Add SDL tool automation to official build

[dagood]

The goal is to get policheck and credscan integrated for 3.1.

CoreFX impl: dotnet/corefx#40294 (small fix dotnet/corefx#41993).

[dagood]

I (basically) copied what CoreFX has and ran a build, and the SDL step failed due to disk space while trying to pull down artifacts: https://dev.azure.com/dnceng/internal/_build/results?buildId=402553&view=results. Looking at how to change the agent pool it runs on.

I'm also looking at what values are needed for a few of the parameters to the tool. (Notification alias, TSA admin alias.) I haven't gotten to a point in the SDL runs where they're needed yet.

Number of unknowns seems fairly bounded, but could be peeling an onion after getting the disk space issue fixed.

[dagood]

Filed dotnet/arcade#4216 for the disk space issue. It doesn't appear to be configurable, so I'm trying builds with the eng/common job hacked up to see what fix we need.

[dagood]

This is blocked, waiting on:

• Why does execute-sdl.yml download all artifacts? Fails in Core-Setup due to disk space arcade#4216
• OR both https://github.com/dotnet/core-eng/issues/8180 and Let users override the target pools for post-build jobs arcade#3700 being resolved.

[dagood]

Done in 3.1 by dotnet/core-setup#8990. Tracked in master by #1027.