diff --git a/Dockerfile b/Dockerfile index b0ae3c3b..2a04648d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,16 +14,19 @@ RUN gbp clone --pristine-tar https://github.com/endlessm/shim.git && \ cd /shim && \ git checkout -B endless/master "${GIT_TAG}" && \ export DEB_BUILD_OPTIONS=nocheck && \ - gbp buildpackage --git-builder=dpkg-buildpackage && \ - cp debian/shim-efi-image/boot/efi/EFI/endless/shimx64.efi /shim && \ - hexdump -Cv /shim/shimx64.efi > /shim/shimx64.efi.hd + gbp buildpackage --git-builder=dpkg-buildpackage --git-export-dir=/shim-build && \ + dpkg-deb -x /shim-build/shim-efi-image_*.deb /shim-build/shim-efi-image && \ + cp /shim-build/shim-efi-image/boot/efi/EFI/endless/shimx64.efi /shim-build && \ + rm -rf /shim-build/shim-efi-image && \ + hexdump -Cv /shim-build/shimx64.efi > /shim-build/shimx64.efi.hd -RUN sha256sum /shim-review/shimx64.efi && \ - sha256sum /shim/shimx64.efi && \ - if cmp -s /shim-review/shimx64.efi /shim/shimx64.efi; then \ +RUN echo 'a79f0a9b89f3681ab384865b1a46ab3f79d88b11b4ca59aa040ab03fffae80a9 /shim-build/shim_15.8.orig.tar.bz2' | sha256sum -c && \ + sha256sum /shim-review/shimx64.efi && \ + sha256sum /shim-build/shimx64.efi && \ + if cmp -s /shim-review/shimx64.efi /shim-build/shimx64.efi; then \ echo "Built shim matches review shim"; \ else \ echo "ERROR: Built shim does not match review shim!" && \ - diff -u /shim-review/shimx64.efi.hd /shim/shimx64.efi.hd || \ + diff -u /shim-review/shimx64.efi.hd /shim-build/shimx64.efi.hd || \ true; \ fi