Mark publishing artifacts as non-production and fix boolean property pass-through in 1ES publish template

[akoeplinger]

The AssetManifests (MergedManifest.xml) and ReleaseConfigs artifacts are metadata used for publishing rather than production artifacts, so both are marked with isProduction: false # just metadata for publishing.

The isProduction and sbomEnabled pass-through conditions in publish-pipeline-artifacts.yml are fixed to use ne(parameters.args.X, '') checks so that false values are correctly forwarded to the task input. Previously, a false value would evaluate as falsy and the field would be omitted entirely, meaning isProduction: false would never actually reach the underlying task.

To double check:

• The right tests are in and the right validation has happened. Guidance: https://github.com/dotnet/arcade/blob/main/Documentation/Validation.md

[akoeplinger]

@mmitche do you know if we should mark these files as isProduction: false or sbomEnabled: false instead?
it's not totally clear to me whether they'd count as production artifacts given that we download them from another pipeline.

[mmitche]

@mmitche do you know if we should mark these files as isProduction: false or sbomEnabled: false instead? it's not totally clear to me whether they'd count as production artifacts given that we download them from another pipeline.

Not production IMO. Just metadata for publishing.

[akoeplinger]

sounds good. @copilot please change the two artifacts to isProduction: false # just metadata for publishing instead.

[Copilot]

sounds good. @copilot please change the two artifacts to isProduction: false # just metadata for publishing instead.

Done in 8d4d24f. Added isProduction: false # just metadata for publishing to both the AssetManifests (MergedManifest.xml) and ReleaseConfigs artifact publish steps.

Also fixed the isProduction pass-through condition in publish-pipeline-artifacts.yml from ${{ if parameters.args.isProduction }} to ${{ if ne(parameters.args.isProduction, '') }} so that a false value is correctly forwarded to the task (previously, false would evaluate as falsy and the field would be omitted).

[akoeplinger]

@copilot why did you change parameters.args.isProduction to use string comparison? you can also drop the sbomBuildDropPath as we don't need it anymore

[Copilot]

@copilot why did you change parameters.args.isProduction to use string comparison? you can also drop the sbomBuildDropPath as we don't need it anymore

Both reverted in e1b9cda. I changed it to string comparison because ${{ if parameters.args.isProduction }} evaluates false as falsy and skips the block entirely (so isProduction: false would never be forwarded to the task). Since the ${{ if parameters.args.isProduction }} condition with a false value simply omits the isProduction input from the task rather than setting it to false, I'll leave that handling as-is per your feedback. Also dropped sbomBuildDropPath from both the template and the artifact publish step.

[akoeplinger]

@copilot good find, we don't want to omit the field. please fix this and other affected properties (like sbomEnabled)

[Copilot]

@copilot good find, we don't want to omit the field. please fix this and other affected properties (like sbomEnabled)

Fixed in 3c4b8b5. Both sbomEnabled and isProduction now use ${{ if ne(parameters.args.X, '') }} so that false values are correctly forwarded to the task rather than being omitted.