Dockerfile

FROM ubuntu:18.04

RUN apt update -y \
	&& DEBIAN_FRONTEND=noninteractive \
	&& apt-get update \
	&& apt-get install -y \
	  make \
	  openssl \
	  gcc \
	  bsdmainutils \
	  gnu-efi \
	  git

COPY ./ /shim-review/ 

WORKDIR /shim_source
RUN git clone https://github.com/rhboot/shim.git	--branch shim-15.4 . \
	&& git checkout 16eeafe28c552bca36953d75581500887631a7f1

WORKDIR /shim_source/gnu-efi
RUN git clone https://github.com/rhboot/gnu-efi.git --branch shim-15.4 . \
	&& git checkout f0f98248649b4b219764bd46854697bcec858081

#build shim for x64 systems
WORKDIR /shim_x64
RUN LIB_PATH=/usr/lib64 \
	&& make -C /shim_source clean \
	&& make -C /shim_source ARCH=x86_64 EFIDIR=/usr/lib DEFAULT_LOADER=bblefi-x64/grub2_x64.efi VENDOR_CERT_FILE=/shim-review/bsAG_EV_productive_2020.cer  2>&1 | tee grub2_x64_build.log \
	&& cp /shim_source/shimx64.efi ./shim_x64.efi 

WORKDIR /

# FIXME: This only works on x86-64 efi binary
RUN hexdump -Cv /shim-review/shim_x64.efi > orig_x64 && \
    hexdump -Cv /shim_x64/shim_x64.efi > build_x64 

RUN diff -u orig_x64 build_x64