release build: Move compliance tasks before the signing step (#1714)

Author: daxian-dbw

.vsts-ci/releaseBuild.yml

@@ -61,6 +61,11 @@ jobs:
       Send-VstsCommand "vso[task.setvariable variable=Signed]$(Build.SourcesDirectory)\bin\Release\Signed"
     displayName: Bootstrap & Build
 
+  - template: templates/compliance.yml
+    parameters:
+      configuration: Release
+      framework: net461
+
   # Sign the module files
   - task: PkgESCodeSign@10
     displayName: 'CodeSign - module artifacts'
@@ -147,8 +152,3 @@ jobs:
       Write-Host "##vso[artifact.upload containerfolder=PSReadLine;artifactname=PSReadLine]$(PSReadLine)"
       Write-Host "##vso[artifact.upload containerfolder=NuGetPackage;artifactname=NuGetPackage]$(NuGetPackage)"
     displayName: 'Upload artifacts'
-
-  - template: templates/compliance.yml
-    parameters:
-      configuration: Release
-      framework: net461

.vsts-ci/templates/compliance.yml

@@ -76,7 +76,9 @@ steps:
     PoliCheckBreakOn: Severity2Above
 
 - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
-  displayName: 'Component Detection'
+  displayName: 'Component Governance Detection'
   inputs:
     sourceScanPath: '$(Build.SourcesDirectory)'
     snapshotForceEnabled: true
+    scanType: 'Register'
+    failOnAlert: true