SERVER-90466 Add mechanism to obtain sbom from Silk and include it in SCons' dist target (#22228)

# Issue

https://jira.mongodb.org/browse/SERVER-90466

# Description

Implements a few more steps necessary to get the SBOM into the shipped
product:
* Adds an `extra_dist_files` option to SConstruct; each specified file
is included in the `dist` target and flagged for installation
* Adds a `obtain_sbom_from_silk.py` tool which produces the requested
sbom. Note: Currently it does not actually contact silk; instead, it
produces an empty file. There's a TODO to incorporate the Silk API call.
* Wires it all up in Evergreen: the `package` task's `scons compile`
step is now *preceded* by a called to `obtain_sbom_from_silk`.

# Testing

I ran [this
PB](https://spruce.mongodb.com/version/6645104fb7b4c00007421b3e/tasks?sorts=STATUS%3AASC%3BBASE_STATUS%3ADESC),
which runs the `package` task on a single architecture. The
corresponding
[log](https://evergreen.mongodb.com/task_log_raw/mongodb_mongo_v7.0_linux_x86_dynamic_compile_required_package_patch_b32cb8a74b3da014dac4fc658bf05b07cf32f8ea_6645104fb7b4c00007421b3e_24_05_15_19_43_25/0?type=ALL&text=true)
shows that it did indeed receive the `extra_dist_files` option; ctrl-f
for `sbom` and you'll see this notable line:
```
Install file: "sbom_from_silk.json" as "build/install/mongodb-linux-x86_64-enterprise-rhel80-7.0.11-rc0-6-gb32cb8a-patch-6645104fb7b4c00007421b3e/sbom_from_silk.json"
```

GitOrigin-RevId: ffeccea2e59a83ef8cf5bdfcc6e21434a7818686

.gitignore

@@ -267,4 +267,5 @@ bazelisk
 buildifier
 .bazelrc.local
 .bazel_info_for_ninja.txt
-.ninja_last_command_line_targets.txt
+.ninja_last_command_line_targets.txt
+scons_cache.log.json

SConstruct

@@ -164,6 +164,12 @@ add_option(
     nargs=0,
 )
 
+add_option(
+    'extra_dist_files',
+    help=
+    'If defined, it should be a comma-delimited list of repository-relative paths to include in the dist target as installed files',
+)
+
 add_option(
     'build-tools',
     choices=['stable', 'next'],
@@ -6316,6 +6322,20 @@ clang_tidy_config = env.Substfile(
     ],
     SUBST_DICT=replacements,
 )
+
+if has_option('extra_dist_files'):
+    distsrc = env.Dir('#distsrc')
+    env.AutoInstall(
+        target='$PREFIX',
+        source=[
+            distsrc.File("#/" + extra_dist_file)
+            for extra_dist_file in get_option('extra_dist_files').split(',')
+        ],
+        AIB_COMPONENT='common',
+        AIB_COMPONENTS_EXTRA=['dist'],
+        AIB_ROLE='base',
+    )
+
 env.Alias("generated-sources", clang_tidy_config)
 
 if get_option('ninja') == 'disabled':

buildscripts/obtain_sbom_from_silk.py

@@ -0,0 +1,20 @@
+import argparse
+import sys
+
+
+def main():
+    parser = argparse.ArgumentParser()
+    parser.add_argument("--path", type=str,
+                        help="Path to the output file that should be generated.", default="")
+    args = parser.parse_args()
+    if args.path == "":
+        print("Error: No path provided.")
+        return 1
+    # TODO(SERVER-90466): Implement the logic to obtain the SBOM from Silk.
+    with open(args.path, 'w') as fp:
+        _ = fp
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())

etc/evergreen_yml_components/definitions.yml

@@ -7118,6 +7118,13 @@ tasks:
   - name: compile_dist_test
   commands:
   - *f_expansions_write
+  - command: subprocess.exec
+    params:
+      binary: bash
+      args:
+      - "src/evergreen/run_python_script.sh"
+      - "buildscripts/obtain_sbom_from_silk.py"
+      - "--path=sbom_from_silk.json"
   - func: "scons compile"
     vars:
       targets: >-
@@ -7128,6 +7135,7 @@ tasks:
         ${additional_package_targets|}
       task_compile_flags: >-
         --legacy-tarball
+        --extra_dist_files=sbom_from_silk.json
   - command: subprocess.exec
     params:
       binary: bash