# Maintainer: Antoine Martin (ayakael) # Contributor: Antoine Martin (ayakael) # secfixes: # 6.0.106-r0: # - CVE-2022-30184 # 6.0.108-r0: # - CVE-2022-34716 # 6.0.109-r0: # - CVE-2022-38013 # 6.0.110-r0: # - CVE-2022-41032 # 6.0.112-r0: # - CVE-2022-41089 # 6.0.113-r0: # - CVE-2023-21538 # 6.0.114-r0: # - CVE-2023-21808 # 6.0.116-r0: # - CVE-2023-28260 # 6.0.118-r0: # - CVE-2023-24895 # - CVE-2023-24897 # - CVE-2023-24936 # - CVE-2023-29331 # - CVE-2023-29337 # - CVE-2023-33126 # - CVE-2023-33128 # - CVE-2023-33135 # 6.0.120-r0: # - CVE-2023-33127 # - CVE-2023-33170 # 6.0.121-r0: # - CVE-2023-35390 # - CVE-2023-38180 # - CVE-2023-35391 # 6.0.122-r0: # - CVE-2023-36792 # - CVE-2023-36793 # - CVE-2023-36794 # - CVE-2023-36796 # - CVE-2023-36799 # 6.0.123-r0: # - CVE-2023-44487 # 6.0.124-r0: # - CVE-2023-36792 # - CVE-2023-36793 # - CVE-2023-36794 # - CVE-2023-36796 # - CVE-2023-36799 # - CVE-2023-44487 # 6.0.125-r0: # - CVE-2023-36049 # - CVE-2023-36558 pkgname=dotnet6-build pkgver=6.0.125 pkgrel=0 _gittag=v$pkgver _giturl="https://github.com/dotnet/installer" _testtag=e1cc0f181ffd4d755756d30d985513897d592ba4 _bunnytag=71880bd94711519f7b786248a88a827a401207a2 _llvmver=16 _patches=" build_14816-non-portable-build.patch build_14816-update-portable-rid-logic.patch build_disable-apphost.diff installer_14816-update-portable-rid-logic.patch msbuild_optional-systemconfiguration.patch msbuild_optional-systemsecurity.patch roslyn_57003-mono-namedmutex.patch runtime_76500-mono-musl-support.patch runtime_82269-mono-thread-coop-undefine-fortify-source.patch runtime_enable-system-libunwind.diff runtime_remove-usage-of-off64-t.patch sdk_14239-add-zsh-compdef-completion-script.patch sdk_telemetry-optout.patch " _pkgver_macro=${pkgver%.*} _pkgver_prior=${pkgver%.*.*} _pkgver_name=${_pkgver_macro//[.0]} pkgdesc="The .NET $_pkgver_macro bootstrap" arch="x86_64 aarch64 armv7" url=https://dotnet.microsoft.com license="MIT" # hack for dotnetx-build to be able to pull itself for bootstrapping provides="dotnet$_pkgver_name-bootstrap" provider_priority=$_pkgver_prior checkdepends=" babeltrace binutils coreutils file gawk jq lttng-tools npm procps sed strace util-linux-misc which " makedepends=" alpine-release bash clang$_llvmver cmake dotnet$_pkgver_name-bootstrap dotnet$_pkgver_name-bootstrap-artifacts dotnet$_pkgver_name-stage0 findutils git grep icu-data-full icu-dev inetutils-syslogd krb5-dev libgit2-dev libintl libucontext-dev libunwind-dev libxml2-dev libxml2-utils linux-headers lldb-dev llvm$_llvmver-dev lttng-ust-dev nodejs numactl-dev openssl-dev pigz rsync tar xz zlib-dev " case $CARCH in s390x|x86) ;; *) makedepends="$makedepends lld-dev";; esac subpackages=" dotnet$_pkgver_name-artifacts:artifacts:noarch dotnet$_pkgver_name-sdk dotnet$_pkgver_name-templates:templates:noarch dotnet-zsh-completion:zshcomp:noarch dotnet-bash-completion:bashcomp:noarch dotnet-doc netstandard21-targeting-pack:netstandard_targeting_pack:noarch " source=" https://lab.ilot.io/mirrors/installer/-/releases/$_gittag/downloads/tarball/dotnet-$_gittag.tar.xz dotnet-testsuite-$_testtag.tar.gz::https://github.com/redhat-developer/dotnet-regular-tests/archive/$_testtag.tar.gz dotnet-bunny-$_bunnytag.tar.gz::https://github.com/redhat-developer/dotnet-bunny/archive/$_bunnytag.tar.gz $_patches " builddir="$srcdir"/dotnet-$_gittag _checkdir="$srcdir"/dotnet-bunny-${_bunnytag/v} _testdir="$srcdir"/dotnet-regular-tests-$_testtag _cli_root="$srcdir"/bootstrap _nugetdir="$srcdir"/nuget-cache _artifactsdir="$_cli_root"/artifacts _libdir="/usr/lib" # if true, then within pipeline environment, in which case send logs there # to be scooped if [ -d "$APORTSDIR/logs" ]; then _logdir="$APORTSDIR"/logs/$pkgname else _logdir="$srcdir"/logs fi case $CARCH in x86_64) _dotnet_arch="x64";; aarch64) _dotnet_arch="arm64";; armv7) _dotnet_arch="arm";; armhf) _dotnet_arch="armv6";; *) _dotnet_arch="$CARCH";; esac # Build doesn't set all the right executable bits for the right file types _fix_executable() { # add executable bit find "$1" -type f \( \ -name 'apphost' -o \ -name 'singlefilehost' -o \ -name 'lib*so' \ \) \ -exec chmod +x '{}' \; # remove executable bit find "$1" -type f \( \ -name '*.a' -o \ -name '*.dll' -o \ -name '*.h' -o \ -name '*.json' -o \ -name '*.pdb' -o \ -name '*.props' -o \ -name '*.pubxml' -o \ -name '*.targets' -o \ -name '*.txt' -o \ -name '*.xml' \ \) \ -exec chmod -x '{}' \; } # generates tarball containing all components built by dotnet snapshot() { local _pkg="$srcdir"/${builddir##*/}.tar ulimit -n 4096 export NUGET_PACKAGES=$_nugetdir if [ -d "$srcdir" ]; then cd "$srcdir" else mkdir -p "$srcdir" && cd "$srcdir" fi if [ -d "installer" ]; then cd "$srcdir"/installer else git clone $_giturl --branch $_gittag && cd "$srcdir"/installer fi sed 's||' -i src/SourceBuild/Arcade/tools/SourceBuildArcadeTarball.targets if [ -d "$_libdir/dotnet/bootstrap" ]; then local _cli_root="$(find /usr/lib/dotnet/bootstrap/6.0* -maxdepth 0 -type d | sort -r | head -n 1)" else local _cli_root="" fi _InitializeDotNetCli="$_cli_root" DOTNET_INSTALL_DIR="$_cli_root" DotNetBuildFromSource=true ./build.sh \ /p:ArcadeBuildTarball=true \ /p:TarballDir=$builddir \ /p:TarballFilePath=$_pkg msg "Compressing ${builddir##*/}.tar to $SRCDEST" xz -T0 -9 -vv -e -c > "$SRCDEST"/${builddir##*/}.tar.xz < "$_pkg" cd "$startdir" abuild checksum } prepare() { default_prepare ulimit -n 4096 # Using system libunwind is broken on aarch64 and mono-based builds # see https://github.com/dotnet/source-build/issues/2408, case $CARCH in x86_64) msg "Using system libunwind" patch -p1 -i "$srcdir"/runtime_enable-system-libunwind.diff ;; esac # For some reason, new s390x apphost isn't pulled, this disable it's use on s390x case $CARCH in s390x) msg "Disabing use of apphost" patch -p1 -i "$srcdir"/build_disable-apphost.diff ;; esac # links logfiles to pipeline logs for easy pickup in pipelines mkdir -p "$_logdir" "$builddir"/artifacts ln -s "$_logdir" "$builddir"/artifacts/logs ln -s "$_logdir" "$builddir"/artifacts/log for i in "$builddir"/src/*; do if [ -f "$i" ]; then continue fi mkdir -p "$_logdir"/${i##*\/} "$builddir"/src/${i##*\/}/artifacts ln -s "$_logdir"/${i##*\/} "$builddir"/src/${i##*\/}/artifacts/log done # dotnet requires its bootstrap to be in a writable dir msg "Setting up bootstrap" local _bootstrapdir=$(find $_libdir/dotnet/bootstrap/$_pkgver_macro* -maxdepth 0 | sort -r | head -n 1) if [ ! -d "$_cli_root" ]; then cp -r "$_bootstrapdir" "$_cli_root" fi # ensure that dotnet does not download artifacts provided by dotnet-artifacts rm -rf "$builddir"/packages/archive } build() { msg "Building $pkgname-$pkgver" ulimit -n 4096 export PATH="$PATH:/usr/lib/llvm$_llvmver/bin" # Disable use of LTTng as tracing on lttng <=2,13,0 is broken # See https://github.com/dotnet/runtime/issues/57784. if [ -f "/usr/lib/liblttng-ust.so.1 " ]; then export DOTNET_LTTng=0 fi # looks for most recent recent version of _artifactsdir local _artifactsdir=$(find $_libdir/dotnet/artifacts/$_pkgver_macro* -maxdepth 0 | sort -r | head -n 1) # ci args, else the output is forwarded to log files which isn't ideal in a # pipeline environment, and build by defaults uses lots of space local args=" /v:minimal /p:LogVerbosity=minimal /p:MinimalConsoleLogOutput=true /p:CleanWhileBuilding=true " # disable use of crossgen on arches platforms where its unsupported (mono) # or broken (armv7, aarch64) case $CARCH in x86|aarch64|armv7|armhf|s390x) local args="$args /p:CrossgenOutput=false /p:DISABLE_CROSSGEN=True";; esac # Sets TargetRid manually as dotnet cannot be trusted to reliably compute # the machine's runtime ID between releases. # shellcheck disable=SC2034 . /etc/os-release local VERSION_ID_DOT="${VERSION_ID//[^.]}" while [ ${#VERSION_ID_DOT} -gt 1 ]; do local VERSION_ID="${VERSION_ID%.*}" local VERSION_ID_DOT="${VERSION_ID//[^.]}" done local VERSION_ID_DASH="${VERSION_ID//[^_]}" while [ ${#VERSION_ID_DASH} -ge 1 ]; do local VERSION_ID="${VERSION_ID%_*}" local VERSION_ID_DASH="${VERSION_ID//[^_]}" done local args="$args /p:TargetRid=$ID.$VERSION_ID-$_dotnet_arch" case "$CARCH" in x86*) ;; *) # clang doesn't implement this outside of x86, and it causes a later configure to fail export CFLAGS="${CFLAGS/-fstack-clash-protection}" export CXXFLAGS="${CXXFLAGS/-fstack-clash-protection}" ;; esac ./build.sh \ --with-sdk "$_cli_root" \ --with-packages "$_artifactsdir" \ -- $args } check() { ulimit -n 4096 export NUGET_PACKAGES=$_nugetdir # Tests timeout (in seconds) local _tests_timeout=600 # Test suite disable flags # following tests can only work after packaging step local _disabled_tests="man-pages distribution-package bash-completion install-local release-version-sane" # test broken on all but x86_64 and aarch64: no musl release for omnisharp if [ "$CARCH" != "x86_64" ] && [ "$CARCH" != "aarch64" ]; then local _disabled_tests="$_disabled_tests omnisharp" fi # test broken: permission issue on lxc / pipelines local _disabled_tests="$_disabled_tests createdump-aspnet workload" # liblttng-ust_sys-sdt.h: no 'NT_STAPSDT' on Alpine's lttng-ust package # lttng: known issue, see https://github.com/dotnet/runtime/issues/57784 local _disabled_tests="$_disabled_tests liblttng-ust_sys-sdt.h lttng" # {bundled,system}-libunwind: use system version on all but aarch64/armv7, as broken # see https://github.com/redhat-developer/dotnet-regular-tests/issues/113 case $CARCH in x86_64) local _disabled_tests="$_disabled_tests bundled-libunwind";; *) local _disabled_tests="$_disabled_tests system-libunwind";; esac # publish-ready-to-run: broken due to crossgen2 nupkg on musl-arm64 / musl-arm platform being broken # should be fixed with https://github.com/dotnet/runtime/pull/66814 case $CARCH in aarch64|armv7) local _disabled_tests="$_disabled_tests publish-ready-to-run publish-ready-to-run-linux";; esac # test unit hangs local _disabled_tests="$_disabled_tests debugging-via-dotnet-dump" msg "Unpacking produced dotnet" export DOTNET_ROOT="$_checkdir/release" if [ ! -d "$DOTNET_ROOT" ]; then mkdir -p "$DOTNET_ROOT" tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$DOTNET_ROOT" \ --no-same-owner fi export PATH="$DOTNET_ROOT:$PATH" # some files either should or should not have executable bits # (done again during packaging - this is for tests) _fix_executable "$DOTNET_ROOT" msg "Building turkey test suite" mkdir "$_logdir"/check if [ ! -d "$_checkdir"/turkey ]; then cd "$_checkdir"/Turkey dotnet publish -bl:$_logdir/check/turkey.binlog -f netcoreapp3.1 -c Release -p:VersionPrefix=1 -p:VersionSuffix="$(git rev-parse --short HEAD)" -o "$_checkdir"/turkey fi msg "Running test suite" cd "$_testdir" for i in $_disabled_tests; do if [ -d "$i" ]; then sed -i 's|"enabled": true|"enabled": false|' $i/test.json fi done dotnet "$_checkdir"/turkey/Turkey.dll -t $_tests_timeout -l "$_logdir"/check || local ERROR=true if [ $ERROR ]; then msg "Check error reported" fi } package() { # directory creation install -dm 755 \ "$pkgdir"/$_libdir/dotnet/bootstrap/$pkgver \ "$pkgdir"/usr/share/man/man1 \ "$pkgdir"/$_libdir/dotnet/artifacts/$pkgver # unpack sdk to bootstrap tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$pkgdir"/$_libdir/dotnet/bootstrap/$pkgver/ \ --no-same-owner # extract arch-specific artifacts to artifacts dir for use by future dotnet builds tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/Private.SourceBuilt.Artifacts.*.tar.gz \ -C "$pkgdir"/$_libdir/dotnet/artifacts/$pkgver/ \ --no-same-owner \ --wildcards \ '*alpine*' # assemble docs find "$builddir" -iname 'dotnet*.1' -type f -exec cp '{}' "$pkgdir"/usr/share/man/man1/. \; # some files either should or should not have executable bits _fix_executable "$pkgdir" # Disable use of LTTng as tracing on lttng <=2,13,0 is broken # See https://github.com/dotnet/runtime/issues/57784. if [ -f "/usr/lib/liblttng-ust.so.1 " ]; then rm "$pkgdir"/$_libdir/dotnet/bootstrap/*/shared/Microsoft.NETCore.App/*/libcoreclrtraceptprovider.so fi } sdk() { pkgdesc="The .NET $_pkgver_macro SDK" depends=" aspnetcore$_pkgver_name-runtime aspnetcore$_pkgver_name-targeting-pack dotnet$_pkgver_name-apphost-pack dotnet$_pkgver_name-targeting-pack dotnet$_pkgver_name-templates netstandard21-targeting-pack " provides=" dotnet-sdk-$_pkgver_macro=$pkgver-r$pkgrel dotnet$_pkgver_name-dev=$pkgver-r$pkgrel " install -dm 755 "$subpkgdir"/$_libdir/dotnet # sdk tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/ \ --no-same-owner \ ./sdk ./sdk-manifests # some files either should or should not have executable bits _fix_executable "$subpkgdir" # See https://github.com/dotnet/source-build/issues/2579 find "$subpkgdir" -type f -name 'testhost.x86' -delete find "$subpkgdir" -type f -name 'vstest.console' -delete } netstandard_targeting_pack() { pkgdesc="The .NET 2.1 Standard targeting pack" depends="dotnet-host" provides="netstandard-targeting-pack-2.1=$pkgver-r$pkgrel" install -dm 755 "$subpkgdir"/$_libdir/dotnet/packs tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/ \ --no-same-owner \ ./packs/NETStandard.Library.Ref # some files either should or should not have executable bits _fix_executable "$subpkgdir" } templates() { pkgdesc="The .NET $_pkgver_macro templates" depends="dotnet-host" provides="dotnet-templates-$_pkgver_macro=$pkgver-r$pkgrel" install -dm 755 "$subpkgdir"/$_libdir/dotnet tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/ \ --no-same-owner \ ./templates # some files either should or should not have executable bits _fix_executable "$subpkgdir" } artifacts() { pkgdesc="Internal package for building .NET $_pkgver_macro Software Development Kit" # hack to allow artifacts to pull itself provides="dotnet$_pkgver_name-bootstrap-artifacts" provider_priority=$_pkgver_prior # directory creation install -dm 755 \ "$subpkgdir"/$_libdir/dotnet/artifacts/$pkgver \ "$subpkgdir"/usr/share/licenses # extract arch-agnostic artifacts to artifacts dir for use by future dotnet builds tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/Private.SourceBuilt.Artifacts.*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/artifacts/$pkgver/ \ --no-same-owner \ --exclude '*Intermediate*' \ --exclude '*alpine*' } zshcomp() { depends="" pkgdesc="zsh completion for .NET" # netstandard21-targeting-pack will always be pulled by any dotnetx-sdk # thus pulling this with it for sdk install_if="netstandard21-targeting-pack zsh" depends="dotnet-host" install -dm 755 "$subpkgdir"/usr/share/zsh/site-functions install -m 755 "$builddir"/src/sdk/scripts/register-completions.zsh "$subpkgdir"/usr/share/zsh/site-functions/_dotnet } bashcomp() { depends="" pkgdesc="bash completion for .NET" # netstandard21-targeting-pack will always be pulled by any dotnetx-sdk # thus pulling this with it for sdk install_if="netstandard21-targeting-pack bash-completion" depends="dotnet-host" install -dm 755 "$subpkgdir"/usr/share/bash-completion/completions install -m 755 "$builddir"/src/sdk/scripts/register-completions.bash "$subpkgdir"/usr/share/bash-completion/completions/_dotnet } doc() { default_doc pkgdesc="Docs for .NET" # licenses install -dm 755 "$subpkgdir"/usr/share/licenses/dotnet tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/usr/share/licenses/dotnet/ \ --no-same-owner \ ./LICENSE.txt ./ThirdPartyNotices.txt } sha512sums=" 5f3626aac49cf29c924d30fa81c508be8a45b38914c08b67c1dbec44f7d2b3ff7b6a8126ff4af88d43b972e5e17a712757b762ecf5c99c5f6acd8284ee9b2a3f dotnet-v6.0.125.tar.xz e9f3df13d093fac214778c1137857e065f58d4e0d2a48d540d8ed7bb41e2fd73b2b3f62a0aa5b0e80fa80a5b58ba77ff19b9d10a492802f8539e3a6ed79d299d dotnet-testsuite-e1cc0f181ffd4d755756d30d985513897d592ba4.tar.gz fc281df5fcf0d31dc9ff7f5b0e870960cfbe3c4fa0f6a6bb50b22c4ee18d2c608c827205bc79bd7f686d77ac917582fc26f68432cdd86c4a33b910c0c7416d09 dotnet-bunny-71880bd94711519f7b786248a88a827a401207a2.tar.gz bdc2617791fda07bcc87cf5f8727ac721756810880b14c5472998d6a3e238d85d5a12db7823d1237b17f40945e697a6c9104d1c43816c775cc03920e88572a37 build_14816-non-portable-build.patch 70d402d0bcaa98c8b09652365404238b67ed26eb9c3d510c7d6309fb61937d98c9144f1096e521c11b00e946d29585a9d474498ccc5223de32bd6471ab5a431f build_14816-update-portable-rid-logic.patch a5a359af816595fbf19482e5dccf874c78d2fc4b59f38223118aac603b33e00c9fed22580eee3112519477205c2c8ed16177d100f09f45275e3da3c20b0ed7f7 build_disable-apphost.diff e71f91d14873755bc2f227807d909e5260bd1f166a262eda0bf05d4a3975a7bce7fde457c1eba476a83b317aebdaaba25f1893d3385182428c08bba6243f21c8 installer_14816-update-portable-rid-logic.patch 86e14ecc0269c8b2c2a2a679790de4fa4e15ac06b2a831e1129c4a7de1499d60583fcdc79b3705652c3c4ced73afac2e0ee3edce2cfa3b00fddf94180fb26e10 msbuild_optional-systemconfiguration.patch f4d27624f735ce77e0030fa791594fc12fb325a3ce8620791a7856bd5c0067a042df2196ec97ed4d0309db64bd51e6a48cafaad316d9ea45e34134214a7f3ca4 msbuild_optional-systemsecurity.patch 42779a7bf1004fe0f7054cfa4f09f49d7f2a57c0543ec994ffbd54fb349abb508295476098ed35d60e9676be8bcc15aa8a9ec5c814cd1e058357530b5cdfb2b6 roslyn_57003-mono-namedmutex.patch e67e0114bd324dae65eb19f6fa8c74414bee77cd30e299931b0d82b4ca1b6b6f88358a0c47ffb180f46c5cb28f61f79bb4a59d43c1ae3011bfe491e757de293a runtime_76500-mono-musl-support.patch 827e899a83103f666dc3d57c1ec695bebc659a574f4a1d754da0cafe8c18d7db79c3950267e905fa078f94612ee1101fbddd0ea62b3c08947d8bcd7d9c8de41c runtime_82269-mono-thread-coop-undefine-fortify-source.patch 91f237afe642d0170dbf0e9a2706a4145c937d9d869d22959acaf092f1fd11941144b2b1d041102abe7b70349dd5869d558896e9d13d01f176cace39b21ef1ef runtime_enable-system-libunwind.diff d972e77df27748a80c9b23eca12f9fbd78be97f9034b79cc5703ba58eb6750171d9a115314300f883620ccbca89c65a99ca7a45d54a421b028b590190b4bed80 runtime_remove-usage-of-off64-t.patch d1b4ebcbb1a6815fc0ce4c471485c232618e60968a879309fb8336821a9351d2e0028d9f7726c0c041c750b497a0baa47400c78c9ceff550b91b4a6c2816fc41 sdk_14239-add-zsh-compdef-completion-script.patch 815de1dad37412579b16d763debe2ecceffb44f5c46bd3f4ac00b3e431b20c677db435794eac41cea5601030b4e0f03f19e2d53c7a1ead896de2ffbca787eb84 sdk_telemetry-optout.patch "