• Remove asyncSDL and add officialness parameter to all pipelines
• Use boolean for toggling official and toggle release environment
• Turn on binskim globalization invariant
• Try as a variable
• Set binskim exact tool version to 4.4.2

PR Summary

This pull request updates several Azure Pipeline YAML files to improve build configuration flexibility and security scanning consistency. The main changes introduce a new OfficialBuild parameter to control template selection and environment variables, standardize the use of BinSkim with a fixed tool version, and clean up legacy or redundant SDL scanning steps.

Build configuration improvements:

• Added an OfficialBuild boolean parameter to multiple pipeline YAML files to allow conditional selection of official vs. non-official build templates. This enables more flexible build configurations based on the build type. [1] [2] [3] [4]
• Updated template references to use the new templateFile variable, which is set based on the OfficialBuild parameter, ensuring the correct pipeline template is used for each build. [1] [2] [3] [4] [5] [6] [7]

Security scanning adjustments:

• Set exactToolVersion: 4.4.2 for BinSkim across all pipelines to standardize the tool version and avoid compatibility issues. [1] [2] [3] [4] [5] [6]
• Disabled BinSkim at the job level and set related environment variables to fix known issues with ICU packages in Linux containers. [1] [2]
• Enabled incrementalSDLBinaryAnalysis in feature flags for more efficient and targeted security analysis. [1] [2] [3] [4]

Legacy and redundant step clean-up:

• Removed legacy or redundant asyncSDL and credscan steps from several pipeline configurations to simplify and modernize the security scanning process. [1] [2] [3] [4]

Environment variable management:

• Added logic to set the releaseEnvironment variable based on the OfficialBuild parameter, ensuring the correct environment context for release pipelines. [1] [2]

These changes collectively improve pipeline maintainability, security scanning reliability, and build environment flexibility.

PR Context

PR Checklist

• PR has a meaningful title
  • Use the present tense and imperative mood when describing your changes
• Summarized changes
• Make sure all .h, .cpp, .cs, .ps1 and .psm1 files have the correct copyright header
• This PR is ready to merge. If this PR is a work in progress, please open this as a Draft Pull Request and mark it as Ready to Review when it is ready to merge.
• Breaking changes
  • None
  • OR
  • Experimental feature(s) needed
    • Experimental feature name(s):
• User-facing changes
  • Not Applicable
  • OR
  • Documentation needed
    • Issue filed:
• Testing - New and feature
  • N/A or can only be tested interactively
  • OR
  • Make sure you've added a new test if existing tests do not effectively test the code changed