The MicroBuild plugin needs the .NET 8 runtime in order to use the ESRP CLI tooling on mac & linux. This means that .NET 8 needed to be installed to the place where SignTool and the MicroBuild plugin can access it. This location is <repo>/.dotnet/dotnet. In turn, this means that the MicroBuild plugin also had to be installed inside the sources directory so that it can access <repo>/.dotnet/dotnet.

Having MicroBuild installed in the sources directory leads to a few challenges: signing will not work if the source repo is checked out with clean after MicroBuild is installed, and sometimes the SFI tooling will raise issues.

The solution here is to move the MicroBuild sources to a temporary directory and install the .NET 8 runtime to the same temporary directory. SignTool will need to be adjusted to include a new parameter called DotnetCorePathForMicrobuild which will be set to the .NET path inside the temporary directory.

We cannot adjust the current dotnet path that SignTool uses because SignTool makes use of tooling that requires the latest .NET version to run (eg Microsoft.DotNet.Tar)