airgap/scripts/update-packages

33 lines
1.1 KiB
Bash
Executable File

#!/bin/bash
[ -f /.dockerenv ] || { echo "please run in supplied container"; exit 1; }
set -e
cat /etc/apt/packages-old.list | sed 's/=.*//g' \
> /etc/apt/packages.list
snapshot_date=$(date -d @${GIT_EPOCH} +"%Y%m%dT000000Z")
cat <<-EOF > /etc/apt/sources.list
deb http://deb.debian.org/debian buster main
deb http://snapshot.debian.org/archive/debian/${snapshot_date} buster main
deb http://security.debian.org/debian-security buster/updates main
deb http://snapshot.debian.org/archive/debian-security/${snapshot_date} buster/updates main
deb http://deb.debian.org/debian buster-updates main
deb http://snapshot.debian.org/archive/debian/${snapshot_date} buster-updates main
EOF
apt-get update
apt install -y openssl
apt-get install -y --download-only $(cat /etc/apt/packages.list)
(
cd /var/cache/apt/archives \
&& find . -type f \( -iname \*.deb \) -exec openssl sha256 -r {} \; \
| sed 's/ \*.\// /g' \
| LC_ALL=C sort
) > /etc/apt/package-hashes.txt
cat /etc/apt/package-hashes.txt \
| awk '{ print $2 }' \
| sed -e 's/_[a-z0-9]\+\.deb//g' -e 's/_/=/g' \
> /etc/apt/packages.list