#!/bin/bash
[ -f /.dockerenv ] || { echo "please run in supplied container"; exit 1; }
set -e

cat /etc/apt/packages-old.list | sed 's/=.*//g' \
	> /etc/apt/packages.list

snapshot_date=$(date -d @${GIT_EPOCH} +"%Y%m%dT000000Z")
cat <<-EOF > /etc/apt/sources.list
deb http://deb.debian.org/debian buster main
deb http://snapshot.debian.org/archive/debian/${snapshot_date} buster main
deb http://security.debian.org/debian-security buster/updates main
deb http://snapshot.debian.org/archive/debian-security/${snapshot_date} buster/updates main
deb http://deb.debian.org/debian buster-updates main
deb http://snapshot.debian.org/archive/debian/${snapshot_date} buster-updates main
EOF

apt-get update
apt install -y openssl
apt-get install -y --download-only $(cat /etc/apt/packages.list)

(
	cd /var/cache/apt/archives \
		&& find . -type f \( -iname \*.deb \) -exec openssl sha256 -r {} \; \
		| sed 's/ \*.\// /g' \
		| LC_ALL=C sort
) > /etc/apt/package-hashes.txt

cat /etc/apt/package-hashes.txt \
	| awk '{ print $2 }' \
	| sed -e 's/_[a-z0-9]\+\.deb//g' -e 's/_/=/g' \
	> /etc/apt/packages.list