BUILDING.md
To build the container project, you need:
[!IMPORTANT] There is a bug in the
vmnetframework on macOS 26 that causes network creation to fail if thecontainerhelper applications are located under yourDocumentsorDesktopdirectories. If you usemake install, you can simply run thecontainerbinary in/usr/local. If you prefer to use the binaries thatmake allcreates in your projectbinandlibexecdirectories, locate your project elsewhere, such as~/projects/container, until this issue is resolved.
Build container and the background services from source, and run basic and integration tests:
make all test integration
Copy the binaries to /usr/local/bin and /usr/local/libexec (requires entering an administrator password):
make install
Or to install a release build, with better performance than the debug build:
BUILD_CONFIGURATION=release make all test integration
BUILD_CONFIGURATION=release make install
container uses gRPC to communicate to the builder virtual machine that creates images from Dockerfiles, and depends on specific versions of grpc-swift and swift-protobuf. If you make changes to the gRPC APIs in the container-builder-shim project, install the tools and re-generate the gRPC code in this project using:
make protos
To make changes to container that require changes to the Containerization project, or vice versa:
Clone the Containerization repository such that it sits next to your clone
of the container repository. Ensure that you follow containerization instructions
to prepare your build environment.
In your development shell, go to the container project directory.
cd container
If the container services are already running, stop them.
bin/container system stop
Reconfigure the Swift project to use your local containerization package and update your Package.resolved file.
/usr/bin/swift package edit --path ../containerization containerization
/usr/bin/swift package update containerization
[!IMPORTANT] If you are using Xcode, do not run
swift package edit. Instead, temporarily modifyPackage.swiftto replace the versionedcontainerizationdependency:swift.package(url: "https://github.com/apple/containerization.git", exact: Version(stringLiteral: scVersion)),with the local path dependency:
swift.package(path: "../containerization"),Note: If you have already run
swift package edit, whether intentionally or by accident, follow the steps in the next section to restore the normalcontainerizationdependency. Otherwise, the modifiedPackage.swiftfile will not work, and the project may fail to build.
If you want container to use any changes you made in the vminit subproject of Containerization, update the system property to use the locally built init filesystem image:
container system property set image.init vminit:latest
Build container.
make clean all
Restart the container services.
bin/container system stop
bin/container system start
To revert to using the Containerization dependency from your Package.swift:
If you were using the local init filesystem, revert the system property to its default value:
container system property clear image.init
Use the Swift package manager to restore the normal containerization dependency and update your Package.resolved file. If you are using Xcode, revert your Package.swift change instead of using swift package unedit.
/usr/bin/swift package unedit containerization
/usr/bin/swift package update containerization
Rebuild container.
make clean all
Restart the container services.
bin/container system stop
bin/container system start
To test changes that require the container-builder-shim project:
Clone the container-builder-shim repository and navigate to its directory.
After making the necessary changes, build the custom builder image, set it as the active builder image, and remove the existing buildkit container so the new image will be used:
container build -t builder .
container system property set image.builder builder:latest
container rm -f buildkit
container build as usual:container build ...
[!IMPORTANT] If your modified builder image is broken, make sure to rebuild and correctly tag the builder image before attempting to build
container-builder-shimagain.
Attach debugger to the XPC helpers using their launchd service labels:
Find launchd service labels:
% container system start
% container run -d --name test debian:bookworm sleep infinity
test
% launchctl list | grep container
27068 0 com.apple.container.container-network-vmnet.default
27072 0 com.apple.container.container-core-images
26980 0 com.apple.container.apiserver
27331 0 com.apple.container.container-runtime-linux.test
Stop container and start again after setting the environment variable CONTAINER_DEBUG_LAUNCHD_LABEL to the label of service to attach debugger. Services whose label starts with the CONTAINER_DEBUG_LAUNCHD_LABEL will wait the debugger:
% export CONTAINER_DEBUG_LAUNCHD_LABEL=com.apple.container.container-runtime-linux.test
% container system start # Only the service `com.apple.container.container-runtime-linux.test` waits debugger
% export CONTAINER_DEBUG_LAUNCHD_LABEL=com.apple.container.container-runtime-linux
% container system start # Every service starting with `com.apple.container.container-runtime-linux` waits debugger
Run the command to launch the service, and attach debugger:
% container run -it --name test debian:bookworm
⠧ [6/6] Starting container [0s] # It hangs as the service is waiting for debugger
Run make pre-commit to install a pre-commit hook that ensures that your changes have correct formatting and license headers when you run git commit.