Generate SBOM (#2640)

Generate an SBOM for the build artifacts.

Author: martincostello

.github/workflows/build.yml

@@ -136,6 +136,14 @@ jobs:
         path: eng/signing
         if-no-files-found: error
 
+    - name: Generate SBOM
+      uses: anchore/sbom-action@e11c554f704a0b820cbf8c51673f6945e0731532 # v0.20.0
+      with:
+        artifact-name: build-${{ matrix.os_name }}.spdx.json
+        output-file: ./artifacts/build.spdx.json
+        path: ./artifacts/bin
+        upload-release-assets: ${{ runner.os == 'Windows' }}
+
     - name: Get .NET tools versions
       id: get-dotnet-tools-versions
       shell: pwsh