Breaking: Remove .NET Framework default install from containers

Lighter containers, quicker to deploy, .NET can still be installed with the "UseDotNet@2".

README.md

@@ -244,27 +244,23 @@ Out of the box, argument `--opt platform=linux/amd64,linux/arm64` can be added t
 
 BuildKit works by virtualization in the user space. You can't expect build times as short as native (on your laptop for example). [QEMU](https://www.qemu.org) is used as a backend. This has the advantage of being able to create images for different architectures than your processor. Virtualization-wise, not all CPU models are equivalent, you can [refer to the official project documentation](https://www.qemu.org/docs/master/system/qemu-cpu-models.html) to select the most appropriated CPU model for your Kubernetes Node Pool.
 
-### Build ASP.NET applications in the agent
+### Build .NET applications in the agent
 
-It was chosen arbitrarily to install the LTS non SDK version of ASNP.NET. Because :
+> [!IMPORTANT]
+> .NET Framework is not pre-installed anymore in the agents since `v7.0.0`. You need to install it yourself, with the `UseDotNet@2` or by script. The reason is, to achieve maximum reproducibility, choose the specific version of the framework you want to use.
 
-- LTS is better supported by Microsoft than STS
-- The non-SDK is lighter when included in a container, knowing that not everyone will use it for building purposes
-
-It is recommended that development teams to hard-code the framework version you want to use, in your pipeline. With this setup, the developer controls its environment, not the platform. If they decide to upgrade, they update the pipeline, if not, not. This is under the responsibility of the developer.
-
-The ASP.NET framework can be installed on the fly with [UseDotNet@2](https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/use-dotnet-v2?view=azure-pipelines):
+Specify the specific version you requires for your build. Install the framework with [UseDotNet@2](https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/reference/use-dotnet-v2?view=azure-pipelines):
 
 ```yaml
 # azure-pipelines.yaml
 steps:
   - task: UseDotNet@2
     inputs:
       packageType: sdk
-      version: 7.0.5
+      version: 8.0.0
 ```
 
-Same way, if you want to use multiple versions of the framework, re-execute the task with the new version. Installations are cached locally.
+Same way, if you want to use multiple versions of the framework, re-execute the task with the new version. Installations are cached locally and for a single run.
 
 ### Run the agent with a custom root certificate
 
@@ -316,7 +312,6 @@ extraVolumeMounts:
   - [PowerShell Core](https://github.com/PowerShell/PowerShell)
   - [zsh](https://www.zsh.org)
 - Programming languages
-  - [ASP.NET Core Runtime](https://github.com/dotnet/aspnetcore)
   - Python ([Python 3.8](https://www.python.org/downloads/release/python-380), [Python 3.9](https://www.python.org/downloads/release/python-390), [Python 3.10](https://www.python.org/downloads/release/python-3100), [Python 3.11](https://www.python.org/downloads/release/python-3110), depending of the system, plus C/Rust build tools for libs non pre-built on the platforms)
 - Tools
   - [git](https://github.com/git-for-windows/git)
@@ -341,7 +336,6 @@ extraVolumeMounts:
   - [PowerShell Core](https://github.com/PowerShell/PowerShell) (default)
   - [Windows PowerShell](https://learn.microsoft.com/en-us/powershell/scripting/windows-powershell/install/installing-windows-powershell?view=powershell-7.3)
 - Programming languages
-  - [.NET SDK](https://dotnet.microsoft.com)
   - [Python 3.11](https://www.python.org/downloads/release/python-3110)
   - [Visual Studio Build Tools](https://learn.microsoft.com/en-us/visualstudio/ide/?view=vs-2022) (with `AzureBuildTools`, `VCTools`, `WebBuildTools`, `ManagedDesktopBuildTools`, `OfficeBuildTools` workloads)
 - Tools

src/docker/Dockerfile-bookworm

@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/dotnet/aspnet:6.0-bookworm-slim@sha256:4f1519bfe954d5caf962f5502c4252d5d39d45517aa68e6b5847e72fd10769b4 as base
+FROM docker.io/debian:bookworm-slim@sha256:93ff361288a7c365614a5791efa3633ce4224542afb6b53a1790330a8e52fc7d as base
 
 # Force apt-get to not use TTY
 ENV DEBIAN_FRONTEND noninteractive
@@ -19,6 +19,7 @@ ENV PIP_BREAK_SYSTEM_PACKAGES 1
 # - dbus-user-session, fuse-overlayfs, iptables, for BuildKit
 # - gzip, make, tar, unzip, wget, zip, zstd for developer ease-of-life
 # - Azure CLI system requirements (Python 3.11, plus C/Rust build tools for libs non pre-built on this platform)
+# - libicu72 for Powershell and globalization support with .NET
 RUN rm -f /etc/apt/apt.conf.d/docker-clean \
     && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
 ARG JQ_VERSION
@@ -39,6 +40,7 @@ RUN --mount=target=/var/lib/apt/lists,type=cache,sharing=locked --mount=target=/
         iputils-ping \
         jq=${JQ_VERSION}-* \
         libffi-dev \
+        libicu72 \
         libssl-dev \
         lsb-release \
         make \

src/docker/Dockerfile-bullseye

@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/dotnet/aspnet:6.0-bullseye-slim@sha256:c39b4582563fed008cb8e83d44388cf80dbc4e8cf8803869f5799205fcb126eb as base
+FROM docker.io/debian:bookworm-slim@sha256:9af4db29e828a4d08c7819f9e0972e2dbdac575e73c6438630c83bd79f49c8aa as base
 
 # Force apt-get to not use TTY
 ENV DEBIAN_FRONTEND noninteractive
@@ -16,6 +16,7 @@ ENV PYTHONDONTWRITEBYTECODE 1
 # - dbus-user-session, fuse-overlayfs, iptables, for BuildKit
 # - gzip, make, tar, unzip, wget, zip, zstd for developer ease-of-life
 # - Azure CLI system requirements (Python 3.9, plus C/Rust build tools for libs non pre-built on this platform)
+# - libicu67 for Powershell and globalization support with .NET
 RUN rm -f /etc/apt/apt.conf.d/docker-clean \
     && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
 ARG JQ_VERSION
@@ -36,6 +37,7 @@ RUN --mount=target=/var/lib/apt/lists,type=cache,sharing=locked --mount=target=/
         iputils-ping \
         jq=${JQ_VERSION}-* \
         libffi-dev \
+        libicu67 \
         libssl-dev \
         lsb-release \
         make \

src/docker/Dockerfile-focal

@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/dotnet/aspnet:6.0-focal@sha256:2e686e012918cd62109385348ae441ecc6702dad90b0de15ca37eb5851fe43cf as base
+FROM docker.io/ubuntu:focal@sha256:218bb51abbd1864df8be26166f847547b3851a89999ca7bfceb85ca9b5d2e95d as base
 
 # Force apt-get to not use TTY
 ENV DEBIAN_FRONTEND noninteractive
@@ -16,6 +16,7 @@ ENV PYTHONDONTWRITEBYTECODE 1
 # - dbus-user-session, iptables, uidmap, for BuildKit
 # - gzip, make, tar, unzip, wget, zip, zstd for developer ease-of-life
 # - Azure CLI system requirements (Python 3.8, plus C/Rust build tools for libs non pre-built on this platform)
+# - libicu66 for Powershell and globalization support with .NET
 RUN rm -f /etc/apt/apt.conf.d/docker-clean \
     && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
 ARG JQ_VERSION
@@ -35,6 +36,7 @@ RUN --mount=target=/var/lib/apt/lists,type=cache,sharing=locked --mount=target=/
         iputils-ping \
         jq=${JQ_VERSION}-* \
         libffi-dev \
+        libicu66 \
         libssl-dev \
         lsb-release \
         make \

src/docker/Dockerfile-jammy

@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/dotnet/aspnet:6.0-jammy@sha256:36f90c72b200f455e130a48fc279080aff296b4d506e29b9619fe82ae3853c4b as base
+FROM docker.io/ubuntu:jammy@sha256:c9cf959fd83770dfdefd8fb42cfef0761432af36a764c077aed54bbc5bb25368 as base
 
 # Force apt-get to not use TTY
 ENV DEBIAN_FRONTEND noninteractive
@@ -16,6 +16,7 @@ ENV PYTHONDONTWRITEBYTECODE 1
 # - dbus-user-session, iptables, uidmap, for BuildKit
 # - gzip, make, tar, unzip, wget, zip, zstd for developer ease-of-life
 # - Azure CLI system requirements (Python 3.10, plus C/Rust build tools for libs non pre-built on this platform)
+# - libicu70 for Powershell and globalization support with .NET
 RUN rm -f /etc/apt/apt.conf.d/docker-clean \
     && echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
 ARG JQ_VERSION
@@ -35,6 +36,7 @@ RUN --mount=target=/var/lib/apt/lists,type=cache,sharing=locked --mount=target=/
         iputils-ping \
         jq=${JQ_VERSION}-* \
         libffi-dev \
+        libicu70 \
         libssl-dev \
         lsb-release \
         make \

src/docker/Dockerfile-ubi8

@@ -10,14 +10,13 @@ ENV PYTHONDONTWRITEBYTECODE 1
 # Install:
 # - Azure Pipelines agent system requirements
 # - Azure CLI system requirements (Python 3.9, plus C/Rust build tools for libs non pre-built on this platform)
-# - ASP.NET Core runtime
 # - zsh, for inter-operability
 # - fuse-overlayfs, iptables, shadow-utils, for BuildKit
 # - gzip, make, tar, unzip, wget, zip, zstd for developer ease-of-life
+# - libicu for Powershell and globalization support with .NET
 ARG JQ_VERSION
 RUN --mount=target=/var/cache/yum,type=cache,sharing=locked \
     microdnf install -y --nodocs --setopt=install_weak_deps=0 \
-        aspnetcore-runtime-6.0 \
         ca-certificates \
         cargo \
         curl \
@@ -33,6 +32,7 @@ RUN --mount=target=/var/cache/yum,type=cache,sharing=locked \
         iptables \
         iputils \
         jq-${JQ_VERSION} \
+        libicu \
         make \
         openssl-devel \
         pkg-config \

src/docker/Dockerfile-ubi9

@@ -10,14 +10,13 @@ ENV PYTHONDONTWRITEBYTECODE 1
 # Install:
 # - Azure Pipelines agent system requirements
 # - Azure CLI system requirements (Python 3.11, plus C/Rust build tools for libs non pre-built on this platform)
-# - ASP.NET Core runtime
 # - zsh, for inter-operability
 # - fuse-overlayfs, iptables, shadow-utils, for BuildKit
 # - gzip, make, tar, unzip, wget, zip, zstd for developer ease-of-life
+# - libicu for Powershell and globalization support with .NET
 ARG JQ_VERSION
 RUN --mount=target=/var/cache/yum,type=cache,sharing=locked \
     microdnf install -y --nodocs --setopt=install_weak_deps=0 \
-        aspnetcore-runtime-6.0 \
         ca-certificates \
         cargo \
         findutils \
@@ -32,6 +31,7 @@ RUN --mount=target=/var/cache/yum,type=cache,sharing=locked \
         iptables \
         iputils \
         jq-${JQ_VERSION} \
+        libicu \
         make \
         openssl-devel \
         pkg-config \

src/docker/Dockerfile-win-ltsc2019

@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/dotnet/sdk:6.0-windowsservercore-ltsc2019@sha256:e3f6f63b2be79b773ac123accc47f70081e8377db2d7b46c2015a16e0e708492
+FROM mcr.microsoft.com/windows/servercore:ltsc2019@sha256:4fe58f25a157ea749c7b770acebfdbd70c3cb2088c446943e90fe89ea059558b
 
 # Configure local user
 USER ContainerAdministrator

src/docker/Dockerfile-win-ltsc2022

@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/dotnet/sdk:6.0-windowsservercore-ltsc2022@sha256:6e55dbc81647b9b0d7b68db015313ee5d24eab44a7daf411d2c05454e44c5ee0
+FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:308ef3f8ee3e9c9a1bdec460009c1e6394b329db13eb3149461f8841be5b538a
 
 # Configure local user
 USER ContainerAdministrator