From 4c2e764d5feedb0babd512eabc71ee0e313623d2 Mon Sep 17 00:00:00 2001
From: Mike Bond <mjbond-msft@outlook.com>
Date: Tue, 1 Feb 2022 08:53:03 -0800
Subject: [PATCH] Generate Software Bill of Materials (SBOM) manifest (#265)

---
 build-pipeline.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/build-pipeline.yml b/build-pipeline.yml
index ccb22e2e..3902f9cf 100644
--- a/build-pipeline.yml
+++ b/build-pipeline.yml
@@ -69,6 +69,7 @@ variables:
 jobs:
 - job: Build
   pool:
+    name: 'Azure Pipelines'
     vmImage: windows-2019   # https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/hosted?view=azure-devops&tabs=yaml
     demands:
     - msbuild
@@ -235,3 +236,11 @@ jobs:
     condition: eq(variables['Build.HasSymbols'], 'True')
 
 - template: automation/jobs/compliance.yml
+
+- template: compliance/sbom/job.yml@templates          # Software Bill of Materials (SBOM): https://eng.ms/docs/cloud-ai-platform/devdiv/one-engineering-system-1es/1es-docs/secure-supply-chain/ado-sbom-generator
+  parameters:
+    packageName: 'Debugger VS'
+    packageFilter: '*.vsix'
+    regexPackageVersion: '(?i)^Mono.Debugging.VisualStudio\.(?<version>\d+\.\d+\.\d+).vsix$'
+    GitHub.Token: $(GitHub.Token)
+    dependsOn: Build