WIP
[shim-review.git] / Dockerfile
1 FROM debian:unstable-20190204
2 RUN apt-get update -y
3 RUN DEBIAN_FRONTEND=noninteractive apt-get install -y ca-certificates
4 RUN echo "deb     [check-valid-until=no] https://snapshot.debian.org/archive/debian/20190211T111800Z/ unstable main" > /etc/apt/sources.list
5 RUN echo "deb-src [check-valid-until=no] https://snapshot.debian.org/archive/debian/20190211T111800Z/ unstable main" >> /etc/apt/sources.list
6 RUN apt-get update -y
7 # Force downgrading of this, since we get a too new version from ca-certificates
8 Run apt-get -y --allow-downgrades --no-install-recommends install libssl1.1=1.1.1a-1 openssl=1.1.1a-1
9 RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends  build-essential git-buildpackage
10 RUN apt-get build-dep -y shim
11 RUN git clone https://github.com/tfheen/shim-review.git
12 COPY shimx64.efi /shim-review/shimx64.efi
13 RUN git clone https://salsa.debian.org/vorlon/shim.git
14 WORKDIR /shim
15 RUN gbp buildpackage -us -uc
16 WORKDIR /
17 RUN hexdump -Cv /shim-review/shimx64.efi > orig
18 RUN hexdump -Cv /shim/shimx64.efi > build
19 RUN diff -u orig build