Add a post build stage

[sophia-guo]

Add sbom sign job in post build stage

Close #610

Depends on adoptium/temurin-build#3404

Signed-off-by: Sophia Guo [email protected]

[github-actions]

Thank you for creating a pull request!

Please check out the information below if you have not made a pull request here before (or if you need a reminder how things work).

Code Quality and Contributing Guidelines

If you have not done so already, please familiarise yourself with our Contributing Guidelines and Code Of Conduct, even if you have contributed before.

Tests

Github actions will run a set of jobs against your PR that will lint and unit test your changes. Keep an eye out for the results from these on the latest commit you submitted. For more information, please see our testing documentation.

In order to run the advanced pipeline tests (executing a set of mock pipelines), it requires an admin to post run tests on this PR.
If you are not an admin, please ask for one's attention in #infrastructure on Slack or ping one here.
To run full set of tests, use "run tests"; a subset of tests on specific jdk version, use "run tests quick 11,20"

[andrew-m-leonard]

So using a temporary generated key is fine for testing, but will need to use a secure GPG or similar Jenkins stored key ?

[sophia-guo]

Yes, it's for testing. Any final decision like what should we use for signing? @andrew-m-leonard

[github-actions]

A block has been put on this Pull Request as this repository is temporarily under a code freeze due to an ongoing release cycle.

If this pull request needs to be merged during the release cycle then please comment /merge and a PMC member will be able to remove the block.

If the code freeze is over you can remove this block by commenting /thaw.

[karianna]

/thaw

Pull Request unblocked - code freeze is over.

[smlambert]

This one is still in Draft, so I didn't review it yet. Is it ready for review and/or is in plan to bring in ahead of Jan release?