ayaports/community/dotnet7-build/APKBUILD

# Maintainer: Antoine Martin (ayakael) <dev@ayakael.net>
# Contributor: Antoine Martin (ayakael) <dev@ayakael.net>

# secfixes:
#   7.0.103-r0:
#     - CVE-2023-21808
#   7.0.105-r0:
#     - CVE-2023-28260
#   7.0.107-r0:
#     - CVE-2023-24895
#     - CVE-2023-24897
#     - CVE-2023-24936
#     - CVE-2023-29331
#     - CVE-2023-29337
#     - CVE-2023-32032
#     - CVE-2023-33126
#     - CVE-2023-33128
#     - CVE-2023-33135
#   7.0.109-r0:
#     - CVE-2023-33127
#     - CVE-2023-33170
#   7.0.110-r0:
#     - CVE-2023-38178
#     - CVE-2023-35390
#     - CVE-2023-38180
#     - CVE-2023-35391

pkgname=dotnet7-build
pkgver=7.0.110
pkgrel=0
_gittag=v$pkgver
_giturl="https://github.com/dotnet/installer"
_testtag=e1cc0f181ffd4d755756d30d985513897d592ba4
_bunnytag=v12
_patches="
	build_disable-package-validation.patch
	build_disable-source-link.patch
	build_enable-timestamps.patch
	roslyn-analyzer_disable-apphost.patch
	runtime_76500-mono-musl-support.patch
	runtime_82269-mono-thread-coop-undefine-fortify-source.patch
	runtime_enable-runtime-marshalling.diff
	runtime_enable-system-libunwind.diff
	runtime_remove-usage-of-off64-t.patch
	sdk_14239-add-zsh-compdef-completion-script.patch
	"

_pkgver_macro=${pkgver%.*}
_pkgver_prior=${pkgver%.*.*}
_pkgver_name=${_pkgver_macro//[.0]}
pkgdesc="The .NET $_pkgver_macro bootstrap"
# x86: blocked by https://github.com/dotnet/runtime/issues/77667
# armhf: blocked by https://github.com/dotnet/runtime/issues/77663
# riscv64: port WIP https://github.com/dotnet/runtime/issues/36748
# aarch64: build failure
arch="all !x86 !armhf !riscv64 !aarch64"
url=https://dotnet.microsoft.com
license="MIT"
# hack for dotnetx-build to be able to pull itself for bootstrapping
provides="dotnet$_pkgver_name-bootstrap"
provider_priority=$_pkgver_prior
checkdepends="
	babeltrace
	binutils
	coreutils
	file
	gawk
	jq
	lttng-tools
	npm
	procps
	sed
	strace
	util-linux-misc
	which
	"
makedepends="
	alpine-release
	bash
	clang
	cmake
	dotnet$_pkgver_name-bootstrap
	dotnet$_pkgver_name-bootstrap-artifacts
	dotnet$_pkgver_name-stage0
	findutils
	git
	grep
	icu-data-full
	icu-dev
	inetutils-syslogd
	krb5-dev
	libgit2-dev
	libintl
	libucontext-dev
	libunwind-dev
	libxml2-dev
	libxml2-utils
	linux-headers
	lldb-dev
	llvm-dev
	lttng-ust-dev
	nodejs
	numactl-dev
	openssl-dev
	pigz
	rsync
	samurai
	tar
	xz
	zlib-dev
	"
case $CARCH in
	s390x|x86) ;;
	*) makedepends="$makedepends lld-dev";;
esac

subpackages="
	dotnet$_pkgver_name-artifacts:artifacts:noarch
	dotnet$_pkgver_name-sdk
	dotnet$_pkgver_name-templates:templates:noarch
	dotnet-zsh-completion:zshcomp:noarch
	dotnet-bash-completion:bashcomp:noarch
	dotnet-doc
	netstandard21-targeting-pack:netstandard_targeting_pack:noarch
	"
source="
	https://lab.ilot.io/dotnet/installer/-/releases/$_gittag/downloads/tarball/dotnet-$_gittag.tar.xz
	dotnet-testsuite-$_testtag.tar.gz::https://github.com/redhat-developer/dotnet-regular-tests/archive/$_testtag.tar.gz
	dotnet-bunny-$_bunnytag.tar.gz::https://github.com/redhat-developer/dotnet-bunny/archive/$_bunnytag.tar.gz
	$_patches
	"
builddir="$srcdir"/dotnet-$_gittag
_checkdir="$srcdir"/dotnet-bunny-${_bunnytag/v}
_testdir="$srcdir"/dotnet-regular-tests-$_testtag
_cli_root="$srcdir"/bootstrap
_libdir="/usr/lib"
# if true, then within pipeline environment, in which case send logs there
# to be scooped
if [ -d "$APORTSDIR/logs" ]; then
	_logdir="$APORTSDIR"/logs/$pkgname
else
	_logdir="$srcdir"/logs
fi

case $CARCH in
	x86_64) _dotnet_arch="x64";;
	aarch64) _dotnet_arch="arm64";;
	armv7) _dotnet_arch="arm";;
	armhf) _dotnet_arch="armv6";;
	*) _dotnet_arch="$CARCH";;
esac

# Build doesn't set all the right executable bits for the right file types
_fix_executable() {
	# add executable bit
	find "$1" -type f \( \
		-name 'apphost' -o \
		-name 'singlefilehost' -o \
		-name 'lib*so' \
			\) \
		-exec chmod +x '{}' \;

	# remove executable bit
	find "$1" -type f \( \
		-name '*.a' -o \
		-name '*.dll' -o \
		-name '*.h' -o \
		-name '*.json' -o \
		-name '*.pdb' -o \
		-name '*.props' -o \
		-name '*.pubxml' -o \
		-name '*.targets' -o \
		-name '*.txt' -o \
		-name '*.xml' \
			\) \
		-exec chmod -x '{}' \;
}

# generates tarball containing all components built by dotnet
snapshot() {
	local _pkg="$srcdir"/${builddir##*/}.tar
	ulimit -n 4096
	if [ -d "$srcdir" ]; then
		cd "$srcdir"
	else
		mkdir -p "$srcdir" && cd "$srcdir"
	fi
	if [ -d "installer" ]; then
		cd "$srcdir"/installer
	else
		git clone $_giturl --branch $_gittag && cd "$srcdir"/installer
	fi

	sed 's|<Exec Command="tar.*|<Exec Command="tar -cf $(TarballFilePath) -C $(TarballDir)/.. $([MSBuild]::MakeRelative($([System.IO.Path]::GetDirectoryName($(TarballDir))), $(TarballDir)))" />|' -i src/SourceBuild/Arcade/tools/SourceBuildArcadeTarball.targets

	if [ -d "$_libdir/dotnet/bootstrap" ]; then
		local _cli_root="$(find $_libdir/dotnet/bootstrap/${_pkgver_macro}* -maxdepth 0 -type d | sort -r | head -n 1)"
	else
		local _cli_root=""
	fi

	_InitializeDotNetCli="$_cli_root" DOTNET_INSTALL_DIR="$_cli_root" DotNetBuildFromSource=true ./build.sh \
		/p:ArcadeBuildTarball=true \
		/p:TarballDir=$builddir \
		/p:TarballFilePath=$_pkg

	msg "Compressing ${builddir##*/}.tar to $SRCDEST"
	xz -T0 -9 -vv -e -c > "$SRCDEST"/${builddir##*/}.tar.xz < "$_pkg"

	cd "$startdir"
	abuild checksum
}

prepare() {
	default_prepare

	# Parallel restore is broken on mono-based builds since dotnet7
	# see https://github.com/dotnet/runtime/issues/77364
	# A workaround via runtime_enable-runtime-marshalling.diff
	case $CARCH in
		s390x|ppc64le)
			msg "runtime_enable-runtime-marshalling.diff"
			patch -p1 -i "$srcdir"/runtime_enable-runtime-marshalling.diff
			;;
	esac

	# Using system libunwind is broken on aarch64|armv7, and unused on mono-based builds
	# see https://github.com/dotnet/source-build/issues/2408,
	case $CARCH in
		aarch64|armv7) msg "Using bundled libunwind";;
		armhf|s390x|ppc64le) msg "No libunwind used";;
		*)
			msg "Using system libunwind"
			patch -p1 -i "$srcdir"/runtime_enable-system-libunwind.diff
			;;
	esac

	# ensure that dotnet does not download artifacts provided by dotnet-artifacts
	rm -rf "$builddir"/packages/archive

	# links logfiles to pipeline logs for easy pickup in pipelines
	mkdir -p "$_logdir" "$builddir"/artifacts
	ln -s "$_logdir" "$builddir"/artifacts/logs
	ln -s "$_logdir" "$builddir"/artifacts/log
	for i in "$builddir"/src/*; do
		if [ -f "$i" ]; then
			continue
		fi
		mkdir -p "$_logdir"/${i##*\/} "$builddir"/src/${i##*\/}/artifacts
		ln -s "$_logdir"/${i##*\/} "$builddir"/src/${i##*\/}/artifacts/log
	done

	# dotnet requires its bootstrap to be in a writable dir
	msg "Setting up bootstrap"
	local _bootstrapdir=$(find $_libdir/dotnet/bootstrap/$_pkgver_macro* -maxdepth 0 | sort -r | head -n 1)
	if [ ! -d "$_cli_root" ]; then
		cp -r "$_bootstrapdir" "$_cli_root"
	fi
}

build() {
	msg "Building $pkgname-$pkgver"

	ulimit -n 4096

	# Disable use of LTTng as tracing on lttng <=2,13,0 is broken
	# See https://github.com/dotnet/runtime/issues/57784.
	if [ -f "/usr/lib/liblttng-ust.so.1 " ]; then
		export DOTNET_LTTng=0
	fi

	case "$CARCH" in
	x86*) ;;
	*)
		# clang doesn't implement this outside of x86, and it causes a later configure to fail
		export CFLAGS="${CFLAGS/-fstack-clash-protection}"
		export CXXFLAGS="${CXXFLAGS/-fstack-clash-protection}"
		;;
	esac

	# looks for most recent recent version of _artifactsdir
	local _artifactsdir=$(find $_libdir/dotnet/artifacts/$_pkgver_macro* -maxdepth 0 | sort -r | head -n 1)

	# ci args, else the output is forwarded to log files which isn't ideal in a
	# pipeline environment, and build by defaults uses lots of space
	local args="
		/v:minimal
		/p:LogVerbosity=minimal
		/p:MinimalConsoleLogOutput=true
		/p:CleanWhileBuilding=true
		"

	# part of https://github.com/dotnet/installer/pull/14792 that sets this flag
	# was not integrated in 7.0.1xx yet
	case $CARCH in
		s390x|ppc64le) local args="$args /p:SourceBuildUseMonoRuntime=true";;
	esac

	# Sets TargetRid manually as dotnet cannot be trusted to reliably compute
	# the machine's runtime ID between releases.
	# shellcheck disable=SC2034
	. /etc/os-release
	local VERSION_ID_DOT="${VERSION_ID//[^.]}"
	while [ ${#VERSION_ID_DOT} -gt 1 ]; do
		local VERSION_ID="${VERSION_ID%.*}"
		local VERSION_ID_DOT="${VERSION_ID//[^.]}"
	done
	local VERSION_ID_DASH="${VERSION_ID//[^_]}"
	while [ ${#VERSION_ID_DASH} -ge 1 ]; do
		local VERSION_ID="${VERSION_ID%_*}"
		local VERSION_ID_DASH="${VERSION_ID//[^_]}"
	done
	local args="$args /p:TargetRid=$ID.$VERSION_ID-$_dotnet_arch"

	./build.sh \
		--with-sdk "$_cli_root" \
		--with-packages "$_artifactsdir" \
		-- $args
}

check() {
	ulimit -n 4096
	# Tests timeout (in seconds)
	local _tests_timeout=1000
	# Test suite disable flags
	# following tests can only work after packaging step
	local _disabled_tests="man-pages distribution-package bash-completion install-location release-version-sane"
	# test broken: permission issue on lxc / pipelines
	local _disabled_tests="$_disabled_tests createdump-aspnet workload"
	# liblttng-ust_sys-sdt.h: no 'NT_STAPSDT' on Alpine's lttng-ust package
	# lttng: known issue, see https://github.com/dotnet/runtime/issues/57784
	local _disabled_tests="$_disabled_tests liblttng-ust_sys-sdt.h lttng"
	# {bundled,system}-libunwind: use system version on all but aarch64/armv7, as broken
	# see https://github.com/redhat-developer/dotnet-regular-tests/issues/113
	# disable on mono-flavored runtime as mono does not use libunwind
	case $CARCH in
		armv7|aarch64) local _disabled_tests="$_disabled_tests system-libunwind";;
		s390x|ppc64le|armhf) local _disabled_tests="$_disabled_tests bundled-libunwind system-libunwind";;
		*) local _disabled_tests="$_disabled_tests bundled-libunwind";;
	esac
	# test unit broken currently
	local _disabled_tests="$_disabled_tests system-libunwind"
	# nativeaot is not supported on armv7
	case $CARCH in
		armv7) local _disabled_tests="$_disabled_tests nativeaot"
	esac
	# test unit hangs
	local _disabled_tests="$_disabled_tests debugging-via-dotnet-dump"

	msg "Unpacking produced dotnet"
	export DOTNET_ROOT="$_checkdir/release"
	if [ ! -d "$DOTNET_ROOT" ]; then
		mkdir -p "$DOTNET_ROOT"
		tar --use-compress-program="pigz" \
			-xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \
			-C "$DOTNET_ROOT" \
			--no-same-owner
	fi
	export PATH="$DOTNET_ROOT:$PATH"
	# some files either should or should not have executable bits
	# (done again during packaging - this is for tests)
	_fix_executable "$DOTNET_ROOT"

	msg "Building turkey test suite"
	if [ ! -d "$_checkdir"/turkey ]; then
		cd "$_checkdir"/Turkey
		dotnet publish -f netcoreapp3.1 -c Release -p:VersionPrefix=1 -p:VersionSuffix="$(git rev-parse --short HEAD)" -o "$_checkdir"/turkey
	fi

	msg "Running test suite"
	cd "$_testdir"
	for i in $_disabled_tests; do
		if [ -d "$i" ]; then
			sed -i 's|"enabled": true|"enabled": false|' $i/test.json
		fi
	done
	dotnet "$_checkdir"/turkey/Turkey.dll -t $_tests_timeout || local ERROR=true
	if [ $ERROR ]; then
		msg "Check error reported, dumping logs"
		for i in *.log; do
			msg "Dumping $i"
			cat "$i"
		done
	fi
}

package() {
	# directory creation
	install -dm 755 \
		"$pkgdir"/$_libdir/dotnet/bootstrap/$pkgver \
		"$pkgdir"/usr/share/man/man1 \
		"$pkgdir"/$_libdir/dotnet/artifacts/$pkgver

	# unpack sdk to bootstrap
	tar --use-compress-program="pigz" \
		-xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \
		-C "$pkgdir"/$_libdir/dotnet/bootstrap/$pkgver/ \
		--no-same-owner

	# extract arch-specific artifacts to artifacts dir for use by future dotnet builds
	tar --use-compress-program="pigz" \
		-xf "$builddir"/artifacts/$_dotnet_arch/Release/Private.SourceBuilt.Artifacts.*.tar.gz \
		-C "$pkgdir"/$_libdir/dotnet/artifacts/$pkgver/ \
		--no-same-owner \
		--wildcards \
		'*alpine*'

	# assemble docs
	find "$builddir" -iname 'dotnet*.1' -type f -exec cp '{}' "$pkgdir"/usr/share/man/man1/. \;

	# some files either should or should not have executable bits
	_fix_executable "$pkgdir"

	# Disable use of LTTng as tracing on lttng <=2,13,0 is broken
	# See https://github.com/dotnet/runtime/issues/57784.
	if [ -f "/usr/lib/liblttng-ust.so.1 " ]; then
		rm "$pkgdir"/$_libdir/dotnet/bootstrap/*/shared/Microsoft.NETCore.App/*/libcoreclrtraceptprovider.so
	fi
}

sdk() {
	pkgdesc="The .NET $_pkgver_macro SDK"
	# libucontext isn't automatically detected on all platforms
	depends="
		aspnetcore$_pkgver_name-runtime
		aspnetcore$_pkgver_name-targeting-pack
		dotnet$_pkgver_name-apphost-pack
		dotnet$_pkgver_name-targeting-pack
		dotnet$_pkgver_name-templates
		netstandard21-targeting-pack
		libucontext
		"
	provides="
		dotnet-sdk-$_pkgver_macro=$pkgver-r$pkgrel
		dotnet$_pkgver_name-dev=$pkgver-r$pkgrel
		"

	install -dm 755 "$subpkgdir"/$_libdir/dotnet

	# sdk
	tar --use-compress-program="pigz" \
		-xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \
		-C "$subpkgdir"/$_libdir/dotnet/ \
		--no-same-owner \
		./sdk ./sdk-manifests

	# some files either should or should not have executable bits
	_fix_executable "$subpkgdir"

	# See https://github.com/dotnet/source-build/issues/2579
	find "$subpkgdir" -type f -name 'testhost.x86' -delete
	find "$subpkgdir" -type f -name 'vstest.console' -delete
}

netstandard_targeting_pack() {
	pkgdesc="The .NET 2.1 Standard targeting pack"
	depends="dotnet-host"
	provides="netstandard-targeting-pack-2.1=$pkgver-r$pkgrel"

	install -dm 755 "$subpkgdir"/$_libdir/dotnet/packs
	tar --use-compress-program="pigz" \
		-xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \
		-C "$subpkgdir"/$_libdir/dotnet/ \
		--no-same-owner \
		./packs/NETStandard.Library.Ref

	# some files either should or should not have executable bits
	_fix_executable "$subpkgdir"
}

templates() {
	pkgdesc="The .NET $_pkgver_macro templates"
	depends="dotnet-host"
	provides="dotnet-templates-$_pkgver_macro=$pkgver-r$pkgrel"

	install -dm 755 "$subpkgdir"/$_libdir/dotnet
	tar --use-compress-program="pigz" \
		-xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \
		-C "$subpkgdir"/$_libdir/dotnet/ \
		--no-same-owner \
		./templates

	# some files either should or should not have executable bits
	_fix_executable "$subpkgdir"
}

artifacts() {
	pkgdesc="Internal package for building .NET $_pkgver_macro Software Development Kit"
	# hack to allow artifacts to pull itself
	provides="dotnet$_pkgver_name-bootstrap-artifacts"
	provider_priority=$_pkgver_prior

	# directory creation
	install -dm 755 \
		"$subpkgdir"/$_libdir/dotnet/artifacts/$pkgver \
		"$subpkgdir"/usr/share/licenses

	# extract arch-agnostic artifacts to artifacts dir for use by future dotnet builds
	tar --use-compress-program="pigz" \
		-xf "$builddir"/artifacts/$_dotnet_arch/Release/Private.SourceBuilt.Artifacts.*.tar.gz \
		-C "$subpkgdir"/$_libdir/dotnet/artifacts/$pkgver/ \
		--no-same-owner \
		--exclude '*Intermediate*' \
		--exclude '*alpine*'
}

zshcomp() {
	depends=""
	pkgdesc="zsh completion for .NET"
	# netstandard21-targeting-pack will always be pulled by any dotnetx-sdk
	# thus pulling this with it for sdk
	install_if="netstandard21-targeting-pack zsh"
	depends="dotnet-host"

	install -dm 755 "$subpkgdir"/usr/share/zsh/site-functions
	install -m 755 "$builddir"/src/sdk/scripts/register-completions.zsh "$subpkgdir"/usr/share/zsh/site-functions/_dotnet
}

bashcomp() {
	depends=""
	pkgdesc="bash completion for .NET"
	# netstandard21-targeting-pack will always be pulled by any dotnetx-sdk
	# thus pulling this with it for sdk
	install_if="netstandard21-targeting-pack bash-completion"
	depends="dotnet-host"

	install -dm 755	"$subpkgdir"/usr/share/bash-completion/completions
	install -m 755 "$builddir"/src/sdk/scripts/register-completions.bash "$subpkgdir"/usr/share/bash-completion/completions/_dotnet
}

doc() {
	default_doc
	pkgdesc="Docs for .NET"

	# licenses
	install -dm 755 "$subpkgdir"/usr/share/licenses/dotnet
	tar --use-compress-program="pigz" \
		-xf "$builddir"/artifacts/$_dotnet_arch/Release/dotnet-sdk-$_pkgver_macro*.tar.gz \
		-C "$subpkgdir"/usr/share/licenses/dotnet/ \
		--no-same-owner \
		./LICENSE.txt ./ThirdPartyNotices.txt
}

sha512sums="
806bc8467dd23bb07d80afea00ec7973040302c509e544121bb26a308a3cc1e861a34b784d02f9ecf218acbb46fa32679c8fa56c86c04f58767c530a3592aeb6  dotnet-v7.0.110.tar.xz
e9f3df13d093fac214778c1137857e065f58d4e0d2a48d540d8ed7bb41e2fd73b2b3f62a0aa5b0e80fa80a5b58ba77ff19b9d10a492802f8539e3a6ed79d299d  dotnet-testsuite-e1cc0f181ffd4d755756d30d985513897d592ba4.tar.gz
0028d5d97b814b122d73137b4e0d64ca5d788aa0ae5fde500de722e23522827f2538f06e75acb17cc39b8917961ee78d1f0bbc84b2b624ae0e9bf88adca2ba6f  dotnet-bunny-v12.tar.gz
429033f5f6a8e33eb849c29c1d6628faca13751e1b1e536179b491041034dcdee107cbff12f7e9f1ef68a178a0818c534113f63bc8bbc37de67ec900c23cacf4  build_disable-package-validation.patch
ebab0364deab5d99131e2724b7fbac668bc27ddf74958623af1913e49850df98b2d077d27324b2bbabbbcdf77ea48bf7a7ca83d0ced6f48bdb66cc1e8bbce4a4  build_disable-source-link.patch
86fbaa058f78bba100f534f4c4bd6d7254181909f70d264c0390d3dd89c878a14ba9b5d2de05271b2c07b73ead70e029488c926221f676d59e27e387e3e579e9  build_enable-timestamps.patch
4ac92d2d9190a55ee20d3e145a28a6953c98d3eb838c8acfb808b8839316443cb64da4a2c5787df0171fce7ef96ff6381043085ed90c23ec09ce9ac81571e675  roslyn-analyzer_disable-apphost.patch
7a3291a05c94986d631a37870f573aca8603e9464cb632b3e5b93eca8a358fc7dcc98a8a8017f566885ceafe462bec734b7d31c7a974270e83c6d2ae54f51902  runtime_76500-mono-musl-support.patch
d732df247c721c9f677baabdd7f36dbf4b564814ff64164361065bb1c196b767494a1d39f634eadf01a23032c7b3e64102614b7213065c81096bbf3f8022e6a0  runtime_82269-mono-thread-coop-undefine-fortify-source.patch
741d210b83d4dfca79338def253c82737b6d5f319052173f37aa6dfb5b8e90bfc29272657301095a9623ae2c72449ed6fc60cc6c70fcf88f15c66f89cbd3c201  runtime_enable-runtime-marshalling.diff
293742ab307bef459a21deadcc4ad7c7996cc4b490910a36c2763b8ad25cc8a91c4e03b6290567cd1030f69638d0156c5b6970887858fb091f8482b67356065d  runtime_enable-system-libunwind.diff
d972e77df27748a80c9b23eca12f9fbd78be97f9034b79cc5703ba58eb6750171d9a115314300f883620ccbca89c65a99ca7a45d54a421b028b590190b4bed80  runtime_remove-usage-of-off64-t.patch
d1b4ebcbb1a6815fc0ce4c471485c232618e60968a879309fb8336821a9351d2e0028d9f7726c0c041c750b497a0baa47400c78c9ceff550b91b4a6c2816fc41  sdk_14239-add-zsh-compdef-completion-script.patch
"