Optimize building

.github/workflows/dotnet.yml

@@ -59,6 +59,26 @@ jobs:
     - name: Set up Docker Buildx
       uses: docker/setup-buildx-action@v3
 
+    - name: Check if checked runtime changed
+      uses: dorny/paths-filter@v3
+      id: checkedruntime
+      with:
+        filters: |
+          checkedruntime:
+            - 'Backend/Sandbox/CheckedRuntime/**'
+
+    - name: Build and push checked runtime
+      if: steps.checkedruntime.outputs.checkedruntime == 'true'
+      uses: docker/bake-action@v5
+      with:
+        source: .
+        workdir: Backend/Sandbox/CheckedRuntime
+        push: true
+        set: |
+          *.platform=linux/amd64,linux/arm64
+          *.cache-from=type=gha
+          *.cache-to=type=gha,mode=min
+
     - name: Build and push bot
       uses: docker/bake-action@v5
       with:

Backend/Sandbox/Asm/Dockerfile

@@ -1,9 +1,6 @@
 ARG DOTNET_SDK_VERSION=8.0
 ARG DOTNET_RUNTIME_VERSION=8.0.7
-ARG OS=ubuntu
-ARG OS_VERSION=24.04
 ARG OS_CODENAME=noble
-ARG MINUS_PREFIXED_PLATFORM_IF_NOT_AMD64
 
 FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:$DOTNET_SDK_VERSION AS build-env
 WORKDIR /src
@@ -23,41 +20,15 @@ COPY Backend/Sandbox/Asm Backend/Sandbox/Asm
 
 RUN dotnet publish Backend/Sandbox/Asm/Asm.csproj -c Release -o /app
 
-FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet-buildtools/prereqs:$OS-$OS_VERSION$MINUS_PREFIXED_PLATFORM_IF_NOT_AMD64 AS runtime-build-env
-WORKDIR /runtime
-ARG DOTNET_RUNTIME_VERSION
-ARG OS_CODENAME
-ARG TARGETARCH
-ARG BUILDARCH
-
-RUN git clone --depth 1 --branch v$DOTNET_RUNTIME_VERSION https://github.com/dotnet/runtime.git .
-
-# Asserts fail when running in pwn.red/jail, so we need to remove them
-RUN sed -i 247d src/coreclr/pal/src/misc/cgroup.cpp
-RUN sed -i 666d src/coreclr/pal/src/sync/cs.cpp
-
-RUN if [ $TARGETARCH = $BUILDARCH ]; then \
-        ./build.sh clr -c Checked; \
-    else \
-        case $TARGETARCH in \
-            arm64) BINUTILS_ARCH=aarch64 DOTNET_ARCH=arm64 ;; \
-            arm) BINUTILS_ARCH=arm DOTNET_ARCH=arm ;; \
-            amd64) BINUTILS_ARCH=x86-64 DOTNET_ARCH=x64 ;; \
-            x86) BINUTILS_ARCH=i686 DOTNET_ARCH=x86 ;; \
-            *) echo "Unsupported target architecture: $TARGETARCH" && exit 1 ;; \
-        esac && \
-        sudo apt update -y && sudo apt install -y qemu-user-static binfmt-support debootstrap binutils-$BINUTILS_ARCH-linux-gnu && \
-        ln -s /usr/bin/llvm-objcopy-14 /usr/bin/llvm-objcopy && \
-        sudo ./eng/common/cross/build-rootfs.sh $DOTNET_ARCH $OS_CODENAME && \
-        ROOTFS_DIR=/runtime/.tools/rootfs/$DOTNET_ARCH ./build.sh clr -c Checked -a $DOTNET_ARCH --cross; \
-    fi
+# 'docker buildx use default' is needed to use local 'ghcr.io/kubaz2/sharp/checked-runtime' image
+FROM --platform=$BUILDPLATFORM ghcr.io/kubaz2/sharp/checked-runtime:$DOTNET_RUNTIME_VERSION AS checked-runtime
 
 FROM mcr.microsoft.com/dotnet/runtime:$DOTNET_RUNTIME_VERSION-$OS_CODENAME AS runtime
 ARG DOTNET_RUNTIME_VERSION
 
 COPY --from=build-env /app /app
 
-COPY --from=runtime-build-env /runtime/artifacts/bin/coreclr/linux.*.*/libclrjit.so /usr/share/dotnet/shared/Microsoft.NETCore.App/$DOTNET_RUNTIME_VERSION/
+COPY --from=checked-runtime /runtime/libclrjit.so /usr/share/dotnet/shared/Microsoft.NETCore.App/$DOTNET_RUNTIME_VERSION/
 
 FROM pwn.red/jail
 

Backend/Sandbox/CheckedRuntime/Dockerfile

@@ -0,0 +1,38 @@
+ARG DOTNET_RUNTIME_VERSION=8.0.7
+ARG OS=ubuntu
+ARG OS_VERSION=24.04
+ARG OS_CODENAME=noble
+ARG MINUS_PREFIXED_PLATFORM_IF_NOT_AMD64
+
+FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet-buildtools/prereqs:$OS-$OS_VERSION$MINUS_PREFIXED_PLATFORM_IF_NOT_AMD64 AS build-env
+WORKDIR /runtime
+ARG DOTNET_RUNTIME_VERSION
+ARG OS_CODENAME
+ARG TARGETARCH
+ARG BUILDARCH
+
+RUN git clone --depth 1 --branch v$DOTNET_RUNTIME_VERSION https://github.com/dotnet/runtime.git .
+
+# Asserts fail when running in pwn.red/jail, so we need to remove them
+RUN sed -i 247d src/coreclr/pal/src/misc/cgroup.cpp
+RUN sed -i 666d src/coreclr/pal/src/sync/cs.cpp
+
+RUN if [ $TARGETARCH = $BUILDARCH ]; then \
+        ./build.sh clr -c Checked; \
+    else \
+        case $TARGETARCH in \
+            arm64) BINUTILS_ARCH=aarch64 DOTNET_ARCH=arm64 ;; \
+            arm) BINUTILS_ARCH=arm DOTNET_ARCH=arm ;; \
+            amd64) BINUTILS_ARCH=x86-64 DOTNET_ARCH=x64 ;; \
+            x86) BINUTILS_ARCH=i686 DOTNET_ARCH=x86 ;; \
+            *) echo "Unsupported target architecture: $TARGETARCH" && exit 1 ;; \
+        esac && \
+        sudo apt update -y && sudo apt install -y qemu-user-static binfmt-support debootstrap binutils-$BINUTILS_ARCH-linux-gnu && \
+        ln -s /usr/bin/llvm-objcopy-14 /usr/bin/llvm-objcopy && \
+        sudo ./eng/common/cross/build-rootfs.sh $DOTNET_ARCH $OS_CODENAME && \
+        ROOTFS_DIR=/runtime/.tools/rootfs/$DOTNET_ARCH ./build.sh clr -c Checked -a $DOTNET_ARCH --cross; \
+    fi
+
+FROM --platform=$BUILDPLATFORM busybox:latest AS storage
+
+COPY --from=build-env /runtime/artifacts/bin/coreclr/linux.*.*/libclrjit.so /runtime/libclrjit.so

Backend/Sandbox/CheckedRuntime/docker-compose.yml

@@ -0,0 +1,6 @@
+services:
+  checked-runtime:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    image: ghcr.io/kubaz2/sharp/checked-runtime:8.0.7

Sharp.sln

@@ -34,6 +34,12 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Mobius.ILasm", "Bot\Mobius.
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Sharp.Runtime", "Sharp.Runtime\Sharp.Runtime.csproj", "{AF8C0407-4D7C-4DAE-9155-D4A784A621BA}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "CheckedRuntime", "CheckedRuntime", "{451D9195-4B8F-4FE7-ACA3-49393B72D46C}"
+	ProjectSection(SolutionItems) = preProject
+		Backend\Sandbox\CheckedRuntime\Dockerfile = Backend\Sandbox\CheckedRuntime\Dockerfile
+		Backend\Sandbox\CheckedRuntime\docker-compose.yml = Backend\Sandbox\CheckedRuntime\docker-compose.yml
+	EndProjectSection
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -110,6 +116,7 @@ Global
 		{7C79AA2B-EF7A-4469-81D1-005FA8B51F79} = {E1FDC2B5-9366-4C2E-AEE5-4391EA3475CB}
 		{C56987FC-826F-4C24-B463-C265C0B22FC1} = {CD2DD56C-299C-4B87-9D9E-20F5CAE78D08}
 		{65B5DBEB-7DCD-440D-86C9-477BC5D9C4BD} = {CD2DD56C-299C-4B87-9D9E-20F5CAE78D08}
+		{451D9195-4B8F-4FE7-ACA3-49393B72D46C} = {E1FDC2B5-9366-4C2E-AEE5-4391EA3475CB}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {C72C4E95-468F-43BC-AC2C-4E6720CD713B}