# Maintainer: Antoine Martin (ayakael) # Contributor: Antoine Martin (ayakael) # secfixes: # 6.0.106-r0: # - CVE-2022-30184 # 6.0.108-r0: # - CVE-2022-34716 # 6.0.109-r0: # - CVE-2022-38013 # 6.0.110-r0: # - CVE-2022-41032 # 6.0.112-r0: # - CVE-2022-41089 # 6.0.113-r0: # - CVE-2023-21538 # 6.0.114-r0: # - CVE-2023-21808 pkgname=dotnet6-build pkgver=6.0.114 pkgrel=0 _gittag=v$pkgver _giturl="https://github.com/dotnet/installer" _testtag=4832cef147bac35fdd5c57275a795e683bba0bb8 _bunnytag=71880bd94711519f7b786248a88a827a401207a2 _patches=" aspnetcore_46735-set-known-good-runtimeid.patch build_13378-arm-build.patch build_14816-non-portable-build.patch build_14816-stop-overriding-aspnetcore-version.patch build_14816-update-portable-rid-logic.patch build_disable-apphost.diff check_rid-alpine-generation.diff installer_13378-arm-build.patch installer_14816-crossgen2-rid.patch installer_14816-update-portable-rid-logic.patch msbuild_optional-systemconfiguration.patch msbuild_optional-systemsecurity.patch roslyn_57003-mono-namedmutex.patch runtime_76500-mono-musl-support.patch runtime_82269-mono-thread-coop-undefine-fortify-source.patch runtime_enable-system-libunwind.diff runtime_lld-fix.patch sdk_14239-add-zsh-compdef-completion-script.patch sdk_telemetry-optout.patch " _pkgver_macro=${pkgver%.*} _pkgver_prior=${pkgver%.*.*} _pkgver_name=${_pkgver_macro//[.0]} pkgdesc="The .NET $_pkgver_macro bootstrap" arch="x86_64 aarch64 armv7 s390x" url=https://dotnet.microsoft.com license="MIT" # hack for dotnetx-build to be able to pull itself for bootstrapping provides="dotnet$_pkgver_name-bootstrap" provider_priority=$_pkgver_prior checkdepends=" babeltrace binutils coreutils file gawk jq lttng-tools npm procps sed strace util-linux-misc which " makedepends=" bash clang cmake dotnet$_pkgver_name-bootstrap dotnet$_pkgver_name-bootstrap-artifacts dotnet$_pkgver_name-stage0 findutils git grep icu-data-full icu-dev inetutils-syslogd krb5-dev libgit2-dev libintl libucontext-dev libunwind-dev libxml2-dev libxml2-utils linux-headers lldb-dev llvm-dev lttng-ust-dev nodejs numactl-dev openssl-dev pigz rsync tar xz zlib-dev " case $CARCH in s390x|x86) ;; *) makedepends="$makedepends lld-dev";; esac subpackages=" dotnet$_pkgver_name-artifacts:artifacts:noarch dotnet$_pkgver_name-sdk dotnet$_pkgver_name-templates:templates:noarch dotnet-zsh-completion:zshcomp:noarch dotnet-bash-completion:bashcomp:noarch dotnet-doc netstandard21-targeting-pack:netstandard_targeting_pack:noarch " source=" https://lab.ilot.io/dotnet/installer/-/releases/$_gittag/downloads/tarball/dotnet-$_gittag.tar.xz dotnet-testsuite-$_testtag.tar.gz::https://github.com/redhat-developer/dotnet-regular-tests/archive/$_testtag.tar.gz dotnet-bunny-$_bunnytag.tar.gz::https://github.com/redhat-developer/dotnet-bunny/archive/$_bunnytag.tar.gz $_patches " builddir="$srcdir"/dotnet-v$pkgver _checkdir="$srcdir"/dotnet-bunny-${_bunnytag/v} _testdir="$srcdir"/dotnet-regular-tests-$_testtag _cli_root="$srcdir"/bootstrap _nugetdir="$srcdir"/nuget-cache _artifactsdir="$_cli_root"/artifacts _libdir="/usr/lib" # if true, then within pipeline environment, in which case send logs there # to be scooped if [ -d "$APORTSDIR/logs" ]; then _logdir="$APORTSDIR"/logs/$pkgname else _logdir="$srcdir"/logs fi case $CARCH in x86_64) _dotnet_arch="x64";; aarch64) _dotnet_arch="arm64";; armv7) _dotnet_arch="arm";; armhf) _dotnet_arch="armv6";; *) _dotnet_arch="$CARCH";; esac # Build doesn't set all the right executable bits for the right file types _fix_executable() { # add executable bit find "$1" -type f \( \ -name 'apphost' -o \ -name 'singlefilehost' -o \ -name 'lib*so' \ \) \ -exec chmod +x '{}' \; # remove executable bit find "$1" -type f \( \ -name '*.a' -o \ -name '*.dll' -o \ -name '*.h' -o \ -name '*.json' -o \ -name '*.pdb' -o \ -name '*.props' -o \ -name '*.pubxml' -o \ -name '*.targets' -o \ -name '*.txt' -o \ -name '*.xml' \ \) \ -exec chmod -x '{}' \; } # generates tarball containing all components built by dotnet snapshot() { local _pkg="$srcdir"/${builddir##*/}.tar ulimit -n 4096 export NUGET_PACKAGES=$_nugetdir if [ -d "$srcdir" ]; then cd "$srcdir" else mkdir -p "$srcdir" && cd "$srcdir" fi if [ -d "installer" ]; then cd "$srcdir"/installer else git clone $_giturl --branch $_gittag && cd "$srcdir"/installer fi sed 's||' -i src/SourceBuild/Arcade/tools/SourceBuildArcadeTarball.targets if [ -d "$_libdir/dotnet/bootstrap" ]; then local _cli_root="$(find /usr/lib/dotnet/bootstrap/6.0* -maxdepth 0 -type d | sort -r | head -n 1)" else local _cli_root="" fi _InitializeDotNetCli="$_cli_root" DOTNET_INSTALL_DIR="$_cli_root" DotNetBuildFromSource=true ./build.sh \ /p:ArcadeBuildTarball=true \ /p:TarballDir=$builddir \ /p:TarballFilePath=$_pkg msg "Compressing ${builddir##*/}.tar to $SRCDEST" xz -T0 -9 -vv -e -c > "$SRCDEST"/${builddir##*/}.tar.xz < "$_pkg" cd "$startdir" abuild checksum } prepare() { default_prepare ulimit -n 4096 # check patches msg "check_rid-alpine-generation.diff" patch -p1 -d "$_testdir" -i "$srcdir"/check_rid-alpine-generation.diff # Using system libunwind is broken on aarch64 and mono-based builds # see https://github.com/dotnet/source-build/issues/2408, case $CARCH in x86_64) msg "Using system libunwind" patch -p1 -i "$srcdir"/runtime_enable-system-libunwind.diff ;; esac # For some reason, new s390x apphost isn't pulled, this disable it's use on s390x case $CARCH in s390x) msg "Disabing use of apphost" patch -p1 -i "$srcdir"/build_disable-apphost.diff ;; esac # links logfiles to pipeline logs for easy pickup in pipelines mkdir -p "$_logdir" "$builddir"/artifacts ln -s "$_logdir" "$builddir"/artifacts/logs ln -s "$_logdir" "$builddir"/artifacts/log for i in "$builddir"/src/*; do if [ -f "$i" ]; then continue fi mkdir -p "$_logdir"/${i##*\/} "$builddir"/src/${i##*\/}/artifacts ln -s "$_logdir"/${i##*\/} "$builddir"/src/${i##*\/}/artifacts/log done # dotnet requires its bootstrap to be in a writable dir msg "Setting up bootstrap" local _bootstrapdir=$(find $_libdir/dotnet/bootstrap/$_pkgver_macro* -maxdepth 0 | sort -r | head -n 1) if [ ! -d "$_cli_root" ]; then cp -r "$_bootstrapdir" "$_cli_root" fi # ensure that dotnet does not download artifacts provided by dotnet-artifacts rm -rf "$builddir"/packages/archive } build() { msg "Building $pkgname-$pkgver" ulimit -n 4096 # Disable use of LTTng as tracing on lttng <=2,13,0 is broken # See https://github.com/dotnet/runtime/issues/57784. if [ -f "/usr/lib/liblttng-ust.so.1 " ]; then export DOTNET_LTTng=0 fi # looks for most recent recent version of _artifactsdir local _artifactsdir=$(find $_libdir/dotnet/artifacts/$_pkgver_macro* -maxdepth 0 | sort -r | head -n 1) # ci args, else the output is forwarded to log files which isn't ideal in a # pipeline environment, and build by defaults uses lots of space local args=" /v:minimal /p:LogVerbosity=minimal /p:MinimalConsoleLogOutput=true /p:CleanWhileBuilding=true " # disable use of crossgen on arches platforms where its unsupported (mono) # or broken (armv7, aarch64) case $CARCH in x86|aarch64|armv7|armhf|s390x) local args="$args /p:CrossgenOutput=false /p:DISABLE_CROSSGEN=True";; esac # Sets TargetRid manually as dotnet cannot be trusted to reliably compute # the machine's runtime ID between releases. # shellcheck disable=SC2034 . /etc/os-release local VERSION_ID_DOT="${VERSION_ID//[^.]}" while [ ${#VERSION_ID_DOT} -gt 1 ]; do local VERSION_ID="${VERSION_ID%.*}" local VERSION_ID_DOT="${VERSION_ID//[^.]}" done local VERSION_ID_DASH="${VERSION_ID//[^_]}" while [ ${#VERSION_ID_DASH} -ge 1 ]; do local VERSION_ID="${VERSION_ID%_*}" local VERSION_ID_DASH="${VERSION_ID//[^_]}" done local args="$args /p:TargetRid=$ID.$VERSION_ID-$_dotnet_arch" ./build.sh \ --with-sdk "$_cli_root" \ --with-packages "$_artifactsdir" \ -- $args } check() { ulimit -n 4096 export NUGET_PACKAGES=$_nugetdir # Tests timeout (in seconds) local _tests_timeout=600 # Test suite disable flags # following tests can only work after packaging step local _disabled_tests="man-pages distribution-package bash-completion install-local release-version-sane" # test broken on all but x86_64 and aarch64: no musl release for omnisharp if [ "$CARCH" != "x86_64" ] && [ "$CARCH" != "aarch64" ]; then local _disabled_tests="$_disabled_tests omnisharp" fi # test broken: permission issue on lxc / pipelines local _disabled_tests="$_disabled_tests createdump-aspnet workload" # liblttng-ust_sys-sdt.h: no 'NT_STAPSDT' on Alpine's lttng-ust package # lttng: known issue, see https://github.com/dotnet/runtime/issues/57784 local _disabled_tests="$_disabled_tests liblttng-ust_sys-sdt.h lttng" # {bundled,system}-libunwind: use system version on all but aarch64/armv7, as broken # see https://github.com/redhat-developer/dotnet-regular-tests/issues/113 case $CARCH in x86_64) local _disabled_tests="$_disabled_tests bundled-libunwind";; *) local _disabled_tests="$_disabled_tests system-libunwind";; esac # publish-ready-to-run: broken due to crossgen2 nupkg on musl-arm64 / musl-arm platform being broken # should be fixed with https://github.com/dotnet/runtime/pull/66814 case $CARCH in aarch64|armv7) local _disabled_tests="$_disabled_tests publish-ready-to-run publish-ready-to-run-linux";; esac msg "Unpacking produced dotnet" export DOTNET_ROOT="$_checkdir/release" if [ ! -d "$DOTNET_ROOT" ]; then mkdir -p "$DOTNET_ROOT" tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$DOTNET_ROOT" \ --no-same-owner fi export PATH="$DOTNET_ROOT:$PATH" # some files either should or should not have executable bits # (done again during packaging - this is for tests) _fix_executable "$DOTNET_ROOT" msg "Building turkey test suite" mkdir "$_logdir"/check if [ ! -d "$_checkdir"/turkey ]; then cd "$_checkdir"/Turkey dotnet publish -bl:$_logdir/check/turkey.binlog -f netcoreapp3.1 -c Release -p:VersionPrefix=1 -p:VersionSuffix="$(git rev-parse --short HEAD)" -o "$_checkdir"/turkey fi msg "Running test suite" cd "$_testdir" for i in $_disabled_tests; do if [ -d "$i" ]; then sed -i 's|"enabled": true|"enabled": false|' $i/test.json fi done dotnet "$_checkdir"/turkey/Turkey.dll -t $_tests_timeout -l "$_logdir"/check || local ERROR=true if [ $ERROR ]; then msg "Check error reported" fi } package() { # directory creation install -dm 755 \ "$pkgdir"/$_libdir/dotnet/bootstrap/$pkgver \ "$pkgdir"/usr/share/man/man1 \ "$pkgdir"/$_libdir/dotnet/artifacts/$pkgver # unpack sdk to bootstrap tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$pkgdir"/$_libdir/dotnet/bootstrap/$pkgver/ \ --no-same-owner # extract arch-specific artifacts to artifacts dir for use by future dotnet builds tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/Private.SourceBuilt.Artifacts.*.tar.gz \ -C "$pkgdir"/$_libdir/dotnet/artifacts/$pkgver/ \ --no-same-owner \ --wildcards \ '*alpine*' # assemble docs find "$builddir" -iname 'dotnet*.1' -type f -exec cp '{}' "$pkgdir"/usr/share/man/man1/. \; # some files either should or should not have executable bits _fix_executable "$pkgdir" # Disable use of LTTng as tracing on lttng <=2,13,0 is broken # See https://github.com/dotnet/runtime/issues/57784. if [ -f "/usr/lib/liblttng-ust.so.1 " ]; then rm "$pkgdir"/$_libdir/dotnet/bootstrap/*/shared/Microsoft.NETCore.App/*/libcoreclrtraceptprovider.so fi } sdk() { pkgdesc="The .NET $_pkgver_macro SDK" depends=" aspnetcore$_pkgver_name-runtime aspnetcore$_pkgver_name-targeting-pack dotnet$_pkgver_name-apphost-pack dotnet$_pkgver_name-targeting-pack dotnet$_pkgver_name-templates netstandard21-targeting-pack " provides=" dotnet-sdk-$_pkgver_macro=$pkgver-r$pkgrel dotnet$_pkgver_name-dev=$pkgver-r$pkgrel " install -dm 755 "$subpkgdir"/$_libdir/dotnet # sdk tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/ \ --no-same-owner \ ./sdk ./sdk-manifests # some files either should or should not have executable bits _fix_executable "$subpkgdir" # See https://github.com/dotnet/source-build/issues/2579 find "$subpkgdir" -type f -name 'testhost.x86' -delete find "$subpkgdir" -type f -name 'vstest.console' -delete } netstandard_targeting_pack() { pkgdesc="The .NET 2.1 Standard targeting pack" depends="dotnet-host" provides="netstandard-targeting-pack-2.1=$pkgver-r$pkgrel" install -dm 755 "$subpkgdir"/$_libdir/dotnet/packs tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/ \ --no-same-owner \ ./packs/NETStandard.Library.Ref # some files either should or should not have executable bits _fix_executable "$subpkgdir" } templates() { pkgdesc="The .NET $_pkgver_macro templates" depends="dotnet-host" provides="dotnet-templates-$_pkgver_macro=$pkgver-r$pkgrel" install -dm 755 "$subpkgdir"/$_libdir/dotnet tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/ \ --no-same-owner \ ./templates # some files either should or should not have executable bits _fix_executable "$subpkgdir" } artifacts() { pkgdesc="Internal package for building .NET $_pkgver_macro Software Development Kit" # hack to allow artifacts to pull itself provides="dotnet$_pkgver_name-bootstrap-artifacts" provider_priority=$_pkgver_prior # directory creation install -dm 755 \ "$subpkgdir"/$_libdir/dotnet/artifacts/$pkgver \ "$subpkgdir"/usr/share/licenses # extract arch-agnostic artifacts to artifacts dir for use by future dotnet builds tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/Private.SourceBuilt.Artifacts.*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/artifacts/$pkgver/ \ --no-same-owner \ --exclude '*Intermediate*' \ --exclude '*alpine*' } zshcomp() { depends="" pkgdesc="zsh completion for .NET" # netstandard21-targeting-pack will always be pulled by any dotnetx-sdk # thus pulling this with it for sdk install_if="netstandard21-targeting-pack zsh" depends="dotnet-host" install -dm 755 "$subpkgdir"/usr/share/zsh/site-functions install -m 755 "$builddir"/src/sdk/scripts/register-completions.zsh "$subpkgdir"/usr/share/zsh/site-functions/_dotnet } bashcomp() { depends="" pkgdesc="bash completion for .NET" # netstandard21-targeting-pack will always be pulled by any dotnetx-sdk # thus pulling this with it for sdk install_if="netstandard21-targeting-pack bash-completion" depends="dotnet-host" install -dm 755 "$subpkgdir"/usr/share/bash-completion/completions install -m 755 "$builddir"/src/sdk/scripts/register-completions.bash "$subpkgdir"/usr/share/bash-completion/completions/_dotnet } doc() { default_doc pkgdesc="Docs for .NET" # licenses install -dm 755 "$subpkgdir"/usr/share/licenses/dotnet tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/usr/share/licenses/dotnet/ \ --no-same-owner \ ./LICENSE.txt ./ThirdPartyNotices.txt } sha512sums=" 2c01c7b2de4d47d4125717e1240b4822af8b07336d48d87cbc0521fc1b7245672ded01021ad9cdba476b8aa519c4376f40ee1654254e687bef07df9872a3476d dotnet-v6.0.114.tar.xz 994e5145653698551408a87e34d19368e85a2531af9e2bfe61b903af0f016bfd5e4a7691795bdf09ba74bf6f41fc666973ee8cfde9088738f9a2f83f4bafa5e4 dotnet-testsuite-4832cef147bac35fdd5c57275a795e683bba0bb8.tar.gz fc281df5fcf0d31dc9ff7f5b0e870960cfbe3c4fa0f6a6bb50b22c4ee18d2c608c827205bc79bd7f686d77ac917582fc26f68432cdd86c4a33b910c0c7416d09 dotnet-bunny-71880bd94711519f7b786248a88a827a401207a2.tar.gz 5a46a1ac9f70c378c7193275de399d7c7c235c5c7da7e76d0b44ff380ae1df3f3724cebc9c430157606c545bb3aa6d321d0e7d6702f9c4d8e74c901d394a6c51 aspnetcore_46735-set-known-good-runtimeid.patch 6e9663f466007fc5fa7010e6859f054b6a4e59affa7aae7fd4d9ab4ba8410d4855b680f58f938ad21d0b3d2a7c7b097c7e9494a4dde2c43478ddddbf37539545 build_13378-arm-build.patch bdbe798add3ded0c2cf361c9f5aa18fb3540e348e68a5695cbdb797be917f06d1bda69855cae2f36950e9506119e81165927787e13b80a17a1b647ef2c221916 build_14816-non-portable-build.patch 3e04fff2d9d9b39ac4dce0b80f4b566fff8819313a5bf1df791e8f1a63a26ef882bd8aa1524344f63fbb4a3728077179b7f1d7ebefc003c236d39a48beaa0073 build_14816-stop-overriding-aspnetcore-version.patch 70d402d0bcaa98c8b09652365404238b67ed26eb9c3d510c7d6309fb61937d98c9144f1096e521c11b00e946d29585a9d474498ccc5223de32bd6471ab5a431f build_14816-update-portable-rid-logic.patch a5a359af816595fbf19482e5dccf874c78d2fc4b59f38223118aac603b33e00c9fed22580eee3112519477205c2c8ed16177d100f09f45275e3da3c20b0ed7f7 build_disable-apphost.diff 941b430b55e323f723bbc5160447f060f40d18ce32e5803ab7dda16bfc60a0f5ec1dccd246e68475d7115ee265a9433824d8a5d997c302531311194a90deeca9 check_rid-alpine-generation.diff 23b712d7a088e780cd0994c5577b4c015cc1478e3a6bbca9b6e97ff2f2711562ef3a01ed483582a6861b31989b949972e2159caa4a34e0b18b6e8c062bb82c9e installer_13378-arm-build.patch 7ffda90d766217e7c3756ebd423b557218c24f5337668b319421514945d3f961d82037c997b7254de088b1853102d7de15e0d824cf2cc02a6c455efc2b0107a2 installer_14816-crossgen2-rid.patch e71f91d14873755bc2f227807d909e5260bd1f166a262eda0bf05d4a3975a7bce7fde457c1eba476a83b317aebdaaba25f1893d3385182428c08bba6243f21c8 installer_14816-update-portable-rid-logic.patch 86e14ecc0269c8b2c2a2a679790de4fa4e15ac06b2a831e1129c4a7de1499d60583fcdc79b3705652c3c4ced73afac2e0ee3edce2cfa3b00fddf94180fb26e10 msbuild_optional-systemconfiguration.patch f4d27624f735ce77e0030fa791594fc12fb325a3ce8620791a7856bd5c0067a042df2196ec97ed4d0309db64bd51e6a48cafaad316d9ea45e34134214a7f3ca4 msbuild_optional-systemsecurity.patch 42779a7bf1004fe0f7054cfa4f09f49d7f2a57c0543ec994ffbd54fb349abb508295476098ed35d60e9676be8bcc15aa8a9ec5c814cd1e058357530b5cdfb2b6 roslyn_57003-mono-namedmutex.patch e67e0114bd324dae65eb19f6fa8c74414bee77cd30e299931b0d82b4ca1b6b6f88358a0c47ffb180f46c5cb28f61f79bb4a59d43c1ae3011bfe491e757de293a runtime_76500-mono-musl-support.patch 827e899a83103f666dc3d57c1ec695bebc659a574f4a1d754da0cafe8c18d7db79c3950267e905fa078f94612ee1101fbddd0ea62b3c08947d8bcd7d9c8de41c runtime_82269-mono-thread-coop-undefine-fortify-source.patch 91f237afe642d0170dbf0e9a2706a4145c937d9d869d22959acaf092f1fd11941144b2b1d041102abe7b70349dd5869d558896e9d13d01f176cace39b21ef1ef runtime_enable-system-libunwind.diff 5f465f6e3bfbff66551a5690eb41be46735f8e0b1e6e6503038521a8cc60cd66b7839426319ec304f785c9f074ef588b1f189ad6dbb6ced53257af28b09388f2 runtime_lld-fix.patch d1b4ebcbb1a6815fc0ce4c471485c232618e60968a879309fb8336821a9351d2e0028d9f7726c0c041c750b497a0baa47400c78c9ceff550b91b4a6c2816fc41 sdk_14239-add-zsh-compdef-completion-script.patch 815de1dad37412579b16d763debe2ecceffb44f5c46bd3f4ac00b3e431b20c677db435794eac41cea5601030b4e0f03f19e2d53c7a1ead896de2ffbca787eb84 sdk_telemetry-optout.patch "