From 5533b337bb2141a659ff475daf5b9869a6ef7cff Mon Sep 17 00:00:00 2001
From: Chris Rummel <crummel@microsoft.com>
Date: Thu, 2 Feb 2023 13:06:10 -0600
Subject: [PATCH 1/2] Disable secure supply chain check. These issues are
 checked for in the individual repos - by the time source-build is building
 the tarball they have already been processed and approved.

---
 .../eng/pipelines/security-partners-dotnet.yml      | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/SourceBuild/tarball/content/eng/pipelines/security-partners-dotnet.yml b/src/SourceBuild/tarball/content/eng/pipelines/security-partners-dotnet.yml
index 6200e7fc0..97b520dca 100644
--- a/src/SourceBuild/tarball/content/eng/pipelines/security-partners-dotnet.yml
+++ b/src/SourceBuild/tarball/content/eng/pipelines/security-partners-dotnet.yml
@@ -1,5 +1,18 @@
 trigger: none
 
+variables:
+- name: cfsNPMWarnLevel
+  value: none
+
+- name: cfsNugetWarnLevel
+  value: none
+
+- name: myGetWarnLevel
+  value: none
+
+- name: NuGetSecurityAnalysisWarningLevel
+  value: none
+
 jobs:
 - template: ../../src/installer/src/SourceBuild/Arcade/eng/common/templates/job/source-build-build-tarball.yml
   parameters:

From 65e657b063daee477190a41a0f0eac0b0a56a45b Mon Sep 17 00:00:00 2001
From: Chris Rummel <crummel@microsoft.com>
Date: Thu, 2 Feb 2023 13:07:55 -0600
Subject: [PATCH 2/2] Enable bootstrap in tarball build. We now expect all
 builds using the Microsoft-built SDK to also use bootstrap.  Mixed RIDness
 between the bootstrap SDK and previously-source-built packages is not
 supported.

---
 .../tarball/content/eng/pipelines/security-partners-dotnet.yml  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/SourceBuild/tarball/content/eng/pipelines/security-partners-dotnet.yml b/src/SourceBuild/tarball/content/eng/pipelines/security-partners-dotnet.yml
index 97b520dca..02641873b 100644
--- a/src/SourceBuild/tarball/content/eng/pipelines/security-partners-dotnet.yml
+++ b/src/SourceBuild/tarball/content/eng/pipelines/security-partners-dotnet.yml
@@ -20,7 +20,7 @@ jobs:
     excludeSdkContentTests: true
     matrix:
       Ubuntu2004-Offline:
-        _BootstrapPrep: false
+        _BootstrapPrep: true
         _Container: mcr.microsoft.com/dotnet-buildtools/prereqs:ubuntu-20.04-20220813234344-4c008dd
         _EnablePoison: false
         _ExcludeOmniSharpTests: false