Skip to content
Permalink
Browse files

Fix opam-repository commit for reproducible builds

Also, display the actual and expected SHA hashes after building.
  • Loading branch information
Thomas Leonard
Thomas Leonard committed Jan 28, 2017
1 parent d6074f2 commit 07ff3d61477383860216c69869a1ffee59145e45
Showing with 10 additions and 1 deletion.
  1. +5 −0 Dockerfile
  2. +5 −1 build-with-docker.sh
@@ -1,4 +1,9 @@
FROM ocaml/opam:debian-8_ocaml-4.03.0

# Pin last known-good version for reproducible builds.
# Remove this line if you want to test with the latest versions.
RUN cd opam-repository && git reset --hard 0f17b354206c97e729700ce60ddce3789ccb1d52 && opam update

RUN sudo apt-get install -y m4 libxen-dev
RUN opam install -y vchan xen-gnt mirage-xen-ocaml mirage-xen-minios io-page mirage-xen mirage
RUN opam pin add -n -y mirage-nat 'https://github.com/talex5/mirage-nat.git#simplify-checksum'
@@ -1,4 +1,8 @@
#!/bin/sh
set -eux
set -eu
echo Building Docker image with dependencies..
docker build -t qubes-mirage-firewall .
echo Building Firewall...
docker run --rm -i -v `pwd`:/home/opam/qubes-mirage-firewall qubes-mirage-firewall
echo "SHA2 of build: $(sha256sum mir-qubes-firewall.xen)"
echo "SHA2 last known: f0c1a06fc4b02b494c81972dc89419af6cffa73b75839c0e8ee3798d77bf69b3"

0 comments on commit 07ff3d6

Please sign in to comment.
You can’t perform that action at this time.