…cope

Add comprehensive guides for:

- OneBranch restore phase patterns (correct vs incorrect usage)

- OneBranch signing configuration (when to disable signing)

Update build-configuration-guide to include .pipelines/**/*.yml files

in the applyTo scope to ensure guidance applies to all pipeline files.

Extract repository root detection logic into a separate reusable template

(set-reporoot.yml) to improve modularity and reduce duplication.

Update SetVersionVariables.yml to:

- Use the new set-reporoot template

- Add ob_restore_phase boolean parameter with proper type annotation

- Pass ob_restore_phase to all steps that need restore phase control

- Remove deprecated UseJson parameter handling

Add parameterized ob_restore_phase control to:

- shouldSign.yml

- install-dotnet.yml

This allows callers to control whether these steps run in the OneBranch

restore phase or the normal build phase, following the documented pattern.

… control

Enhance cloneToOfficialPath.yml template with:

- Add ob_restore_phase boolean parameter for restore phase control

- Add validation to ensure REPOROOT environment variable is set

- Add validation to verify build.psm1 exists at REPOROOT

- Improve error messages with specific guidance

- Add verbose logging for source and destination paths

This prevents cryptic git clone errors when REPOROOT is not configured.

Clean up deprecated UseJson parameter across all templates:

- Remove UseJson parameter from template calls

- Set CreateJson to 'no' for regular builds (keep 'yes' only in prep stage)

- Simplify SetVersionVariables template parameter lists

The UseJson parameter was used for downloading build info from artifacts,

but this approach has been superseded by environment-based configuration.

Files updated:

- mac-package-build.yml

- nupkg.yml

- linux-package-build.yml

- checkAzureContainer.yml

- testartifacts.yml

- uploadToAzure.yml

- PowerShell-Coordinated_Packages-Official.yml

- MSIXBundle-vPack-Official.yml

- PowerShell-vPack-Official.yml

Add packaging/windows/package.yml template to build unsigned Windows packages:

- Builds MSI, ZIP, and MSIX packages from signed binaries

- Downloads signed binaries from CoOrdinatedBuildPipeline artifacts

- Uses ob_restore_phase: false for all template calls

- Uploads to runtime-specific artifact names:

  - drop_windows_package_fxdependent

  - drop_windows_package_fxdependentWinDesktop

  - drop_windows_package_win7x64

  - drop_windows_package_win7x86

This template focuses solely on building unsigned packages,

enabling separation from the signing stage in the pipeline.

Add packaging/windows/sign.yml template to sign Windows packages:

- Signs MSI, ZIP, and MSIX packages from package stage

- Downloads unsigned packages from drop_windows_package_{runtime} artifacts

- Configures OneBranch signing for each package type

- Creates signed EXE installer from signed MSI

- Uploads to runtime-specific signed artifact names:

  - drop_windows_package_signed_fxdependent

  - drop_windows_package_signed_fxdependentWinDesktop

  - drop_windows_package_signed_win7x64

  - drop_windows_package_signed_win7x86

This template handles all package signing operations,

separating concerns from the package build stage.

Update PowerShell-Packages-Official.yml to use split Windows pipeline:

- Replace single windows_package stage with two stages:

  - windows_package: Build unsigned MSI/ZIP/MSIX packages

  - windows_sign_package: Sign packages and create EXE

- windows_sign_package depends on windows_package stage

- Each runtime (fxdependent, fxdependentWinDesktop, win7x64, win7x86) flows through both stages

Benefits:

- Clearer separation of concerns (build vs sign)

- OneBranch signing configuration isolated to signing stage

- Easier to debug build vs signing issues

- Better alignment with OneBranch security model

Update package-create-msix.yml to use simplified artifact names:

- drop_windows_package_arm64 (was drop_windows_package_package_win_arm64)

- drop_windows_package_x64 (was drop_windows_package_package_win_x64)

- drop_windows_package_x86 (was drop_windows_package_package_win_x86)

This aligns with the artifact naming convention established in

the Windows package templates, removing the redundant 'package_win' prefix.

Complete UseJson parameter cleanup in remaining templates:

- .pipelines/templates/compliance/apiscan.yml

- .pipelines/templates/release-MakeBlobPublic.yml (2 jobs)

Sets CreateJson to 'no' and removes UseJson parameter,

consistent with other template updates.

Add .github/chatmodes/cherry-pick-commits.chatmode.md:

- Provides instructions for cherry-picking commits between branches

- Includes safety checks and verification steps

- Handles rebased commits and branch divergence scenarios

Delete 4 pipeline templates that are no longer referenced:

- windows-package-build.yml (replaced by packaging/windows/package.yml + sign.yml)

- release-checkout-pwsh-repo.yml

- release-download-packages.yml

- release-install-pwsh.yml

These files are not used by any pipeline configuration.