going forward to create our signed builds. I got the signage approval and added our publishing variable group to this pipeline. Then, I've added the SBOM template after the build step in the YAML. Other than adding the use of the SBOM template, this pipeline does the same thing as the old GUI pipeline. I've set up the build trigger for this new pipeline, so the old pipeline will no longer run automatically.
Successful build from the new pipeline: https://devdiv.visualstudio.com/DevDiv/_build/results?buildId=6184250&view=results