Internal CI build: macOS: Update to XCode 15.1

PiperOrigin-RevId: 601108919
Change-Id: I1978a8a92e0bd83622112e2bbef50b978559bac3

kokoro/docker/debian9-clang/Dockerfile

@@ -0,0 +1,51 @@
+# Dockerfile for a Debian build container with a recent Clang installed.
+# Rebuild and upload with
+#   podman build --format docker -t gcr.io/zynamics-build/debian9-clang:latest .
+#   podman push gcr.io/zynamics-build/debian9-clang:latest
+#
+# You may need to login to the Google cloud project first:
+#   gcloud auth login
+#   gcloud auth print-access-token | \
+#     podman login -u oauth2accesstoken --password-stdin gcr.io
+
+FROM debian:buster
+
+ENV TZ=Europe/Zurich\
+    DEBIAN_FRONTEND=noninteractive
+SHELL ["/bin/bash", "-c"]
+ADD llvm-snapshot.asc /etc/apt/trusted.gpg.d/
+RUN chmod 644 /etc/apt/trusted.gpg.d/llvm-snapshot.asc && \
+    apt-get update && \
+    apt-get install -qy --no-install-recommends ca-certificates && \
+    echo 'deb https://apt.llvm.org/buster/ llvm-toolchain-buster-15 main' > \
+        /etc/apt/sources.list.d/llvm-toolchain.list && \
+    echo 'APT::Default-Release "buster";' > \
+        /etc/apt/apt.conf.d/00targetrelease && \
+    apt-get update && \
+    apt-get install -qy --no-install-recommends \
+        clang-15 \
+        git \
+        gnupg \
+        libc++-15-dev \
+        libc++abi-15-dev \
+        libstdc++-8-dev \
+        ninja-build \
+        wget \
+    && \
+    # Make clang 15 the default in auto mode
+    update-alternatives --install /usr/bin/cc cc /usr/bin/clang-15 150 && \
+    update-alternatives --install /usr/bin/cpp cpp /usr/bin/clang-cpp-15 150 && \
+    update-alternatives --install /usr/bin/c++ c++ /usr/bin/clang++-15 150 && \
+    # Clean up to save space
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/* && \
+    # Suppress warnings about detached HEAD
+    git config --global advice.detachedHead false && \
+    git config --global submodule.recurse true && \
+    # Install CMake
+    [[ "$(wget -qO - \
+            https://github.com/Kitware/CMake/releases/download/v3.25.2/cmake-3.25.2-linux-x86_64.sh | \
+            tee cmake.sh | sha256sum | cut '-d ' -f1)" == \
+        "4d98de8d605da676e71a889dd94f80c76abb377fade2f21e3510e62ece1e1ada" ]] && \
+    sh cmake.sh --prefix=/usr/local --exclude-subdir --skip-license && \
+    rm cmake.sh

kokoro/docker/debian9-clang/llvm-snapshot.asc

@@ -0,0 +1,52 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQINBFE9lCwBEADi0WUAApM/mgHJRU8lVkkw0CHsZNpqaQDNaHefD6Rw3S4LxNmM
+EZaOTkhP200XZM8lVdbfUW9xSjA3oPldc1HG26NjbqqCmWpdo2fb+r7VmU2dq3NM
+R18ZlKixiLDE6OUfaXWKamZsXb6ITTYmgTO6orQWYrnW6ckYHSeaAkW0wkDAryl2
+B5v8aoFnQ1rFiVEMo4NGzw4UX+MelF7rxaaregmKVTPiqCOSPJ1McC1dHFN533FY
+Wh/RVLKWo6npu+owtwYFQW+zyQhKzSIMvNujFRzhIxzxR9Gn87MoLAyfgKEzrbbT
+DhqqNXTxS4UMUKCQaO93TzetX/EBrRpJj+vP640yio80h4Dr5pAd7+LnKwgpTDk1
+G88bBXJAcPZnTSKu9I2c6KY4iRNbvRz4i+ZdwwZtdW4nSdl2792L7Sl7Nc44uLL/
+ZqkKDXEBF6lsX5XpABwyK89S/SbHOytXv9o4puv+65Ac5/UShspQTMSKGZgvDauU
+cs8kE1U9dPOqVNCYq9Nfwinkf6RxV1k1+gwtclxQuY7UpKXP0hNAXjAiA5KS5Crq
+7aaJg9q2F4bub0mNU6n7UI6vXguF2n4SEtzPRk6RP+4TiT3bZUsmr+1ktogyOJCc
+Ha8G5VdL+NBIYQthOcieYCBnTeIH7D3Sp6FYQTYtVbKFzmMK+36ERreL/wARAQAB
+tD1TeWx2ZXN0cmUgTGVkcnUgLSBEZWJpYW4gTExWTSBwYWNrYWdlcyA8c3lsdmVz
+dHJlQGRlYmlhbi5vcmc+iQI4BBMBAgAiBQJRPZQsAhsDBgsJCAcDAgYVCAIJCgsE
+FgIDAQIeAQIXgAAKCRAVz00Yr090Ibx+EADArS/hvkDF8juWMXxh17CgR0WZlHCC
+9CTBWkg5a0bNN/3bb97cPQt/vIKWjQtkQpav6/5JTVCSx2riL4FHYhH0iuo4iAPR
+udC7Cvg8g7bSPrKO6tenQZNvQm+tUmBHgFiMBJi92AjZ/Qn1Shg7p9ITivFxpLyX
+wpmnF1OKyI2Kof2rm4BFwfSWuf8Fvh7kDMRLHv+MlnK/7j/BNpKdozXxLcwoFBmn
+l0WjpAH3OFF7Pvm1LJdf1DjWKH0Dc3sc6zxtmBR/KHHg6kK4BGQNnFKujcP7TVdv
+gMYv84kun14pnwjZcqOtN3UJtcx22880DOQzinoMs3Q4w4o05oIF+sSgHViFpc3W
+R0v+RllnH05vKZo+LDzc83DQVrdwliV12eHxrMQ8UYg88zCbF/cHHnlzZWAJgftg
+hB08v1BKPgYRUzwJ6VdVqXYcZWEaUJmQAPuAALyZESw94hSo28FAn0/gzEc5uOYx
+K+xG/lFwgAGYNb3uGM5m0P6LVTfdg6vDwwOeTNIExVk3KVFXeSQef2ZMkhwA7wya
+KJptkb62wBHFE+o9TUdtMCY6qONxMMdwioRE5BYNwAsS1PnRD2+jtlI0DzvKHt7B
+MWd8hnoUKhMeZ9TNmo+8CpsAtXZcBho0zPGz/R8NlJhAWpdAZ1CmcPo83EW86Yq7
+BxQUKnNHcwj2ebkCDQRRPZQsARAA4jxYmbTHwmMjqSizlMJYNuGOpIidEdx9zQ5g
+zOr431/VfWq4S+VhMDhs15j9lyml0y4ok215VRFwrAREDg6UPMr7ajLmBQGau0Fc
+bvZJ90l4NjXp5p0NEE/qOb9UEHT7EGkEhaZ1ekkWFTWCgsy7rRXfZLxB6sk7pzLC
+DshyW3zjIakWAnpQ5j5obiDy708pReAuGB94NSyb1HoW/xGsGgvvCw4r0w3xPStw
+F1PhmScE6NTBIfLliea3pl8vhKPlCh54Hk7I8QGjo1ETlRP4Qll1ZxHJ8u25f/ta
+RES2Aw8Hi7j0EVcZ6MT9JWTI83yUcnUlZPZS2HyeWcUj+8nUC8W4N8An+aNps9l/
+21inIl2TbGo3Yn1JQLnA1YCoGwC34g8QZTJhElEQBN0X29ayWW6OdFx8MDvllbBV
+ymmKq2lK1U55mQTfDli7S3vfGz9Gp/oQwZ8bQpOeUkc5hbZszYwP4RX+68xDPfn+
+M9udl+qW9wu+LyePbW6HX90LmkhNkkY2ZzUPRPDHZANU5btaPXc2H7edX4y4maQa
+xenqD0lGh9LGz/mps4HEZtCI5CY8o0uCMF3lT0XfXhuLksr7Pxv57yue8LLTItOJ
+d9Hmzp9G97SRYYeqU+8lyNXtU2PdrLLq7QHkzrsloG78lCpQcalHGACJzrlUWVP/
+fN3Ht3kAEQEAAYkCHwQYAQIACQUCUT2ULAIbDAAKCRAVz00Yr090IbhWEADbr50X
+OEXMIMGRLe+YMjeMX9NG4jxs0jZaWHc/WrGR+CCSUb9r6aPXeLo+45949uEfdSsB
+pbaEdNWxF5Vr1CSjuO5siIlgDjmT655voXo67xVpEN4HhMrxugDJfCa6z97P0+ML
+PdDxim57uNqkam9XIq9hKQaurxMAECDPmlEXI4QT3eu5qw5/knMzDMZj4Vi6hovL
+wvvAeLHO/jsyfIdNmhBGU2RWCEZ9uo/MeerPHtRPfg74g+9PPfP6nyHD2Wes6yGd
+oVQwtPNAQD6Cj7EaA2xdZYLJ7/jW6yiPu98FFWP74FN2dlyEA2uVziLsfBrgpS4l
+tVOlrO2YzkkqUGrybzbLpj6eeHx+Cd7wcjI8CalsqtL6cG8cUEjtWQUHyTbQWAgG
+5VPEgIAVhJ6RTZ26i/G+4J8neKyRs4vz+57UGwY6zI4AB1ZcWGEE3Bf+CDEDgmnP
+LSwbnHefK9IljT9XU98PelSryUO/5UPw7leE0akXKB4DtekToO226px1VnGp3Bov
+1GBGvpHvL2WizEwdk+nfk8LtrLzej+9FtIcq3uIrYnsac47Pf7p0otcFeTJTjSq3
+krCaoG4Hx0zGQG2ZFpHrSrZTVy6lxvIdfi0beMgY6h78p6M9eYZHQHc02DjFkQXN
+bXb5c6gCHESH5PXwPU4jQEE7Ib9J6sbk7ZT2Mw==
+=j+4q
+-----END PGP PUBLIC KEY BLOCK-----

kokoro/java/build.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+# Fail on error, display commands being run
+set -ex
+
+if [ "$1" == "release" ]; then
+  echo "Release build"
+else
+  echo "Continuous integration build"
+fi
+
+build_dir=${PWD}/build
+mkdir -p "${build_dir}"
+
+# Setup Docker access to Google Container Registry
+cp "${KOKORO_KEYSTORE_DIR}/73933_zynamics-build" zynamics_build_key.json
+gcloud auth activate-service-account --key-file=zynamics_build_key.json
+gcloud auth configure-docker -q
+
+chmod 755 "${KOKORO_GFILE_DIR}/dockerized_build.sh"
+docker run \
+  -w /build \
+  -v "${KOKORO_ARTIFACTS_DIR}":/build/src \
+  -v "${KOKORO_GFILE_DIR}":/build/src/gfile \
+  -v "${KOKORO_PIPER_DIR}/google3/third_party/ghidra":/build/deps/ghidra \
+  -v "${build_dir}/out":/build/out \
+  gcr.io/zynamics-build/debian10-java11 \
+  src/gfile/dockerized_build.sh

kokoro/java/dockerized_build.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+# Fail on error, display commands being run
+set -ex
+
+src_dir=/build/src/git
+out_dir=/build/out
+deps_dir=/build/deps
+
+trap "chmod -R ugo+rX \"${out_dir}\"" EXIT
+
+cd "${src_dir}/binexport/java"
+export GHIDRA_INSTALL_DIR="${deps_dir}/ghidra"
+gradle \
+  --warning-mode all
+
+mv dist/*.zip "${out_dir}/ghidra_BinExport.zip"

kokoro/macos/build.sh

@@ -0,0 +1,70 @@
+#!/bin/bash
+
+# Fail on error, display commands being run
+set -ex
+
+if [[ $1 == release ]]; then
+  echo "Release build"
+else
+  echo "Continuous integration build"
+fi
+
+binexport_release=12
+
+# Set Xcode version to well-known value
+export DEVELOPER_DIR=/Applications/Xcode_15.1.app/Contents/Developer
+
+build_dir=${PWD}/build
+mkdir -p "${build_dir}"
+
+# Verify/extract dependencies
+pushd "${KOKORO_GFILE_DIR}"
+cat << 'EOF' | shasum -c
+0b5def3f77617b2ce0ec6701f96e4123a7b14bd0b8a5674ab0556c364ff7cb52  cmake-3.25.2-macos-universal.tar.gz
+EOF
+popd
+tar --strip-components=3 -C "${build_dir}" -xzf \
+  "${KOKORO_GFILE_DIR}/cmake-3.25.2-macos-universal.tar.gz"
+export PATH=${build_dir}/bin:${PATH}
+
+# Build BinExport
+src_dir=${KOKORO_ARTIFACTS_DIR}/git
+out_dir=${build_dir}
+deps_dir=${build_dir}
+
+# Symlink extra Binary Ninja API dependency
+mkdir -p "${KOKORO_PIPER_DIR}/google3/third_party/binaryninja_api/third_party"
+ln -s "${KOKORO_PIPER_DIR}/google3/third_party/jsoncpp" \
+  "${KOKORO_PIPER_DIR}/google3/third_party/binaryninja_api/third_party/jsoncpp"
+
+pushd "${out_dir}"
+cmake "${src_dir}/binexport" \
+  -DFETCHCONTENT_FULLY_DISCONNECTED=ON \
+  "-DFETCHCONTENT_SOURCE_DIR_ABSL=${KOKORO_ARTIFACTS_DIR}/git/absl" \
+  "-DFETCHCONTENT_SOURCE_DIR_GOOGLETEST=${KOKORO_ARTIFACTS_DIR}/git/googletest" \
+  "-DFETCHCONTENT_SOURCE_DIR_PROTOBUF=${KOKORO_ARTIFACTS_DIR}/git/protobuf" \
+  "-DFETCHCONTENT_SOURCE_DIR_BINARYNINJAAPI=${KOKORO_PIPER_DIR}/google3/third_party/binaryninja_api" \
+  "-DCMAKE_OSX_ARCHITECTURES=arm64;x86_64" \
+  -DCMAKE_BUILD_TYPE=Release \
+  -DCMAKE_RULE_MESSAGES=OFF \
+  -DCMAKE_INSTALL_PREFIX=${out_dir} \
+  "-DBOOST_ROOT=${KOKORO_PIPER_DIR}/google3/third_party/boost/do_not_include_from_google3_only_third_party/boost" \
+  "-DIdaSdk_ROOT_DIR=${KOKORO_PIPER_DIR}/google3/third_party/idasdk"
+cmake --build . --config Release -- "-j$(sysctl -n hw.logicalcpu)"
+ctest --build-config Release --output-on-failure -R '^[A-Z]'
+cmake --install . --config Release --strip
+popd
+
+[[ $1 != release ]] && exit 0
+
+# Release build, code sign and notarize the artifacts
+echo "Code signing artifacts..."
+codesign --force \
+    --options runtime \
+    --timestamp \
+    --sign "Developer ID Application: Google LLC (EQHXZ8M8AV)" \
+    --keychain "${HOME}/Library/Keychains/MacApplicationSigning.keychain" \
+    "${out_dir}/binexport-prefix/binexport${binexport_release}_ida.dylib" \
+    "${out_dir}/binexport-prefix/binexport${binexport_release}_ida64.dylib" \
+    "${out_dir}/binexport-prefix/binexport${binexport_release}_binaryninja.dylib" \
+    "${out_dir}/binexport-prefix/binexport2dump"

kokoro/ubuntu/build.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+
+# Fail on error, display commands being run
+set -ex
+
+if [ "$1" == "release" ]; then
+  echo "Release build"
+else
+  echo "Continuous integration build"
+fi
+
+build_dir=${PWD}/build
+mkdir -p "${build_dir}"
+
+# Setup Docker access to Google Container Registry
+cp "${KOKORO_KEYSTORE_DIR}/73933_zynamics-build" zynamics_build_key.json
+gcloud auth activate-service-account --key-file=zynamics_build_key.json
+gcloud auth configure-docker -q
+
+chmod 755 "${KOKORO_GFILE_DIR}/dockerized_build.sh"
+docker run \
+  -w /build \
+  -e "KOKORO_PIPER_CHANGELIST=${KOKORO_PIPER_CHANGELIST}" \
+  -v "${KOKORO_ARTIFACTS_DIR}/git/binexport":/build/deps/binexport \
+  -v "${KOKORO_PIPER_DIR}/google3/third_party/idasdk":/build/deps/idasdk \
+  -v "${KOKORO_PIPER_DIR}/google3/third_party/boost/do_not_include_from_google3_only_third_party/boost":/build/deps/boost \
+  -v "${KOKORO_ARTIFACTS_DIR}/git/absl":/build/out/_deps/absl-src \
+  -v "${KOKORO_ARTIFACTS_DIR}/git/googletest":/build/out/_deps/googletest-src \
+  -v "${KOKORO_ARTIFACTS_DIR}/git/protobuf":/build/out/_deps/protobuf-src \
+  -v "${KOKORO_PIPER_DIR}/google3/third_party/binaryninja_api":/build/out/_deps/binaryninjaapi-src \
+  -v "${KOKORO_PIPER_DIR}/google3/third_party/jsoncpp":/build/out/_deps/binaryninjaapi-src/third_party/jsoncpp \
+  -v "${build_dir}/out":/build/out \
+  -v "${KOKORO_ARTIFACTS_DIR}":/build/src \
+  -v "${KOKORO_GFILE_DIR}":/build/src/gfile \
+  gcr.io/zynamics-build/debian9-clang \
+  src/gfile/dockerized_build.sh

kokoro/ubuntu/dockerized_build.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+# Fail on error, display commands being run
+set -ex
+
+src_dir=/build/src/git
+out_dir=/build/out
+deps_dir=/build/deps
+
+cd "${out_dir}"
+trap "chmod -R ugo+rwX \"${out_dir}\"" EXIT
+
+cmake "${src_dir}/binexport/" \
+  -G "Ninja" \
+  -DFETCHCONTENT_FULLY_DISCONNECTED=ON \
+  -DCMAKE_BUILD_TYPE=Release \
+  "-DCMAKE_INSTALL_PREFIX=${out_dir}" \
+  "-DBOOST_ROOT=${deps_dir}/boost" \
+  "-DIdaSdk_ROOT_DIR=${deps_dir}/idasdk"
+cmake --build . --config Release
+ctest --build-config Release --output-on-failure -R '^[A-Z]'
+cmake --install . --config Release --strip

kokoro/windows/build.bat

@@ -0,0 +1,68 @@
+if "%1" == "release" (
+  echo Release build
+) else (
+  echo Continuous integration build
+)
+
+echo on
+
+set SIGNTOOL="%ProgramFiles(x86)%\Windows kits\10\bin\x86\signtool.exe"
+
+set BUILD_DIR=%cd%\build
+if not exist "%BUILD_DIR%" mkdir "%BUILD_DIR%"
+
+:: Hermetic VS2022 (Community) toolchain using CMake and Ninja
+unzip -q "%KOKORO_GFILE_DIR%\cmake-3.25.2-windows-x86_64.zip" -d "%BUILD_DIR%" || exit /b
+unzip -q "%KOKORO_GFILE_DIR%\ninja-win.zip" -d "%BUILD_DIR%" || exit /b
+unzip -q "%KOKORO_GFILE_DIR%\vs2022.zip" -d "%BUILD_DIR%" || exit /b
+set CMAKE_BIN=%BUILD_DIR%\cmake-3.25.2-windows-x86_64\bin
+set VS_PATH=%BUILD_DIR%\vs2022\14.33.31629
+set SDK_PATH=%ProgramFiles(x86)%\Windows Kits\10
+set SDK_VER=10.0.16299.0
+set PATH=%SystemRoot%\system32;%VS_PATH%\bin\HostX64\x64;%SDK_PATH%\bin\%SDK_VER%\x64;%BUILD_DIR%;%CMAKE_BIN%
+set LIB=%VS_PATH%\lib\x64;%SDK_PATH%\Lib\%SDK_VER%\um\x64;%SDK_PATH%\Lib\%SDK_VER%\ucrt\x64;
+set INCLUDE=%VS_PATH%\include;%SDK_PATH%\Include\%SDK_VER%\ucrt;%SDK_PATH%\Include\%SDK_VER%\um;%SDK_PATH%\Include\%SDK_VER%\shared;%SDK_PATH%\Include\%SDK_VER%\winrt;%SDK_PATH%\Include\%SDK_VER%\cppwinrt
+
+:: Build BinExport
+set SRC_DIR=%KOKORO_ARTIFACTS_DIR%/git
+set OUT_DIR=%BUILD_DIR%
+set DEPS_DIR=%BUILD_DIR%
+
+:: Copy extra Binary Ninja API dependency
+xcopy /q /s /e ^
+  "%KOKORO_PIPER_DIR%\google3\third_party\jsoncpp" ^
+  "%KOKORO_PIPER_DIR%\google3\third_party\binaryninja_api\third_party\jsoncpp\"
+
+pushd "%OUT_DIR%"
+cmake "%SRC_DIR%/binexport" ^
+  -G "Ninja" ^
+  -DFETCHCONTENT_FULLY_DISCONNECTED=ON ^
+  "-DFETCHCONTENT_SOURCE_DIR_ABSL=%KOKORO_ARTIFACTS_DIR%\git\absl" ^
+  "-DFETCHCONTENT_SOURCE_DIR_GOOGLETEST=%KOKORO_ARTIFACTS_DIR%\git\googletest" ^
+  "-DFETCHCONTENT_SOURCE_DIR_PROTOBUF=%KOKORO_ARTIFACTS_DIR%\git\protobuf" ^
+  "-DFETCHCONTENT_SOURCE_DIR_BINARYNINJAAPI=%KOKORO_PIPER_DIR%\google3\third_party\binaryninja_api" ^
+  -DCMAKE_BUILD_TYPE=Release ^
+  "-DCMAKE_INSTALL_PREFIX=%OUT_DIR%" ^
+  "-DBOOST_ROOT=%KOKORO_PIPER_DIR%\google3\third_party\boost\do_not_include_from_google3_only_third_party\boost" ^
+  "-DIdaSdk_ROOT_DIR=%KOKORO_PIPER_DIR%\google3\third_party\idasdk" ^
+  -DBUILD_TESTING=OFF || exit /b
+cmake --build . --config Release || exit /b
+ctest --build-config Release --output-on-failure -R "^[A-Z]" || exit /b
+cmake --install . --config Release --strip || exit /b
+popd
+
+if "%1" neq "release" exit /b %ERRORLEVEL%
+
+:: Release build, code sign the artifacts
+echo Code signing artifacts...
+
+set ARTIFACTS=^
+  "%OUT_DIR%\binexport-prefix\binexport*.dll" ^
+  "%OUT_DIR%\binexport-prefix\binexport2dump.exe"
+
+%SIGNTOOL% sign /v /tr http://timestamp.digicert.com /n "Google" /a /fd sha256 ^
+  /td sha256 %ARTIFACTS%
+if %ERRORLEVEL% neq 0 exit /b %ERRORLEVEL%
+
+%SIGNTOOL% verify /pa /all %ARTIFACTS%
+if %ERRORLEVEL% neq 0 exit /b %ERRORLEVEL%