Move building of Alpine to Alpine container host

.pipelines/release.yml

@@ -85,6 +85,18 @@ extends:
         parameters:
           ARCHITECTURE: 'x64_arm64'
 
+    - stage: LinuxMuslBuild
+      displayName: Linux Musl Build
+      variables:
+      - name: LinuxContainerImage
+        value: mcr.microsoft.com/dotnet/sdk:10.0-alpine
+
+      jobs:
+      - template: .pipelines/templates/build-alpine.yml@self
+        parameters:
+          ARCHITECTURE: 'linux-musl-x64'
+          Name: 'Build_Linux_musl_x64'
+
     - stage: LinuxBuild
       displayName: Linux Build
       jobs:
@@ -99,11 +111,6 @@ extends:
           Name: 'Build_Linux_arm64'
           hostArchitecture: 'arm64'
 
-      - template: .pipelines/templates/build-linux.yml@self
-        parameters:
-          ARCHITECTURE: 'linux-musl-x64'
-          Name: 'Build_Linux_musl_x64'
-
       - template: .pipelines/templates/build-linux.yml@self
         parameters:
           ARCHITECTURE: 'osx'
@@ -122,7 +129,7 @@ extends:
           Name: 'Build_Linux_arm'
 
     - stage: Build_Nuget
-      dependsOn: [WinBuildAndSign, LinuxBuild, LinuxBuildARM]
+      dependsOn: [WinBuildAndSign, LinuxBuild, LinuxBuildARM, LinuxMuslBuild]
       displayName: Build NuGet
       jobs:
       - template: .pipelines/templates/build-nuget.yml@self

.pipelines/templates/build-alpine.yml

@@ -0,0 +1,133 @@
+parameters:
+  - name: ARCHITECTURE
+    type: string
+    default: 'x64'
+  - name: Name
+    type: string
+    default: 'Build_musl_x64'
+  - name: hostArchitecture
+    type: string
+    default: 'amd64'
+
+jobs:
+- job: PrepareDockerBuild
+  pool:
+    type: linux
+    ${{ if eq(parameters.hostArchitecture, 'arm64') }}:
+      hostArchitecture: 'arm64'
+  displayName: Prepare_Docker_Build
+  variables:
+    - name: ob_outputDirectory
+      value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT'
+    - name: ob_signing_setup_enabled
+      value: true
+    - name: LinuxContainerImage
+      value: mcr.microsoft.com/onebranch/azurelinux/build:3.0
+  steps:
+    - checkout: self
+      clean: true
+
+    - pwsh: |
+        Get-ChildItem Env:\ | Out-String -Stream | Write-Verbose -Verbose
+      displayName: Capture environment variables
+
+    - pwsh: |
+        New-Item -ItemType Directory -Path "$(ob_outputDirectory)" | Out-Null
+      displayName: 'Create output directory'
+
+    - pwsh: |
+        Copy-Item -Path "$(Build.SourcesDirectory)/*" -Destination "$(ob_outputDirectory)" -Force -Verbose -Recurse
+      displayName: 'Copy Dockerfile to output directory'
+
+- job: ${{ parameters.Name }}
+  pool:
+    type: docker
+    os: linux
+    ${{ if eq(parameters.hostArchitecture, 'arm64') }}:
+      hostArchitecture: 'arm64'
+  displayName: Linux_MUSL_${{ parameters.ARCHITECTURE }}
+  dependsOn: PrepareDockerBuild
+  variables:
+    - name: LinuxContainerImage
+      value: mcr.microsoft.com/dotnet/sdk:10.0-alpine
+    - name: ob_outputDirectory
+      value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT'
+    - name: ob_signing_setup_enabled
+      value: true
+    - name: ARCHITECTURE
+      value: ${{ parameters.ARCHITECTURE }}
+    - name: DOTNET_SYSTEM_GLOBALIZATION_INVARIANT
+      value: 1
+    - ${{ if eq(parameters.ARCHITECTURE, 'linux-musl-arm64') }}:
+      - name: ob_sdl_binskim_enabled
+        value: false
+      - name: ob_sdl_credscan_enabled
+        value: false
+  steps:
+    - task: DownloadPipelineArtifact@2
+      displayName: 'Download prepared Docker build context'
+      inputs:
+        buildType: 'current'
+        artifactName: 'drop_LinuxMuslBuild_PrepareDockerBuild'
+        targetPath: '$(Build.SourcesDirectory)/dst/drop_LinuxMuslBuild_PrepareDockerBuild'
+
+    - task: onebranch.pipeline.imagebuildinfo@1
+      displayName: 'Build Alpine Image'
+      inputs:
+        repositoryName: 'psnative-alpine'
+        dockerFileRelPath: 'drop_LinuxMuslBuild_PrepareDockerBuild/powershell-native/Dockerfile'
+        dockerFileContextPath: 'drop_LinuxMuslBuild_PrepareDockerBuild/powershell-native'
+        addPipelineData: false
+        saveImageToPath: docker-images/psnative-alpine.tar
+        build_tag: $(Build.BuildId)
+        compress: false
+        enable_isolated_acr_push: false
+        enable_service_tree_acr_path: false
+        enable_network: true
+
+- job: ExtractLibPSL
+  displayName: 'Extract libpsl-native.so'
+  dependsOn: ${{ parameters.Name }}
+  pool:
+    type: linux
+  variables:
+    - name: LinuxContainerImage
+      value: mcr.microsoft.com/onebranch/azurelinux/build:3.0
+    - name: ob_outputDirectory
+      value: '$(Build.ArtifactStagingDirectory)/ONEBRANCH_ARTIFACT'
+    - name: ob_signing_setup_enabled
+      value: false
+
+  steps:
+    - checkout: self
+      clean: true
+
+    - download: current
+      artifact: drop_LinuxMuslBuild_Build_Linux_musl_x64
+      patterns: docker-images/psnative-alpine.tar
+      displayName: 'Download Docker image artifact'
+
+    - pwsh: |
+        Get-ChildItem $(Pipeline.Workspace)/drop_LinuxMuslBuild_Build_Linux_musl_x64 -Recurse | Out-String -Stream | Write-Verbose -Verbose
+      displayName: Capture downloaded artifacts
+
+    - pwsh: |
+        New-Item -ItemType Directory -Path "$(ob_outputDirectory)" | Out-Null
+        New-Item -ItemType Directory -Path $(Pipeline.Workspace)/temp | Out-Null
+        tar -xvf $(Pipeline.Workspace)/drop_LinuxMuslBuild_Build_Linux_musl_x64/docker-images/psnative-alpine.tar -C $(Pipeline.Workspace)/temp
+        $manifest = Get-Content "$(Pipeline.Workspace)/temp/manifest.json"
+        $manifest | Out-String -Stream | Write-Verbose -Verbose
+
+        $manifestJson = $manifest | ConvertFrom-Json
+        $imageId = $manifestJson[0].Layers[0]
+        $libPSLPath = "$(Pipeline.Workspace)/temp/$imageId"
+
+        Write-Verbose "Extracted layer path: $libPSLPath" -Verbose
+        Get-ChildItem -Path "$libPSLPath" -Recurse | Out-String -Stream | Write-Verbose -Verbose
+
+        tar -xvf $libPSLPath
+
+        Get-ChildItem -Path . | Out-String -Stream | Write-Verbose -Verbose
+
+        Copy-Item -Path ./libpsl-native.so -Destination "$(ob_outputDirectory)/libpsl-native.so" -Force -Verbose
+      displayName: 'Extract libpsl-native.so from image'

.pipelines/templates/build-nuget.yml

@@ -34,7 +34,7 @@ jobs:
 
   - pwsh: |
       $platforms = @("drop_LinuxBuild_Build_Linux_arm64",
-                     "drop_LinuxBuild_Build_Linux_musl_x64",
+                     "drop_LinuxMuslBuild_ExtractLibPSL",
                      "drop_LinuxBuild_Build_Linux_x64",
                      "drop_LinuxBuildARM_Build_Linux_arm",
                      "drop_WinBuildAndSign_Build_Sign_x64",
@@ -50,7 +50,7 @@ jobs:
       $LinuxZipPath = "$(ob_outputDirectory)/drop_LinuxBuild_Build_Linux_x64.zip"
       $LinuxARMZipPath = "$(ob_outputDirectory)/drop_LinuxBuildARM_Build_Linux_arm.zip"
       $LinuxARM64ZipPath = "$(ob_outputDirectory)/drop_LinuxBuild_Build_Linux_arm64.zip"
-      $LinuxAlpineZipPath = "$(ob_outputDirectory)/drop_LinuxBuild_Build_Linux_musl_x64.zip"
+      $LinuxAlpineZipPath = "$(ob_outputDirectory)/drop_LinuxMuslBuild_ExtractLibPSL.zip"
       $macOSZipPath = "$(ob_outputDirectory)/drop_osx.zip"
 
       $symbolsRoot = "$(ob_outputDirectory)/symbols"
@@ -67,6 +67,9 @@ jobs:
           }
       }
 
+      Write-Verbose -Verbose "Compressed platform artifacts"
+      Get-ChildItem -Path "$(ob_outputDirectory)" | Out-String -Stream | Write-Verbose -Verbose
+
       Import-Module $(Build.SourcesDirectory)/build.psm1 -Force
       $PackageRoot = New-Item -ItemType Directory -Path  $(ob_outputDirectory)\NugetPackageSrc
       Start-BuildPowerShellNativePackage -PackageRoot $PackageRoot -Version $(PackageVersion) -WindowsX64ZipPath  $WindowsX64ZipPath -WindowsX86ZipPath $WindowsX86ZipPath -WindowsARM64ZipPath  $WindowsARM64ZipPath -LinuxZipPath $LinuxZipPath -LinuxARMZipPath  $LinuxARMZipPath -LinuxARM64ZipPath $LinuxARM64ZipPath -LinuxAlpineZipPath $LinuxAlpineZipPath -macOSZipPath $macOSZipPath

Dockerfile

@@ -0,0 +1,12 @@
+FROM mcr.microsoft.com/dotnet/sdk:10.0-alpine AS build
+
+RUN apk update \
+    && apk add build-base gcc abuild binutils git python3 bash cmake \
+    && apk upgrade
+
+COPY . .
+
+RUN pwsh -c "Import-Module ./build.psm1; Start-BuildNativeUnixBinaries";
+
+FROM scratch AS export
+COPY --from=build /src/powershell-unix/libpsl-native.so /libpsl-native.so

build.psm1

@@ -541,6 +541,9 @@ function Start-BuildNativeUnixBinaries {
     if (-not (Test-Path $Lib)) {
         throw "Compilation of $Lib failed"
     }
+
+    Write-Verbose -Verbose "Build completed - $Lib"
+    Get-ChildItem $Lib | Out-String -Stream | Write-Verbose -Verbose
 }
 
 <#