commit b609b3fa7acb949effe1e833113c4d753c7f24bb
Author: Sofia Boldyreva <mooresofia81@gmail.com>
Date:   Fri Jan 31 15:27:29 2025 +0100

    Initial commit

diff --git a/config.yaml b/config.yaml
new file mode 100644
index 0000000..b025b68
--- /dev/null
+++ b/config.yaml
@@ -0,0 +1,77 @@
+actions:
+  - replace:
+      - target: ".shim.metadata"
+        find: |
+              9ca9cfa834aedfaf3efe2216bfa1cb7c286ee1c0 SOURCES/fbx64.efi
+              5eb0ac78eee6aeeaf44a3f11d002b4fe00af6916 SOURCES/mmx64.efi
+              4312f246b6ba692040383f10358ac9a5927207de SOURCES/shimaa64.efi
+              783fb77783e9d0c4c400b723dfd0f02f006616ae SOURCES/shimx64.efi
+        replace: |
+              4591a3da03f337b27e963b69202f7109496c0ef8 SOURCES/fbaa64.efi
+              403a4e918a00f5e90551085c7ba545969feee26e SOURCES/fbx64.efi
+              48fe2246bcc52729315e7db8361d753ab6be1633 SOURCES/mmaa64.efi
+              08fa765dbe8902c022fe0d5b5803c14bc1e44a5c SOURCES/mmx64.efi
+              206b13df7ccae83bf2f961da7010e16eac372b28 SOURCES/shimaa64.efi
+              1208043ca28f8566c115d8a15ba9bd8163b6badb SOURCES/shimx64.efi
+        count: 1
+      - target: "shim.rpmmacros"
+        find: |
+              %global shimveraa64 15.8-2.el9
+              %global shimverx64 15.8-2.el9
+        replace: |
+              %global shimveraa64 15.8-2.el9.alma.1
+              %global shimverx64 15.8-2.el9.alma.1
+        count: 1
+      - target: "shim.rpmmacros"
+        find: "Requires: dbxtool >= 0.6-3						\\"
+        replace: |
+              %{expand:%ifarch x86_64						\
+              # SecureBoot keys dependencies						\
+              Requires: almalinux(grub2-sig-key) >= 202303				\
+              Requires: almalinux(kernel-sig-key) >= 202303				\
+              %endif}
+        count: 1
+      - target: "shim.rpmmacros"
+        find: |
+              %ifarch aarch64
+              %global is_signed no
+        replace: |
+              %ifarch aarch64
+              %global is_signed yes
+        count: 1
+      - target: "spec"
+        find: "Name:		shim"
+        replace: |
+              %global efi_vendor almalinux
+              %global efidir almalinux
+              %global efi_esp_dir /boot/efi/EFI/%{efidir}
+              
+              Name:		shim
+        count: 1
+        
+  - delete_line:
+      - target: "spec"
+        lines:
+          - |
+            Source1:	redhatsecureboot501.cer
+            Source2:	redhatsecurebootca5.cer
+
+  - modify_release:
+    - suffix: ".alma.2"
+      enabled: true
+
+  - changelog_entry:
+      - name: "Eduard Abdullin"
+        email: "eabdullin@almalinux.org"
+        line:
+          - "Add SB for aarch64"
+          - "Use AlmaLinux cert"
+
+  - add_files:
+      - type: "source"
+        name: "almalinuxsecurebootca0"
+        number: 1
+
+  - delete_files:
+      - file_name: "redhatsecureboot501.cer"
+      - file_name: "redhatsecurebootca5.cer"
diff --git a/files/almalinuxsecurebootca0.cer b/files/almalinuxsecurebootca0.cer
new file mode 100644
index 0000000..6a4e99b
Binary files /dev/null and b/files/almalinuxsecurebootca0.cer differ