Inline SHA256_CHECKSUM instead of using file

This commit is contained in:
Henrik Jonsson 2016-05-11 22:08:36 +02:00
parent 25be390bd9
commit b0aa22d50c
2 changed files with 7 additions and 8 deletions

View File

@ -5,11 +5,10 @@ FROM debian
MAINTAINER Henrik Jonsson <me@hkjn.me> MAINTAINER Henrik Jonsson <me@hkjn.me>
ENV TOR_VERSION 6.0a5-hardened ENV TOR_VERSION 6.0a5-hardened
ENV SHA256_CHECKSUM f5224c78c3f0da2df4286a6e33a4afec3339a9d6848ff9b6480a42214b8bed8c
ENV LANG C.UTF-8 ENV LANG C.UTF-8
ENV RELEASE_FILE tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz ENV RELEASE_FILE tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz
ENV RELEASE_KEY 0x4E2C6E8793298290 ENV RELEASE_KEY 0x4E2C6E8793298290
ENV CHECKSUMS_FILE sha256sums-unsigned-build.txt
ENV RELEASE_URL https://dist.torproject.org/torbrowser/${TOR_VERSION}/${RELEASE_FILE} ENV RELEASE_URL https://dist.torproject.org/torbrowser/${TOR_VERSION}/${RELEASE_FILE}
RUN apt-get update && \ RUN apt-get update && \
@ -30,16 +29,17 @@ RUN useradd --create-home --home-dir $HOME user && \
WORKDIR /usr/local/bin WORKDIR /usr/local/bin
COPY $CHECKSUMS_FILE . RUN gpg --keyserver pgp.mit.edu --recv-keys $RELEASE_KEY && \
RUN gpg --keyserver pgp.mit.edu --recv-keys $RELEASE_KEY curl --fail -O -sSL ${RELEASE_URL} && \
RUN curl --fail -O -sSL ${RELEASE_URL} && \
curl --fail -O -sSL ${RELEASE_URL}.asc && \ curl --fail -O -sSL ${RELEASE_URL}.asc && \
gpg --verify ${RELEASE_FILE}.asc && \ gpg --verify ${RELEASE_FILE}.asc && \
sha256sum -c sha256sums-unsigned-build.txt && \ echo "$SHA256_CHECKSUM $RELEASE_FILE" > sha256sums.txt && \
sha256sum -c sha256sums.txt && \
tar --strip-components=1 -vxJf ${RELEASE_FILE} && \ tar --strip-components=1 -vxJf ${RELEASE_FILE} && \
rm -v ${RELEASE_FILE}* && \ rm -v ${RELEASE_FILE}* sha256sums.txt && \
mkdir /usr/local/bin/Browser/Downloads && \ mkdir /usr/local/bin/Browser/Downloads && \
chown -R user:user /usr/local/bin/Browser/Downloads chown -R user:user /usr/local/bin/Browser/Downloads
rm -v ${RELEASE_FILE}*
WORKDIR /usr/local/bin/Browser/Downloads WORKDIR /usr/local/bin/Browser/Downloads
USER user USER user

View File

@ -1 +0,0 @@
8e1f3ae7888d629b677ccf483aa5fa077914cfe6fa45a1d377f5a9489b9cc3f1 tor-browser-linux64-6.0a5-hardened_ALL.tar.xz