# Maintainer: Antoine Martin (ayakael) # Contributor: Antoine Martin (ayakael) # secfixes: # 7.0.103-r0: # - CVE-2023-21808 # 7.0.105-r0: # - CVE-2023-28260 # 7.0.107-r0: # - CVE-2023-24895 # - CVE-2023-24897 # - CVE-2023-24936 # - CVE-2023-29331 # - CVE-2023-29337 # - CVE-2023-32032 # - CVE-2023-33126 # - CVE-2023-33128 # - CVE-2023-33135 # 7.0.109-r0: # - CVE-2023-33127 # - CVE-2023-33170 # 7.0.110-r0: # - CVE-2023-38178 # - CVE-2023-35390 # - CVE-2023-38180 # - CVE-2023-35391 pkgname=dotnet7-build pkgver=7.0.110 pkgrel=0 _gittag=v$pkgver _giturl="https://github.com/dotnet/installer" _testtag=e1cc0f181ffd4d755756d30d985513897d592ba4 _bunnytag=v12 _patches=" build_disable-package-validation.patch build_disable-source-link.patch build_enable-timestamps.patch roslyn-analyzer_disable-apphost.patch runtime_76500-mono-musl-support.patch runtime_82269-mono-thread-coop-undefine-fortify-source.patch runtime_enable-runtime-marshalling.diff runtime_enable-system-libunwind.diff runtime_remove-usage-of-off64-t.patch sdk_14239-add-zsh-compdef-completion-script.patch " _pkgver_macro=${pkgver%.*} _pkgver_prior=${pkgver%.*.*} _pkgver_name=${_pkgver_macro//[.0]} pkgdesc="The .NET $_pkgver_macro bootstrap" # x86: blocked by https://github.com/dotnet/runtime/issues/77667 # armhf: blocked by https://github.com/dotnet/runtime/issues/77663 # riscv64: port WIP https://github.com/dotnet/runtime/issues/36748 # aarch64: build failure arch="all !x86 !armhf !riscv64 !aarch64" url=https://dotnet.microsoft.com license="MIT" # hack for dotnetx-build to be able to pull itself for bootstrapping provides="dotnet$_pkgver_name-bootstrap" provider_priority=$_pkgver_prior checkdepends=" babeltrace binutils coreutils file gawk jq lttng-tools npm procps sed strace util-linux-misc which " makedepends=" alpine-release bash clang cmake dotnet$_pkgver_name-bootstrap dotnet$_pkgver_name-bootstrap-artifacts dotnet$_pkgver_name-stage0 findutils git grep icu-data-full icu-dev inetutils-syslogd krb5-dev libgit2-dev libintl libucontext-dev libunwind-dev libxml2-dev libxml2-utils linux-headers lldb-dev llvm-dev lttng-ust-dev nodejs numactl-dev openssl-dev pigz rsync samurai tar xz zlib-dev " case $CARCH in s390x|x86) ;; *) makedepends="$makedepends lld-dev";; esac subpackages=" dotnet$_pkgver_name-artifacts:artifacts:noarch dotnet$_pkgver_name-sdk dotnet$_pkgver_name-templates:templates:noarch dotnet-zsh-completion:zshcomp:noarch dotnet-bash-completion:bashcomp:noarch dotnet-doc netstandard21-targeting-pack:netstandard_targeting_pack:noarch " source=" https://lab.ilot.io/dotnet/installer/-/releases/$_gittag/downloads/tarball/dotnet-$_gittag.tar.xz dotnet-testsuite-$_testtag.tar.gz::https://github.com/redhat-developer/dotnet-regular-tests/archive/$_testtag.tar.gz dotnet-bunny-$_bunnytag.tar.gz::https://github.com/redhat-developer/dotnet-bunny/archive/$_bunnytag.tar.gz $_patches " builddir="$srcdir"/dotnet-$_gittag _checkdir="$srcdir"/dotnet-bunny-${_bunnytag/v} _testdir="$srcdir"/dotnet-regular-tests-$_testtag _cli_root="$srcdir"/bootstrap _libdir="/usr/lib" # if true, then within pipeline environment, in which case send logs there # to be scooped if [ -d "$APORTSDIR/logs" ]; then _logdir="$APORTSDIR"/logs/$pkgname else _logdir="$srcdir"/logs fi case $CARCH in x86_64) _dotnet_arch="x64";; aarch64) _dotnet_arch="arm64";; armv7) _dotnet_arch="arm";; armhf) _dotnet_arch="armv6";; *) _dotnet_arch="$CARCH";; esac # Build doesn't set all the right executable bits for the right file types _fix_executable() { # add executable bit find "$1" -type f \( \ -name 'apphost' -o \ -name 'singlefilehost' -o \ -name 'lib*so' \ \) \ -exec chmod +x '{}' \; # remove executable bit find "$1" -type f \( \ -name '*.a' -o \ -name '*.dll' -o \ -name '*.h' -o \ -name '*.json' -o \ -name '*.pdb' -o \ -name '*.props' -o \ -name '*.pubxml' -o \ -name '*.targets' -o \ -name '*.txt' -o \ -name '*.xml' \ \) \ -exec chmod -x '{}' \; } # generates tarball containing all components built by dotnet snapshot() { local _pkg="$srcdir"/${builddir##*/}.tar ulimit -n 4096 if [ -d "$srcdir" ]; then cd "$srcdir" else mkdir -p "$srcdir" && cd "$srcdir" fi if [ -d "installer" ]; then cd "$srcdir"/installer else git clone $_giturl --branch $_gittag && cd "$srcdir"/installer fi sed 's||' -i src/SourceBuild/Arcade/tools/SourceBuildArcadeTarball.targets if [ -d "$_libdir/dotnet/bootstrap" ]; then local _cli_root="$(find $_libdir/dotnet/bootstrap/${_pkgver_macro}* -maxdepth 0 -type d | sort -r | head -n 1)" else local _cli_root="" fi _InitializeDotNetCli="$_cli_root" DOTNET_INSTALL_DIR="$_cli_root" DotNetBuildFromSource=true ./build.sh \ /p:ArcadeBuildTarball=true \ /p:TarballDir=$builddir \ /p:TarballFilePath=$_pkg msg "Compressing ${builddir##*/}.tar to $SRCDEST" xz -T0 -9 -vv -e -c > "$SRCDEST"/${builddir##*/}.tar.xz < "$_pkg" cd "$startdir" abuild checksum } prepare() { default_prepare # Parallel restore is broken on mono-based builds since dotnet7 # see https://github.com/dotnet/runtime/issues/77364 # A workaround via runtime_enable-runtime-marshalling.diff case $CARCH in s390x|ppc64le) msg "runtime_enable-runtime-marshalling.diff" patch -p1 -i "$srcdir"/runtime_enable-runtime-marshalling.diff ;; esac # Using system libunwind is broken on aarch64|armv7, and unused on mono-based builds # see https://github.com/dotnet/source-build/issues/2408, case $CARCH in aarch64|armv7) msg "Using bundled libunwind";; armhf|s390x|ppc64le) msg "No libunwind used";; *) msg "Using system libunwind" patch -p1 -i "$srcdir"/runtime_enable-system-libunwind.diff ;; esac # ensure that dotnet does not download artifacts provided by dotnet-artifacts rm -rf "$builddir"/packages/archive # links logfiles to pipeline logs for easy pickup in pipelines mkdir -p "$_logdir" "$builddir"/artifacts ln -s "$_logdir" "$builddir"/artifacts/logs ln -s "$_logdir" "$builddir"/artifacts/log for i in "$builddir"/src/*; do if [ -f "$i" ]; then continue fi mkdir -p "$_logdir"/${i##*\/} "$builddir"/src/${i##*\/}/artifacts ln -s "$_logdir"/${i##*\/} "$builddir"/src/${i##*\/}/artifacts/log done # dotnet requires its bootstrap to be in a writable dir msg "Setting up bootstrap" local _bootstrapdir=$(find $_libdir/dotnet/bootstrap/$_pkgver_macro* -maxdepth 0 | sort -r | head -n 1) if [ ! -d "$_cli_root" ]; then cp -r "$_bootstrapdir" "$_cli_root" fi } build() { msg "Building $pkgname-$pkgver" ulimit -n 4096 # Disable use of LTTng as tracing on lttng <=2,13,0 is broken # See https://github.com/dotnet/runtime/issues/57784. if [ -f "/usr/lib/liblttng-ust.so.1 " ]; then export DOTNET_LTTng=0 fi case "$CARCH" in x86*) ;; *) # clang doesn't implement this outside of x86, and it causes a later configure to fail export CFLAGS="${CFLAGS/-fstack-clash-protection}" export CXXFLAGS="${CXXFLAGS/-fstack-clash-protection}" ;; esac # looks for most recent recent version of _artifactsdir local _artifactsdir=$(find $_libdir/dotnet/artifacts/$_pkgver_macro* -maxdepth 0 | sort -r | head -n 1) # ci args, else the output is forwarded to log files which isn't ideal in a # pipeline environment, and build by defaults uses lots of space local args=" /v:minimal /p:LogVerbosity=minimal /p:MinimalConsoleLogOutput=true /p:CleanWhileBuilding=true " # part of https://github.com/dotnet/installer/pull/14792 that sets this flag # was not integrated in 7.0.1xx yet case $CARCH in s390x|ppc64le) local args="$args /p:SourceBuildUseMonoRuntime=true";; esac # Sets TargetRid manually as dotnet cannot be trusted to reliably compute # the machine's runtime ID between releases. # shellcheck disable=SC2034 . /etc/os-release local VERSION_ID_DOT="${VERSION_ID//[^.]}" while [ ${#VERSION_ID_DOT} -gt 1 ]; do local VERSION_ID="${VERSION_ID%.*}" local VERSION_ID_DOT="${VERSION_ID//[^.]}" done local VERSION_ID_DASH="${VERSION_ID//[^_]}" while [ ${#VERSION_ID_DASH} -ge 1 ]; do local VERSION_ID="${VERSION_ID%_*}" local VERSION_ID_DASH="${VERSION_ID//[^_]}" done local args="$args /p:TargetRid=$ID.$VERSION_ID-$_dotnet_arch" ./build.sh \ --with-sdk "$_cli_root" \ --with-packages "$_artifactsdir" \ -- $args } check() { ulimit -n 4096 # Tests timeout (in seconds) local _tests_timeout=1000 # Test suite disable flags # following tests can only work after packaging step local _disabled_tests="man-pages distribution-package bash-completion install-location release-version-sane" # test broken: permission issue on lxc / pipelines local _disabled_tests="$_disabled_tests createdump-aspnet workload" # liblttng-ust_sys-sdt.h: no 'NT_STAPSDT' on Alpine's lttng-ust package # lttng: known issue, see https://github.com/dotnet/runtime/issues/57784 local _disabled_tests="$_disabled_tests liblttng-ust_sys-sdt.h lttng" # {bundled,system}-libunwind: use system version on all but aarch64/armv7, as broken # see https://github.com/redhat-developer/dotnet-regular-tests/issues/113 # disable on mono-flavored runtime as mono does not use libunwind case $CARCH in armv7|aarch64) local _disabled_tests="$_disabled_tests system-libunwind";; s390x|ppc64le|armhf) local _disabled_tests="$_disabled_tests bundled-libunwind system-libunwind";; *) local _disabled_tests="$_disabled_tests bundled-libunwind";; esac # test unit broken currently local _disabled_tests="$_disabled_tests system-libunwind" # nativeaot is not supported on armv7 case $CARCH in armv7) local _disabled_tests="$_disabled_tests nativeaot" esac # test unit hangs local _disabled_tests="$_disabled_tests debugging-via-dotnet-dump" msg "Unpacking produced dotnet" export DOTNET_ROOT="$_checkdir/release" if [ ! -d "$DOTNET_ROOT" ]; then mkdir -p "$DOTNET_ROOT" tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$DOTNET_ROOT" \ --no-same-owner fi export PATH="$DOTNET_ROOT:$PATH" # some files either should or should not have executable bits # (done again during packaging - this is for tests) _fix_executable "$DOTNET_ROOT" msg "Building turkey test suite" if [ ! -d "$_checkdir"/turkey ]; then cd "$_checkdir"/Turkey dotnet publish -f netcoreapp3.1 -c Release -p:VersionPrefix=1 -p:VersionSuffix="$(git rev-parse --short HEAD)" -o "$_checkdir"/turkey fi msg "Running test suite" cd "$_testdir" for i in $_disabled_tests; do if [ -d "$i" ]; then sed -i 's|"enabled": true|"enabled": false|' $i/test.json fi done dotnet "$_checkdir"/turkey/Turkey.dll -t $_tests_timeout || local ERROR=true if [ $ERROR ]; then msg "Check error reported, dumping logs" for i in *.log; do msg "Dumping $i" cat "$i" done fi } package() { # directory creation install -dm 755 \ "$pkgdir"/$_libdir/dotnet/bootstrap/$pkgver \ "$pkgdir"/usr/share/man/man1 \ "$pkgdir"/$_libdir/dotnet/artifacts/$pkgver # unpack sdk to bootstrap tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$pkgdir"/$_libdir/dotnet/bootstrap/$pkgver/ \ --no-same-owner # extract arch-specific artifacts to artifacts dir for use by future dotnet builds tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/Private.SourceBuilt.Artifacts.*.tar.gz \ -C "$pkgdir"/$_libdir/dotnet/artifacts/$pkgver/ \ --no-same-owner \ --wildcards \ '*alpine*' # assemble docs find "$builddir" -iname 'dotnet*.1' -type f -exec cp '{}' "$pkgdir"/usr/share/man/man1/. \; # some files either should or should not have executable bits _fix_executable "$pkgdir" # Disable use of LTTng as tracing on lttng <=2,13,0 is broken # See https://github.com/dotnet/runtime/issues/57784. if [ -f "/usr/lib/liblttng-ust.so.1 " ]; then rm "$pkgdir"/$_libdir/dotnet/bootstrap/*/shared/Microsoft.NETCore.App/*/libcoreclrtraceptprovider.so fi } sdk() { pkgdesc="The .NET $_pkgver_macro SDK" # libucontext isn't automatically detected on all platforms depends=" aspnetcore$_pkgver_name-runtime aspnetcore$_pkgver_name-targeting-pack dotnet$_pkgver_name-apphost-pack dotnet$_pkgver_name-targeting-pack dotnet$_pkgver_name-templates netstandard21-targeting-pack libucontext " provides=" dotnet-sdk-$_pkgver_macro=$pkgver-r$pkgrel dotnet$_pkgver_name-dev=$pkgver-r$pkgrel " install -dm 755 "$subpkgdir"/$_libdir/dotnet # sdk tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/ \ --no-same-owner \ ./sdk ./sdk-manifests # some files either should or should not have executable bits _fix_executable "$subpkgdir" # See https://github.com/dotnet/source-build/issues/2579 find "$subpkgdir" -type f -name 'testhost.x86' -delete find "$subpkgdir" -type f -name 'vstest.console' -delete } netstandard_targeting_pack() { pkgdesc="The .NET 2.1 Standard targeting pack" depends="dotnet-host" provides="netstandard-targeting-pack-2.1=$pkgver-r$pkgrel" install -dm 755 "$subpkgdir"/$_libdir/dotnet/packs tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/ \ --no-same-owner \ ./packs/NETStandard.Library.Ref # some files either should or should not have executable bits _fix_executable "$subpkgdir" } templates() { pkgdesc="The .NET $_pkgver_macro templates" depends="dotnet-host" provides="dotnet-templates-$_pkgver_macro=$pkgver-r$pkgrel" install -dm 755 "$subpkgdir"/$_libdir/dotnet tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/ \ --no-same-owner \ ./templates # some files either should or should not have executable bits _fix_executable "$subpkgdir" } artifacts() { pkgdesc="Internal package for building .NET $_pkgver_macro Software Development Kit" # hack to allow artifacts to pull itself provides="dotnet$_pkgver_name-bootstrap-artifacts" provider_priority=$_pkgver_prior # directory creation install -dm 755 \ "$subpkgdir"/$_libdir/dotnet/artifacts/$pkgver \ "$subpkgdir"/usr/share/licenses # extract arch-agnostic artifacts to artifacts dir for use by future dotnet builds tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/Private.SourceBuilt.Artifacts.*.tar.gz \ -C "$subpkgdir"/$_libdir/dotnet/artifacts/$pkgver/ \ --no-same-owner \ --exclude '*Intermediate*' \ --exclude '*alpine*' } zshcomp() { depends="" pkgdesc="zsh completion for .NET" # netstandard21-targeting-pack will always be pulled by any dotnetx-sdk # thus pulling this with it for sdk install_if="netstandard21-targeting-pack zsh" depends="dotnet-host" install -dm 755 "$subpkgdir"/usr/share/zsh/site-functions install -m 755 "$builddir"/src/sdk/scripts/register-completions.zsh "$subpkgdir"/usr/share/zsh/site-functions/_dotnet } bashcomp() { depends="" pkgdesc="bash completion for .NET" # netstandard21-targeting-pack will always be pulled by any dotnetx-sdk # thus pulling this with it for sdk install_if="netstandard21-targeting-pack bash-completion" depends="dotnet-host" install -dm 755 "$subpkgdir"/usr/share/bash-completion/completions install -m 755 "$builddir"/src/sdk/scripts/register-completions.bash "$subpkgdir"/usr/share/bash-completion/completions/_dotnet } doc() { default_doc pkgdesc="Docs for .NET" # licenses install -dm 755 "$subpkgdir"/usr/share/licenses/dotnet tar --use-compress-program="pigz" \ -xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \ -C "$subpkgdir"/usr/share/licenses/dotnet/ \ --no-same-owner \ ./LICENSE.txt ./ThirdPartyNotices.txt } sha512sums=" 806bc8467dd23bb07d80afea00ec7973040302c509e544121bb26a308a3cc1e861a34b784d02f9ecf218acbb46fa32679c8fa56c86c04f58767c530a3592aeb6 dotnet-v7.0.110.tar.xz e9f3df13d093fac214778c1137857e065f58d4e0d2a48d540d8ed7bb41e2fd73b2b3f62a0aa5b0e80fa80a5b58ba77ff19b9d10a492802f8539e3a6ed79d299d dotnet-testsuite-e1cc0f181ffd4d755756d30d985513897d592ba4.tar.gz 0028d5d97b814b122d73137b4e0d64ca5d788aa0ae5fde500de722e23522827f2538f06e75acb17cc39b8917961ee78d1f0bbc84b2b624ae0e9bf88adca2ba6f dotnet-bunny-v12.tar.gz 429033f5f6a8e33eb849c29c1d6628faca13751e1b1e536179b491041034dcdee107cbff12f7e9f1ef68a178a0818c534113f63bc8bbc37de67ec900c23cacf4 build_disable-package-validation.patch ebab0364deab5d99131e2724b7fbac668bc27ddf74958623af1913e49850df98b2d077d27324b2bbabbbcdf77ea48bf7a7ca83d0ced6f48bdb66cc1e8bbce4a4 build_disable-source-link.patch 86fbaa058f78bba100f534f4c4bd6d7254181909f70d264c0390d3dd89c878a14ba9b5d2de05271b2c07b73ead70e029488c926221f676d59e27e387e3e579e9 build_enable-timestamps.patch 4ac92d2d9190a55ee20d3e145a28a6953c98d3eb838c8acfb808b8839316443cb64da4a2c5787df0171fce7ef96ff6381043085ed90c23ec09ce9ac81571e675 roslyn-analyzer_disable-apphost.patch 7a3291a05c94986d631a37870f573aca8603e9464cb632b3e5b93eca8a358fc7dcc98a8a8017f566885ceafe462bec734b7d31c7a974270e83c6d2ae54f51902 runtime_76500-mono-musl-support.patch d732df247c721c9f677baabdd7f36dbf4b564814ff64164361065bb1c196b767494a1d39f634eadf01a23032c7b3e64102614b7213065c81096bbf3f8022e6a0 runtime_82269-mono-thread-coop-undefine-fortify-source.patch 741d210b83d4dfca79338def253c82737b6d5f319052173f37aa6dfb5b8e90bfc29272657301095a9623ae2c72449ed6fc60cc6c70fcf88f15c66f89cbd3c201 runtime_enable-runtime-marshalling.diff 293742ab307bef459a21deadcc4ad7c7996cc4b490910a36c2763b8ad25cc8a91c4e03b6290567cd1030f69638d0156c5b6970887858fb091f8482b67356065d runtime_enable-system-libunwind.diff d972e77df27748a80c9b23eca12f9fbd78be97f9034b79cc5703ba58eb6750171d9a115314300f883620ccbca89c65a99ca7a45d54a421b028b590190b4bed80 runtime_remove-usage-of-off64-t.patch d1b4ebcbb1a6815fc0ce4c471485c232618e60968a879309fb8336821a9351d2e0028d9f7726c0c041c750b497a0baa47400c78c9ceff550b91b4a6c2816fc41 sdk_14239-add-zsh-compdef-completion-script.patch "