Showing preview only (2,140K chars total). Download the full file or copy to clipboard to get everything.
Repository: apple/container
Branch: main
Commit: e5f9abd8ff31
Files: 366
Total size: 2.0 MB
Directory structure:
gitextract_3edvqd6j/
├── .github/
│ ├── ISSUE_TEMPLATE/
│ │ ├── 01-bug.yml
│ │ ├── 02-feature.yml
│ │ └── config.yml
│ ├── dependabot.yml
│ ├── labeler.yml
│ ├── pull_request_template.md
│ └── workflows/
│ ├── common.yml
│ ├── docs-release.yml
│ ├── merge-build.yml
│ ├── pr-build.yml
│ ├── pr-label-analysis.yml
│ ├── pr-label-apply.yml
│ ├── release-build.yml
│ └── release.yml
├── .gitignore
├── .spi.yml
├── .swift-format
├── .swift-format-nolint
├── BUILDING.md
├── CONTRIBUTING.md
├── LICENSE
├── MAINTAINERS.txt
├── Makefile
├── Package.resolved
├── Package.swift
├── Protobuf.Makefile
├── README.md
├── SECURITY.md
├── Sources/
│ ├── CAuditToken/
│ │ ├── AuditToken.c
│ │ └── include/
│ │ └── AuditToken.h
│ ├── CLI/
│ │ └── ContainerCLI.swift
│ ├── CVersion/
│ │ ├── Version.c
│ │ └── include/
│ │ └── Version.h
│ ├── ContainerBuild/
│ │ ├── BuildAPI+Extensions.swift
│ │ ├── BuildFSSync.swift
│ │ ├── BuildFile.swift
│ │ ├── BuildImageResolver.swift
│ │ ├── BuildPipelineHandler.swift
│ │ ├── BuildRemoteContentProxy.swift
│ │ ├── BuildStdio.swift
│ │ ├── Builder.grpc.swift
│ │ ├── Builder.pb.swift
│ │ ├── Builder.swift
│ │ ├── Globber.swift
│ │ ├── TerminalCommand.swift
│ │ └── URL+Extensions.swift
│ ├── ContainerCommands/
│ │ ├── AggregateError.swift
│ │ ├── Application.swift
│ │ ├── AsyncLoggableCommand.swift
│ │ ├── BuildCommand.swift
│ │ ├── Builder/
│ │ │ ├── Builder.swift
│ │ │ ├── BuilderDelete.swift
│ │ │ ├── BuilderStart.swift
│ │ │ ├── BuilderStatus.swift
│ │ │ └── BuilderStop.swift
│ │ ├── Codable+JSON.swift
│ │ ├── Container/
│ │ │ ├── ContainerCreate.swift
│ │ │ ├── ContainerDelete.swift
│ │ │ ├── ContainerExec.swift
│ │ │ ├── ContainerExport.swift
│ │ │ ├── ContainerInspect.swift
│ │ │ ├── ContainerKill.swift
│ │ │ ├── ContainerList.swift
│ │ │ ├── ContainerLogs.swift
│ │ │ ├── ContainerPrune.swift
│ │ │ ├── ContainerRun.swift
│ │ │ ├── ContainerStart.swift
│ │ │ ├── ContainerStats.swift
│ │ │ ├── ContainerStop.swift
│ │ │ └── ProcessUtils.swift
│ │ ├── DefaultCommand.swift
│ │ ├── Image/
│ │ │ ├── ImageCommand.swift
│ │ │ ├── ImageDelete.swift
│ │ │ ├── ImageInspect.swift
│ │ │ ├── ImageList.swift
│ │ │ ├── ImageLoad.swift
│ │ │ ├── ImagePrune.swift
│ │ │ ├── ImagePull.swift
│ │ │ ├── ImagePush.swift
│ │ │ ├── ImageSave.swift
│ │ │ └── ImageTag.swift
│ │ ├── Network/
│ │ │ ├── NetworkCommand.swift
│ │ │ ├── NetworkCreate.swift
│ │ │ ├── NetworkDelete.swift
│ │ │ ├── NetworkInspect.swift
│ │ │ ├── NetworkList.swift
│ │ │ └── NetworkPrune.swift
│ │ ├── Registry/
│ │ │ ├── RegistryCommand.swift
│ │ │ ├── RegistryList.swift
│ │ │ ├── RegistryLogin.swift
│ │ │ └── RegistryLogout.swift
│ │ ├── System/
│ │ │ ├── DNS/
│ │ │ │ ├── DNSCreate.swift
│ │ │ │ ├── DNSDelete.swift
│ │ │ │ └── DNSList.swift
│ │ │ ├── Kernel/
│ │ │ │ └── KernelSet.swift
│ │ │ ├── Property/
│ │ │ │ ├── PropertyClear.swift
│ │ │ │ ├── PropertyGet.swift
│ │ │ │ ├── PropertyList.swift
│ │ │ │ └── PropertySet.swift
│ │ │ ├── SystemCommand.swift
│ │ │ ├── SystemDF.swift
│ │ │ ├── SystemDNS.swift
│ │ │ ├── SystemKernel.swift
│ │ │ ├── SystemLogs.swift
│ │ │ ├── SystemProperty.swift
│ │ │ ├── SystemStart.swift
│ │ │ ├── SystemStatus.swift
│ │ │ ├── SystemStop.swift
│ │ │ └── SystemVersion.swift
│ │ └── Volume/
│ │ ├── VolumeCommand.swift
│ │ ├── VolumeCreate.swift
│ │ ├── VolumeDelete.swift
│ │ ├── VolumeInspect.swift
│ │ ├── VolumeList.swift
│ │ └── VolumePrune.swift
│ ├── ContainerLog/
│ │ ├── FileLogHandler.swift
│ │ ├── OSLogHandler.swift
│ │ ├── ServiceLogger.swift
│ │ └── StderrLogHandler.swift
│ ├── ContainerOS/
│ │ ├── DirectoryWatcher.swift
│ │ └── LocalNetworkPrivacy.swift
│ ├── ContainerPersistence/
│ │ ├── DefaultsStore.swift
│ │ └── EntityStore.swift
│ ├── ContainerPlugin/
│ │ ├── ApplicationRoot.swift
│ │ ├── InstallRoot.swift
│ │ ├── LaunchPlist.swift
│ │ ├── LogRoot.swift
│ │ ├── Plugin.swift
│ │ ├── PluginConfig.swift
│ │ ├── PluginFactory.swift
│ │ ├── PluginLoader.swift
│ │ └── ServiceManager.swift
│ ├── ContainerResource/
│ │ ├── Common/
│ │ │ ├── ManagedResource.swift
│ │ │ └── ResourceLabels.swift
│ │ ├── Container/
│ │ │ ├── Bundle.swift
│ │ │ ├── ContainerConfiguration.swift
│ │ │ ├── ContainerCreateOptions.swift
│ │ │ ├── ContainerListFilters.swift
│ │ │ ├── ContainerSnapshot.swift
│ │ │ ├── ContainerStats.swift
│ │ │ ├── ContainerStopOptions.swift
│ │ │ ├── Filesystem.swift
│ │ │ ├── ProcessConfiguration.swift
│ │ │ ├── PublishPort.swift
│ │ │ ├── PublishSocket.swift
│ │ │ └── RuntimeStatus.swift
│ │ ├── Image/
│ │ │ ├── ImageDescription.swift
│ │ │ └── ImageDetail.swift
│ │ ├── Network/
│ │ │ ├── AllocatedAttachment.swift
│ │ │ ├── Attachment.swift
│ │ │ ├── AttachmentConfiguration.swift
│ │ │ ├── NetworkConfiguration.swift
│ │ │ ├── NetworkMode.swift
│ │ │ └── NetworkState.swift
│ │ ├── Registry/
│ │ │ └── RegistryResource.swift
│ │ └── Volume/
│ │ └── Volume.swift
│ ├── ContainerVersion/
│ │ ├── Bundle+AppBundle.swift
│ │ ├── CommandLine+Executable.swift
│ │ └── ReleaseVersion.swift
│ ├── ContainerXPC/
│ │ ├── XPCClient.swift
│ │ ├── XPCMessage.swift
│ │ └── XPCServer.swift
│ ├── DNSServer/
│ │ ├── DNSHandler.swift
│ │ ├── DNSServer+Handle.swift
│ │ ├── DNSServer.swift
│ │ ├── Handlers/
│ │ │ ├── CompositeResolver.swift
│ │ │ ├── HostTableResolver.swift
│ │ │ ├── NxDomainResolver.swift
│ │ │ └── StandardQueryValidator.swift
│ │ ├── Records/
│ │ │ ├── DNSBindError.swift
│ │ │ ├── DNSEnums.swift
│ │ │ ├── DNSName.swift
│ │ │ ├── IPAddressProtocol.swift
│ │ │ ├── Message.swift
│ │ │ ├── Question.swift
│ │ │ ├── ResourceRecord.swift
│ │ │ └── UInt8+Binding.swift
│ │ └── Types.swift
│ ├── Helpers/
│ │ ├── APIServer/
│ │ │ ├── APIServer+Start.swift
│ │ │ ├── APIServer.swift
│ │ │ ├── ContainerDNSHandler.swift
│ │ │ └── LocalhostDNSHandler.swift
│ │ ├── Images/
│ │ │ └── ImagesHelper.swift
│ │ ├── NetworkVmnet/
│ │ │ ├── NetworkVmnetHelper+Start.swift
│ │ │ └── NetworkVmnetHelper.swift
│ │ └── RuntimeLinux/
│ │ ├── IsolatedInterfaceStrategy.swift
│ │ ├── NonisolatedInterfaceStrategy.swift
│ │ ├── RuntimeLinuxHelper+Start.swift
│ │ └── RuntimeLinuxHelper.swift
│ ├── Services/
│ │ ├── ContainerAPIService/
│ │ │ ├── Client/
│ │ │ │ ├── Arch.swift
│ │ │ │ ├── Archiver.swift
│ │ │ │ ├── Array+Dedupe.swift
│ │ │ │ ├── ClientDiskUsage.swift
│ │ │ │ ├── ClientHealthCheck.swift
│ │ │ │ ├── ClientImage.swift
│ │ │ │ ├── ClientKernel.swift
│ │ │ │ ├── ClientNetwork.swift
│ │ │ │ ├── ClientProcess.swift
│ │ │ │ ├── ClientVolume.swift
│ │ │ │ ├── Constants.swift
│ │ │ │ ├── ContainerClient.swift
│ │ │ │ ├── ContainerizationProgressAdapter.swift
│ │ │ │ ├── DefaultPlatform.swift
│ │ │ │ ├── DiskUsage.swift
│ │ │ │ ├── FileDownloader.swift
│ │ │ │ ├── Flags.swift
│ │ │ │ ├── HostDNSResolver.swift
│ │ │ │ ├── ImageLoadResult.swift
│ │ │ │ ├── Measurement+Parse.swift
│ │ │ │ ├── PacketFilter.swift
│ │ │ │ ├── Parser.swift
│ │ │ │ ├── ProcessIO.swift
│ │ │ │ ├── ProgressUpdateClient.swift
│ │ │ │ ├── ProgressUpdateService.swift
│ │ │ │ ├── RequestScheme.swift
│ │ │ │ ├── SignalThreshold.swift
│ │ │ │ ├── String+Extensions.swift
│ │ │ │ ├── SystemHealth.swift
│ │ │ │ ├── TableOutput.swift
│ │ │ │ ├── Utility.swift
│ │ │ │ └── XPC+.swift
│ │ │ └── Server/
│ │ │ ├── Containers/
│ │ │ │ ├── ContainersHarness.swift
│ │ │ │ └── ContainersService.swift
│ │ │ ├── DiskUsage/
│ │ │ │ ├── DiskUsageHarness.swift
│ │ │ │ └── DiskUsageService.swift
│ │ │ ├── HealthCheck/
│ │ │ │ └── HealthCheckHarness.swift
│ │ │ ├── Kernel/
│ │ │ │ ├── KernelHarness.swift
│ │ │ │ └── KernelService.swift
│ │ │ ├── Networks/
│ │ │ │ ├── NetworksHarness.swift
│ │ │ │ └── NetworksService.swift
│ │ │ ├── Plugin/
│ │ │ │ ├── PluginsHarness.swift
│ │ │ │ └── PluginsService.swift
│ │ │ └── Volumes/
│ │ │ ├── VolumesHarness.swift
│ │ │ └── VolumesService.swift
│ │ ├── ContainerImagesService/
│ │ │ ├── Client/
│ │ │ │ ├── ImageServiceXPCKeys.swift
│ │ │ │ ├── ImageServiceXPCRoutes.swift
│ │ │ │ └── RemoteContentStoreClient.swift
│ │ │ └── Server/
│ │ │ ├── ContentServiceHarness.swift
│ │ │ ├── ContentStoreService.swift
│ │ │ ├── ImagesService.swift
│ │ │ ├── ImagesServiceHarness.swift
│ │ │ └── SnapshotStore.swift
│ │ ├── ContainerNetworkService/
│ │ │ ├── Client/
│ │ │ │ ├── NetworkClient.swift
│ │ │ │ ├── NetworkKeys.swift
│ │ │ │ └── NetworkRoutes.swift
│ │ │ └── Server/
│ │ │ ├── AllocationOnlyVmnetNetwork.swift
│ │ │ ├── AttachmentAllocator.swift
│ │ │ ├── Network.swift
│ │ │ ├── NetworkService.swift
│ │ │ └── ReservedVmnetNetwork.swift
│ │ └── ContainerSandboxService/
│ │ ├── Client/
│ │ │ ├── Bundle+Log.swift
│ │ │ ├── ExitMonitor.swift
│ │ │ ├── SandboxClient.swift
│ │ │ ├── SandboxKeys.swift
│ │ │ ├── SandboxRoutes.swift
│ │ │ ├── SandboxRuntimeConfiguration.swift
│ │ │ └── SandboxSnapshot.swift
│ │ └── Server/
│ │ ├── InterfaceStrategy.swift
│ │ └── SandboxService.swift
│ ├── SocketForwarder/
│ │ ├── ConnectHandler.swift
│ │ ├── GlueHandler.swift
│ │ ├── LRUCache.swift
│ │ ├── SocketForwarder.swift
│ │ ├── SocketForwarderResult.swift
│ │ ├── TCPForwarder.swift
│ │ └── UDPForwarder.swift
│ └── TerminalProgress/
│ ├── Int+Formatted.swift
│ ├── Int64+Formatted.swift
│ ├── ProgressBar+Add.swift
│ ├── ProgressBar+State.swift
│ ├── ProgressBar+Terminal.swift
│ ├── ProgressBar.swift
│ ├── ProgressConfig.swift
│ ├── ProgressTaskCoordinator.swift
│ ├── ProgressTheme.swift
│ ├── ProgressUpdate.swift
│ └── StandardError.swift
├── Tests/
│ ├── CLITests/
│ │ ├── Subcommands/
│ │ │ ├── Build/
│ │ │ │ ├── CLIBuildBase.swift
│ │ │ │ ├── CLIBuilderEnvOnlyTest.swift
│ │ │ │ ├── CLIBuilderLifecycleTest.swift
│ │ │ │ ├── CLIBuilderLocalOutputTest.swift
│ │ │ │ ├── CLIBuilderTarExportTest.swift
│ │ │ │ ├── CLIBuilderTest.swift
│ │ │ │ ├── CLIRunBase.swift
│ │ │ │ └── TestCLITermIO.swift
│ │ │ ├── Containers/
│ │ │ │ ├── TestCLICreate.swift
│ │ │ │ ├── TestCLIExec.swift
│ │ │ │ ├── TestCLIExport.swift
│ │ │ │ ├── TestCLIPrune.swift
│ │ │ │ ├── TestCLIRmRace.swift
│ │ │ │ └── TestCLIStats.swift
│ │ │ ├── Images/
│ │ │ │ └── TestCLIImagesCommand.swift
│ │ │ ├── Networks/
│ │ │ │ └── TestCLINetwork.swift
│ │ │ ├── Plugins/
│ │ │ │ └── TestCLIPluginErrors.swift
│ │ │ ├── Registry/
│ │ │ │ └── TestCLIRegistry.swift
│ │ │ ├── Run/
│ │ │ │ ├── TestCLIRunCommand.swift
│ │ │ │ ├── TestCLIRunInitImage.swift
│ │ │ │ └── TestCLIRunLifecycle.swift
│ │ │ ├── System/
│ │ │ │ ├── TestCLIStatus.swift
│ │ │ │ ├── TestCLIVersion.swift
│ │ │ │ └── TestKernelSet.swift
│ │ │ └── Volumes/
│ │ │ ├── TestCLIAnonymousVolumes.swift
│ │ │ └── TestCLIVolumes.swift
│ │ ├── TestCLINoParallelCases.swift
│ │ └── Utilities/
│ │ └── CLITest.swift
│ ├── ContainerAPIClientTests/
│ │ ├── ArchTests.swift
│ │ ├── DefaultPlatformTests.swift
│ │ ├── DiskUsageTests.swift
│ │ ├── HostDNSResolverTest.swift
│ │ ├── Measurement+ParseTests.swift
│ │ ├── PacketFilterTest.swift
│ │ ├── ParserTest.swift
│ │ ├── RequestSchemeTests.swift
│ │ └── UtilityTests.swift
│ ├── ContainerBuildTests/
│ │ ├── BuildFile.swift
│ │ ├── BuilderExtensionsTests.swift
│ │ └── GlobberTests.swift
│ ├── ContainerNetworkServiceTests/
│ │ └── AttachmentAllocatorTest.swift
│ ├── ContainerOSTests/
│ │ └── DirectoryWatcherTest.swift
│ ├── ContainerPluginTests/
│ │ ├── CommandLine+ExecutableTest.swift
│ │ ├── MockPluginFactory.swift
│ │ ├── PluginConfigTest.swift
│ │ ├── PluginFactoryTest.swift
│ │ ├── PluginLoaderTest.swift
│ │ └── PluginTest.swift
│ ├── ContainerResourceTests/
│ │ ├── ManagedResourceTests.swift
│ │ ├── NetworkConfigurationTest.swift
│ │ ├── PublishPortTests.swift
│ │ ├── RegistryResourceTests.swift
│ │ └── VolumeValidationTests.swift
│ ├── ContainerSandboxServiceTests/
│ │ └── RuntimeConfigurationTests.swift
│ ├── DNSServerTests/
│ │ ├── CompositeResolverTest.swift
│ │ ├── HostTableResolverTest.swift
│ │ ├── MockHandlers.swift
│ │ ├── NxDomainResolverTest.swift
│ │ ├── RecordsTests.swift
│ │ └── StandardQueryValidatorTest.swift
│ ├── SocketForwarderTests/
│ │ ├── ConnectHandlerRaceTest.swift
│ │ ├── LRUCacheTest.swift
│ │ ├── TCPEchoHandler.swift
│ │ ├── TCPEchoServer.swift
│ │ ├── TCPForwarderTest.swift
│ │ ├── UDPEchoHandler.swift
│ │ ├── UDPEchoServer.swift
│ │ └── UDPForwarderTest.swift
│ └── TerminalProgressTests/
│ └── ProgressBarTests.swift
├── config/
│ ├── container-core-images-config.json
│ ├── container-network-vmnet-config.json
│ └── container-runtime-linux-config.json
├── docs/
│ ├── command-reference.md
│ ├── how-to.md
│ ├── technical-overview.md
│ └── tutorial.md
├── licenserc.toml
├── scripts/
│ ├── container-header-style.toml
│ ├── ensure-container-stopped.sh
│ ├── ensure-hawkeye-exists.sh
│ ├── install-hawkeye.sh
│ ├── install-init.sh
│ ├── license-header.txt
│ ├── make-docs.sh
│ ├── pre-commit.fmt
│ ├── uninstall-container.sh
│ └── update-container.sh
└── signing/
├── container-network-vmnet.entitlements
└── container-runtime-linux.entitlements
================================================
FILE CONTENTS
================================================
================================================
FILE: .github/ISSUE_TEMPLATE/01-bug.yml
================================================
name: Bug report
description: File a bug report.
title: "[Bug]: "
type: "Bug"
body:
- type: markdown
attributes:
value: |
Thanks for taking the time to fill out this bug report!
- type: checkboxes
id: prereqs
attributes:
label: I have done the following
description: Select that you have completed the following prerequisites.
options:
- label: I have searched the existing issues
required: true
- label: If possible, I've reproduced the issue using the 'main' branch of this project
required: false
- type: textarea
id: reproduce
attributes:
label: Steps to reproduce
description: Explain how to reproduce the incorrect behavior.
validations:
required: true
- type: textarea
id: what-happened
attributes:
label: Current behavior
description: A concise description of what you're experiencing.
validations:
required: true
- type: textarea
id: expected
attributes:
label: Expected behavior
description: A concise description of what you expected to happen.
validations:
required: true
- type: textarea
attributes:
label: Environment
description: |
Examples:
- **OS**: macOS 26.0 (25A354)
- **Xcode**: Version 26.0 (17A324)
- **Container**: Container CLI version 0.1.0
value: |
- OS:
- Xcode:
- Container:
render: markdown
validations:
required: true
- type: textarea
id: logs
attributes:
label: Relevant log output
description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
value: |
N/A
render: shell
- type: checkboxes
id: terms
attributes:
label: Code of Conduct
description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/apple/.github/blob/main/CODE_OF_CONDUCT.md).
options:
- label: I agree to follow this project's Code of Conduct
required: true
================================================
FILE: .github/ISSUE_TEMPLATE/02-feature.yml
================================================
name: Feature or enhancement request
description: File a request for a feature or enhancement
title: "[Request]: "
type: "Feature"
body:
- type: markdown
attributes:
value: |
Thanks for contributing to the container project!
- type: textarea
id: request
attributes:
label: Feature or enhancement request details
description: Describe your proposed feature or enhancement. Code samples that show what's missing, or what new capabilities will be possible, are very helpful! Provide links to existing issues or external references/discussions, if appropriate.
validations:
required: true
- type: checkboxes
id: terms
attributes:
label: Code of Conduct
description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/apple/.github/blob/main/CODE_OF_CONDUCT.md).
options:
- label: I agree to follow this project's Code of Conduct
required: true
================================================
FILE: .github/ISSUE_TEMPLATE/config.yml
================================================
blank_issues_enabled: false
contact_links:
- name: Container community support
url: https://github.com/apple/container/discussions
about: Please ask and answer questions here.
================================================
FILE: .github/dependabot.yml
================================================
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
groups:
github-actions:
patterns:
- "*"
commit-message:
prefix: "ci"
================================================
FILE: .github/labeler.yml
================================================
cli:
- changed-files:
- any-glob-to-any-file:
- 'Sources/CLI/**'
- 'Sources/ContainerCommands/**'
documentation:
- changed-files:
- any-glob-to-any-file:
- '**/*.md'
- 'docs/**'
ci:
- changed-files:
- any-glob-to-any-file:
- '.github/**'
================================================
FILE: .github/pull_request_template.md
================================================
## Type of Change
- [ ] Bug fix
- [ ] New feature
- [ ] Breaking change
- [ ] Documentation update
## Motivation and Context
[Why is this change needed?]
## Testing
- [ ] Tested locally
- [ ] Added/updated tests
- [ ] Added/updated docs
================================================
FILE: .github/workflows/common.yml
================================================
name: container project - common jobs
permissions:
contents: read
on:
workflow_call:
inputs:
release:
type: boolean
description: "Publish this build for release"
default: false
jobs:
buildAndTest:
name: Build and test the project
if: github.repository == 'apple/container'
timeout-minutes: 60
runs-on: [self-hosted, macos, tahoe, ARM64]
permissions:
contents: read
packages: read
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
fetch-depth: 0
- name: Check formatting
run: |
./scripts/install-hawkeye.sh
make fmt
if ! git diff --quiet -- . ; then
echo "❌ The following files require formatting or license header updates:"
git diff --name-only -- .
false
fi
- name: Check protobuf
run: |
make protos
if ! git diff --quiet -- . ; then
echo "❌ The following files require formatting or license header updates:"
git diff --name-only -- .
false
fi
env:
DEVELOPER_DIR: "/Applications/Xcode-latest.app/Contents/Developer"
- name: Set build configuration
env:
RELEASE: ${{ inputs.release }}
run: |
echo "BUILD_CONFIGURATION=debug" >> $GITHUB_ENV
if [[ "${RELEASE}" == "true" ]]; then
echo "BUILD_CONFIGURATION=release" >> $GITHUB_ENV
fi
- name: Make the container project and docs
run: |
make container dsym docs
tar cfz _site.tgz _site
env:
DEVELOPER_DIR: "/Applications/Xcode-latest.app/Contents/Developer"
- name: Create package
run: |
mkdir -p outputs
mv "bin/${BUILD_CONFIGURATION}/container-installer-unsigned.pkg" outputs
mv "bin/${BUILD_CONFIGURATION}/bundle/container-dSYM.zip" outputs
- name: Test the container project
run: |
APP_ROOT=$(mktemp -d -p "${RUNNER_TEMP}")
LOG_ROOT="${APP_ROOT}/logs"
echo "created data directory: ${APP_ROOT}"
echo "hostname: $(hostname)"
export NO_PROXY="${NO_PROXY},192.168.0.0/16,fe80::/10"
echo NO_PROXY=${NO_PROXY}
export no_proxy="${no_proxy},192.168.0.0/16,fe80::/10"
echo no_proxy=${no_proxy}
echo "APP_ROOT=${APP_ROOT}" >> $GITHUB_ENV
echo "LOG_ROOT=${LOG_ROOT}" >> $GITHUB_ENV
make APP_ROOT="${APP_ROOT}" LOG_ROOT="${LOG_ROOT}" test install-kernel integration
env:
DEVELOPER_DIR: "/Applications/Xcode-latest.app/Contents/Developer"
- name: Archive test logs
if: always()
run: |
if [ -d "${APP_ROOT}/containers" ] && [ -n "${LOG_ROOT}" ]; then
rsync -a --include='*/' --include='*.log' --exclude='*' \
"${APP_ROOT}/containers/" \
"${LOG_ROOT}/containers/"
fi
if [ -n "${LOG_ROOT}" ] && [ -d "${LOG_ROOT}" ] ; then
echo "Collecting logs from ${LOG_ROOT}..."
tar czf container-logs.tar.gz -C "$(dirname "${LOG_ROOT}")" "$(basename "${LOG_ROOT}")"
echo "Log archive created: container-logs.tar.gz"
fi
if [ -n "${APP_ROOT}" ] ; then
rm -rf "${APP_ROOT}"
echo "Removed data directory ${APP_ROOT}"
fi
- name: Upload logs if present
if: always()
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: container-test-logs
path: container-logs.tar.gz
retention-days: 14
if-no-files-found: ignore
- name: Save documentation artifact
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: api-docs
path: "./_site.tgz"
retention-days: 14
- name: Save package artifacts
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: container-package
path: ${{ github.workspace }}/outputs
uploadPages:
# Separate upload step required because upload-pages-artifact needs
# gtar which is not on the macOS runner.
name: Upload artifact for GitHub Pages
needs: buildAndTest
timeout-minutes: 5
runs-on: ubuntu-latest
steps:
- name: Setup Pages
uses: actions/configure-pages@v5
- name: Download a single artifact
uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0
with:
name: api-docs
- name: Add API docs to documentation
run: |
tar xfz _site.tgz
- name: Upload Artifact
uses: actions/upload-pages-artifact@v4
with:
path: "./_site"
================================================
FILE: .github/workflows/docs-release.yml
================================================
# Manual workflow for releasing docs ad-hoc. Workflow can only be run for main or release branches.
# Workflow does NOT publish a release of container.
name: Deploy application website
permissions:
contents: read
on:
workflow_dispatch:
jobs:
checkBranch:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags') || startsWith(github.ref, 'refs/heads/release')
steps:
- name: Branch validation
env:
REF_NAME: ${{ github.ref_name }}
run: echo "Branch ${REF_NAME} is allowed"
buildSite:
name: Build application website
needs: checkBranch
uses: ./.github/workflows/common.yml
secrets: inherit
permissions:
contents: read
packages: write
pages: write
deployDocs:
runs-on: ubuntu-latest
needs: [checkBranch, buildSite]
permissions:
contents: read
pages: write
id-token: write
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
================================================
FILE: .github/workflows/merge-build.yml
================================================
name: container project - merge build
permissions:
contents: read
on:
push:
branches:
- main
- release/*
jobs:
build:
name: Invoke build
uses: ./.github/workflows/common.yml
with:
release: true
secrets: inherit
permissions:
contents: read
packages: read
pages: write
================================================
FILE: .github/workflows/pr-build.yml
================================================
name: container project - PR build
permissions:
contents: read
on:
pull_request:
types: [opened, reopened, synchronize]
jobs:
verify-signatures:
name: Verify commit signatures
runs-on: ubuntu-latest
steps:
- name: Check all commits are signed
env:
GH_TOKEN: ${{ github.token }}
REPO: ${{ github.repository }}
PR_NUMBER: ${{ github.event.pull_request.number }}
run: |
commits=$(gh api "repos/${REPO}/pulls/${PR_NUMBER}/commits" --paginate)
unsigned_commits=""
while IFS='|' read -r sha author verified; do
if [ "$verified" != "true" ]; then
unsigned_commits="$unsigned_commits - $sha by $author\n"
fi
done < <(echo "$commits" | jq -r '.[] | "\(.sha)|\(.commit.author.name)|\(.commit.verification.verified)"')
if [ -n "$unsigned_commits" ]; then
echo "::error::The following commits are not signed:"
echo -e "$unsigned_commits"
echo ""
echo "Please sign your commits. See:"
echo " - https://github.com/apple/containerization/blob/main/CONTRIBUTING.md#pull-requests"
echo " - https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits"
exit 1
fi
echo "All commits are signed!"
build:
name: Invoke build
uses: ./.github/workflows/common.yml
with:
release: false
secrets: inherit
permissions:
contents: read
packages: read
pages: write
================================================
FILE: .github/workflows/pr-label-analysis.yml
================================================
name: PR Label Analysis
on:
pull_request:
types: [opened]
permissions:
contents: read
jobs:
analyze:
name: Analyze PR for labeling
runs-on: ubuntu-latest
steps:
- name: Save PR metadata
env:
PR_NUMBER: ${{ github.event.pull_request.number }}
run: |
mkdir -p ./pr-metadata
echo "${PR_NUMBER}" > ./pr-metadata/pr-number.txt
- name: Upload PR metadata as artifact
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: pr-metadata-${{ github.event.pull_request.number }}
path: pr-metadata/
retention-days: 1
================================================
FILE: .github/workflows/pr-label-apply.yml
================================================
name: PR Label Apply
on:
workflow_run:
workflows: ["PR Label Analysis"]
types:
- completed
permissions:
contents: read
jobs:
apply-labels:
name: Apply labels to PR
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.conclusion == 'success' }}
permissions:
contents: read
pull-requests: write
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Download PR metadata artifact
uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
run-id: ${{ github.event.workflow_run.id }}
pattern: pr-metadata-*
merge-multiple: false
id: download-artifact
- name: Read PR number
id: pr-number
run: |
PR_NUMBER=$(cat "pr-number.txt")
echo "number=${PR_NUMBER}" >> $GITHUB_OUTPUT
echo "PR Number: ${PR_NUMBER}"
- name: Apply labels using labeler
uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6
with:
pr-number: ${{ steps.pr-number.outputs.number }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
configuration-path: .github/labeler.yml
sync-labels: true
================================================
FILE: .github/workflows/release-build.yml
================================================
name: container project - release build
permissions:
contents: read
on:
push:
tags:
- "[0-9]+\\.[0-9]+\\.[0-9]+"
jobs:
build:
name: Invoke build and release
uses: ./.github/workflows/common.yml
with:
release: true
secrets: inherit
permissions:
contents: read
packages: read
pages: write
release:
if: startsWith(github.ref, 'refs/tags/')
name: Publish release
timeout-minutes: 30
needs: build
runs-on: ubuntu-latest
permissions:
contents: write
packages: read
pages: write
steps:
- name: Download artifacts
uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0
with:
path: outputs
- name: Verify artifacts exist
run: |
echo "Checking for expected artifacts..."
ls -la outputs/container-package/
test -e outputs/container-package/*.zip || (echo "Missing .zip file!" && exit 1)
test -e outputs/container-package/*.pkg || (echo "Missing .pkg file!" && exit 1)
- name: Create release
uses: softprops/action-gh-release@v2
with:
token: ${{ github.token }}
name: ${{ github.ref_name }}-prerelease
draft: true
make_latest: false
prerelease: true
fail_on_unmatched_files: true
files: |
outputs/container-package/*.zip
outputs/container-package/*.pkg
================================================
FILE: .github/workflows/release.yml
================================================
name: container project - release build
permissions:
contents: read
on:
push:
tags:
- "[0-9]+\\.[0-9]+\\.[0-9]+"
jobs:
build:
name: Invoke build and release
uses: ./.github/workflows/common.yml
with:
release: true
secrets: inherit
permissions:
contents: read
packages: read
pages: write
release:
if: startsWith(github.ref, 'refs/tags/')
name: Publish release
timeout-minutes: 30
needs: build
runs-on: ubuntu-latest
permissions:
contents: write
packages: read
pages: write
steps:
- name: Download artifacts
uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0
with:
path: outputs
- name: Verify artifacts exist
run: |
echo "Checking for expected artifacts..."
ls -la outputs/container-package/
test -e outputs/container-package/*.zip || (echo "Missing .zip file!" && exit 1)
test -e outputs/container-package/*.pkg || (echo "Missing .pkg file!" && exit 1)
- name: Create release
uses: softprops/action-gh-release@v2
with:
token: ${{ github.token }}
name: ${{ github.ref_name }}-prerelease
draft: true
make_latest: false
prerelease: true
fail_on_unmatched_files: true
files: |
outputs/container-package/*.zip
outputs/container-package/*.pkg
================================================
FILE: .gitignore
================================================
.DS_Store
bin
libexec
.build
.local
xcuserdata/
DerivedData/
Packages/
.swiftpm/
.netrc
.swiftpm
api-docs/
workdir/
installer/
.venv/
.claude/
.clitests/
test_results/
*.pid
*.log
*.zip
*.o
*.ext4
*.pkg
*.swp
# API docs for local preview only.
_site/
_serve/
================================================
FILE: .spi.yml
================================================
version: 1
builder:
configs:
-
documentation_targets:
- ContainerAPIService
- ContainerAPIClient
- ContainerSandboxService
- ContainerSandboxServiceClient
- ContainerNetworkService
- ContainerNetworkServiceClient
- ContainerImagesService
- ContainerImagesServiceClient
- ContainerResource
- ContainerLog
- ContainerPlugin
- ContainerXPC
- TerminalProgress
swift_version: '6.2'
================================================
FILE: .swift-format
================================================
{
"fileScopedDeclarationPrivacy" : {
"accessLevel" : "private"
},
"indentation" : {
"spaces" : 4
},
"indentConditionalCompilationBlocks" : false,
"indentSwitchCaseLabels" : false,
"lineBreakAroundMultilineExpressionChainComponents" : false,
"lineBreakBeforeControlFlowKeywords" : false,
"lineBreakBeforeEachArgument" : false,
"lineBreakBeforeEachGenericRequirement" : false,
"lineLength" : 180,
"maximumBlankLines" : 1,
"multiElementCollectionTrailingCommas" : true,
"noAssignmentInExpressions" : {
"allowedFunctions" : [
"XCTAssertNoThrow"
]
},
"prioritizeKeepingFunctionOutputTogether" : false,
"respectsExistingLineBreaks" : true,
"rules" : {
"AllPublicDeclarationsHaveDocumentation" : false,
"AlwaysUseLowerCamelCase" : true,
"AmbiguousTrailingClosureOverload" : false,
"BeginDocumentationCommentWithOneLineSummary" : false,
"DoNotUseSemicolons" : true,
"DontRepeatTypeInStaticProperties" : true,
"FileScopedDeclarationPrivacy" : true,
"FullyIndirectEnum" : true,
"GroupNumericLiterals" : true,
"IdentifiersMustBeASCII" : true,
"NeverForceUnwrap" : true,
"NeverUseForceTry" : true,
"NeverUseImplicitlyUnwrappedOptionals" : true,
"NoAccessLevelOnExtensionDeclaration" : true,
"NoAssignmentInExpressions" : true,
"NoBlockComments" : false,
"NoCasesWithOnlyFallthrough" : true,
"NoEmptyTrailingClosureParentheses" : true,
"NoLabelsInCasePatterns" : true,
"NoLeadingUnderscores" : false,
"NoParensAroundConditions" : true,
"NoPlaygroundLiterals" : true,
"NoVoidReturnOnFunctionSignature" : true,
"OmitExplicitReturns" : true,
"OneCasePerLine" : true,
"OneVariableDeclarationPerLine" : true,
"OnlyOneTrailingClosureArgument" : true,
"OrderedImports" : true,
"ReplaceForEachWithForLoop" : true,
"ReturnVoidInsteadOfEmptyTuple" : true,
"TypeNamesShouldBeCapitalized" : true,
"UseEarlyExits" : true,
"UseLetInEveryBoundCaseVariable" : true,
"UseShorthandTypeNames" : true,
"UseSingleLinePropertyGetter" : true,
"UseSynthesizedInitializer" : true,
"UseTripleSlashForDocumentationComments" : true,
"UseWhereClausesInForLoops" : false,
"ValidateDocumentationComments" : true
},
"spacesAroundRangeFormationOperators" : false,
"tabWidth" : 2,
"version" : 1
}
================================================
FILE: .swift-format-nolint
================================================
{
"fileScopedDeclarationPrivacy" : {
"accessLevel" : "private"
},
"indentation" : {
"spaces" : 4
},
"indentConditionalCompilationBlocks" : false,
"indentSwitchCaseLabels" : false,
"lineBreakAroundMultilineExpressionChainComponents" : false,
"lineBreakBeforeControlFlowKeywords" : false,
"lineBreakBeforeEachArgument" : false,
"lineBreakBeforeEachGenericRequirement" : false,
"lineLength" : 180,
"maximumBlankLines" : 1,
"multiElementCollectionTrailingCommas" : true,
"noAssignmentInExpressions" : {
"allowedFunctions" : [
"XCTAssertNoThrow"
]
},
"prioritizeKeepingFunctionOutputTogether" : false,
"respectsExistingLineBreaks" : true,
"rules" : {
"AllPublicDeclarationsHaveDocumentation" : false,
"AlwaysUseLowerCamelCase" : false,
"AmbiguousTrailingClosureOverload" : false,
"BeginDocumentationCommentWithOneLineSummary" : false,
"DoNotUseSemicolons" : true,
"DontRepeatTypeInStaticProperties" : false,
"FileScopedDeclarationPrivacy" : false,
"FullyIndirectEnum" : false,
"GroupNumericLiterals" : false,
"IdentifiersMustBeASCII" : false,
"NeverForceUnwrap" : false,
"NeverUseForceTry" : false,
"NeverUseImplicitlyUnwrappedOptionals" : false,
"NoAccessLevelOnExtensionDeclaration" : false,
"NoAssignmentInExpressions" : false,
"NoBlockComments" : false,
"NoCasesWithOnlyFallthrough" : false,
"NoEmptyTrailingClosureParentheses" : true,
"NoLabelsInCasePatterns" : false,
"NoLeadingUnderscores" : false,
"NoParensAroundConditions" : true,
"NoPlaygroundLiterals" : false,
"NoVoidReturnOnFunctionSignature" : true,
"OmitExplicitReturns" : false,
"OneCasePerLine" : true,
"OneVariableDeclarationPerLine" : true,
"OnlyOneTrailingClosureArgument" : false,
"OrderedImports" : true,
"ReplaceForEachWithForLoop" : false,
"ReturnVoidInsteadOfEmptyTuple" : false,
"TypeNamesShouldBeCapitalized" : false,
"UseEarlyExits" : false,
"UseLetInEveryBoundCaseVariable" : false,
"UseShorthandTypeNames" : true,
"UseSingleLinePropertyGetter" : true,
"UseSynthesizedInitializer" : false,
"UseTripleSlashForDocumentationComments" : true,
"UseWhereClausesInForLoops" : false,
"ValidateDocumentationComments" : false
},
"spacesAroundRangeFormationOperators" : false,
"tabWidth" : 2,
"version" : 1
}
================================================
FILE: BUILDING.md
================================================
# Building the project
To build the `container` project, you need:
- Mac with Apple silicon
- macOS 15 minimum, macOS 26 recommended
- Xcode 26, set as the [active developer directory](https://developer.apple.com/library/archive/technotes/tn2339/_index.html#//apple_ref/doc/uid/DTS40014588-CH1-HOW_DO_I_SELECT_THE_DEFAULT_VERSION_OF_XCODE_TO_USE_FOR_MY_COMMAND_LINE_TOOLS_)
> [!IMPORTANT]
> There is a bug in the `vmnet` framework on macOS 26 that causes network creation to fail if the `container` helper applications are located under your `Documents` or `Desktop` directories. If you use `make install`, you can simply run the `container` binary in `/usr/local`. If you prefer to use the binaries that `make all` creates in your project `bin` and `libexec` directories, locate your project elsewhere, such as `~/projects/container`, until this issue is resolved.
## Compile and test
Build `container` and the background services from source, and run basic and integration tests:
```bash
make all test integration
```
Copy the binaries to `/usr/local/bin` and `/usr/local/libexec` (requires entering an administrator password):
```bash
make install
```
Or to install a release build, with better performance than the debug build:
```bash
BUILD_CONFIGURATION=release make all test integration
BUILD_CONFIGURATION=release make install
```
## Compile protobufs
`container` uses gRPC to communicate to the builder virtual machine that creates images from `Dockerfile`s, and depends on specific versions of `grpc-swift` and `swift-protobuf`. If you make changes to the gRPC APIs in the [container-builder-shim](https://github.com/apple/container-builder-shim) project, install the tools and re-generate the gRPC code in this project using:
```bash
make protos
```
## Develop using a local copy of Containerization
To make changes to `container` that require changes to the Containerization project, or vice versa:
1. Clone the [Containerization](https://github.com/apple/containerization) repository such that it sits next to your clone
of the `container` repository. Ensure that you [follow containerization instructions](https://github.com/apple/containerization/blob/main/README.md#prepare-to-build-package)
to prepare your build environment.
2. In your development shell, go to the `container` project directory.
```bash
cd container
```
3. If the `container` services are already running, stop them.
```bash
bin/container system stop
```
4. Reconfigure the Swift project to use your local `containerization` package and update your `Package.resolved` file.
```bash
/usr/bin/swift package edit --path ../containerization containerization
/usr/bin/swift package update containerization
```
> [!IMPORTANT]
> If you are using Xcode, do **not** run `swift package edit`. Instead, temporarily modify `Package.swift` to replace the versioned `containerization` dependency:
>
> ```swift
> .package(url: "https://github.com/apple/containerization.git", exact: Version(stringLiteral: scVersion)),
> ```
>
> with the local path dependency:
>
> ```swift
> .package(path: "../containerization"),
> ```
>
> **Note:** If you have already run `swift package edit`, whether intentionally or by accident, follow the steps in the next section to restore the normal `containerization` dependency. Otherwise, the modified `Package.swift` file will not work, and the project may fail to build.
5. If you want `container` to use any changes you made in the `vminit` subproject of Containerization, update the system property to use the locally built init filesystem image:
```bash
container system property set image.init vminit:latest
```
6. Build `container`.
```
make clean all
```
7. Restart the `container` services.
```
bin/container system stop
bin/container system start
```
To revert to using the Containerization dependency from your `Package.swift`:
1. If you were using the local init filesystem, revert the system property to its default value:
```bash
container system property clear image.init
```
2. Use the Swift package manager to restore the normal `containerization` dependency and update your `Package.resolved` file. If you are using Xcode, revert your `Package.swift` change instead of using `swift package unedit`.
```bash
/usr/bin/swift package unedit containerization
/usr/bin/swift package update containerization
```
3. Rebuild `container`.
```bash
make clean all
```
4. Restart the `container` services.
```bash
bin/container system stop
bin/container system start
```
## Develop using a local copy of container-builder-shim
To test changes that require the `container-builder-shim` project:
1. Clone the [container-builder-shim](https://github.com/apple/container-builder-shim) repository and navigate to its directory.
2. After making the necessary changes, build the custom builder image, set it as the active builder image, and remove the existing `buildkit` container so the new image will be used:
```bash
container build -t builder .
container system property set image.builder builder:latest
container rm -f buildkit
```
3. Run the `container` build as usual:
```bash
container build ...
```
> [!IMPORTANT]
> If your modified builder image is broken, make sure to rebuild and correctly tag the builder image before attempting to build `container-builder-shim` again.
## Debug XPC Helpers
Attach debugger to the XPC helpers using their launchd service labels:
1. Find launchd service labels:
```console
% container system start
% container run -d --name test debian:bookworm sleep infinity
test
% launchctl list | grep container
27068 0 com.apple.container.container-network-vmnet.default
27072 0 com.apple.container.container-core-images
26980 0 com.apple.container.apiserver
27331 0 com.apple.container.container-runtime-linux.test
```
2. Stop container and start again after setting the environment variable `CONTAINER_DEBUG_LAUNCHD_LABEL` to the label of service to attach debugger. Services whose label starts with the `CONTAINER_DEBUG_LAUNCHD_LABEL` will wait the debugger:
```console
% export CONTAINER_DEBUG_LAUNCHD_LABEL=com.apple.container.container-runtime-linux.test
% container system start # Only the service `com.apple.container.container-runtime-linux.test` waits debugger
```
```console
% export CONTAINER_DEBUG_LAUNCHD_LABEL=com.apple.container.container-runtime-linux
% container system start # Every service starting with `com.apple.container.container-runtime-linux` waits debugger
```
3. Run the command to launch the service, and attach debugger:
```console
% container run -it --name test debian:bookworm
⠧ [6/6] Starting container [0s] # It hangs as the service is waiting for debugger
```
## Pre-commit hook
Run `make pre-commit` to install a pre-commit hook that ensures that your changes have correct formatting and license headers when you run `git commit`.
================================================
FILE: CONTRIBUTING.md
================================================
# Contributing
Contributions are welcome and encouraged! Read our [main contributing guide](https://github.com/apple/containerization/blob/main/CONTRIBUTING.md) to get started.
================================================
FILE: LICENSE
================================================
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
================================================
FILE: MAINTAINERS.txt
================================================
# Maintainers
See [MAINTAINERS](https://github.com/apple/containerization/blob/main/MAINTAINERS.txt) for the list of current and former maintainers of this project. Thank you for all your contributions!
================================================
FILE: Makefile
================================================
# Copyright © 2025-2026 Apple Inc. and the container project authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Version and build configuration variables
BUILD_CONFIGURATION ?= debug
WARNINGS_AS_ERRORS ?= true
SWIFT_CONFIGURATION := $(if $(filter-out false,$(WARNINGS_AS_ERRORS)),-Xswiftc -warnings-as-errors)
export RELEASE_VERSION ?= $(shell git describe --tags --always)
export GIT_COMMIT := $(shell git rev-parse HEAD)
# Commonly used locations
SWIFT := "/usr/bin/swift"
DEST_DIR ?= /usr/local/
ROOT_DIR := $(shell git rev-parse --show-toplevel)
BUILD_BIN_DIR = $(shell $(SWIFT) build -c $(BUILD_CONFIGURATION) --show-bin-path)
COV_DATA_DIR = $(shell $(SWIFT) test --show-coverage-path | xargs dirname)
COV_REPORT_FILE = $(ROOT_DIR)/code-coverage-report
STAGING_DIR := bin/$(BUILD_CONFIGURATION)/staging/
PKG_PATH := bin/$(BUILD_CONFIGURATION)/container-installer-unsigned.pkg
DSYM_DIR := bin/$(BUILD_CONFIGURATION)/bundle/container-dSYM
DSYM_PATH := bin/$(BUILD_CONFIGURATION)/bundle/container-dSYM.zip
CODESIGN_OPTS ?= --force --sign - --timestamp=none
# Conditionally use a temporary data directory for integration tests
SYSTEM_START_OPTS :=
ifneq ($(strip $(APP_ROOT)),)
SYSTEM_START_OPTS += --app-root "$(strip $(APP_ROOT))"
endif
ifneq ($(strip $(LOG_ROOT)),)
SYSTEM_START_OPTS += --log-root "$(strip $(LOG_ROOT))"
endif
MACOS_VERSION := $(shell sw_vers -productVersion)
MACOS_MAJOR := $(shell echo $(MACOS_VERSION) | cut -d. -f1)
SUDO ?= sudo
.DEFAULT_GOAL := all
include Protobuf.Makefile
.PHONY: all
all: container
all: init-block
.PHONY: build
build:
@echo Building container binaries...
@$(SWIFT) --version
@$(SWIFT) build -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION)
.PHONY: cli
cli:
@echo Building container CLI...
@$(SWIFT) --version
@$(SWIFT) build -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --product container
@echo Installing container CLI to bin/...
@mkdir -p bin
@install "$(BUILD_BIN_DIR)/container" "bin/container"
.PHONY: container
# Install binaries under project directory
container: build
@"$(MAKE)" BUILD_CONFIGURATION=$(BUILD_CONFIGURATION) DEST_DIR="$(ROOT_DIR)/" SUDO= install
.PHONY: release
release: BUILD_CONFIGURATION = release
release: all
.PHONY: init-block
init-block:
@echo Building initfs if containerization is in edit mode
@scripts/install-init.sh $(SYSTEM_START_OPTS)
.PHONY: install
install: installer-pkg
@echo Installing container installer package
@if [ -z "$(SUDO)" ] ; then \
temp_dir=$$(mktemp -d) ; \
xar -xf $(PKG_PATH) -C $${temp_dir} ; \
(cd "$(DEST_DIR)" && pax -rz -f $${temp_dir}/Payload) ; \
rm -rf $${temp_dir} ; \
else \
$(SUDO) installer -pkg $(PKG_PATH) -target / ; \
fi
$(STAGING_DIR):
@echo Installing container binaries from "$(BUILD_BIN_DIR)" into "$(STAGING_DIR)"...
@rm -rf "$(STAGING_DIR)"
@mkdir -p "$(join $(STAGING_DIR), bin)"
@mkdir -p "$(join $(STAGING_DIR), libexec/container/plugins/container-runtime-linux/bin)"
@mkdir -p "$(join $(STAGING_DIR), libexec/container/plugins/container-network-vmnet/bin)"
@mkdir -p "$(join $(STAGING_DIR), libexec/container/plugins/container-core-images/bin)"
@install "$(BUILD_BIN_DIR)/container" "$(join $(STAGING_DIR), bin/container)"
@install "$(BUILD_BIN_DIR)/container-apiserver" "$(join $(STAGING_DIR), bin/container-apiserver)"
@install "$(BUILD_BIN_DIR)/container-runtime-linux" "$(join $(STAGING_DIR), libexec/container/plugins/container-runtime-linux/bin/container-runtime-linux)"
@install config/container-runtime-linux-config.json "$(join $(STAGING_DIR), libexec/container/plugins/container-runtime-linux/config.json)"
@install "$(BUILD_BIN_DIR)/container-network-vmnet" "$(join $(STAGING_DIR), libexec/container/plugins/container-network-vmnet/bin/container-network-vmnet)"
@install config/container-network-vmnet-config.json "$(join $(STAGING_DIR), libexec/container/plugins/container-network-vmnet/config.json)"
@install "$(BUILD_BIN_DIR)/container-core-images" "$(join $(STAGING_DIR), libexec/container/plugins/container-core-images/bin/container-core-images)"
@install config/container-core-images-config.json "$(join $(STAGING_DIR), libexec/container/plugins/container-core-images/config.json)"
@echo Install update script
@install scripts/update-container.sh "$(join $(STAGING_DIR), bin/update-container.sh)"
@echo Install uninstaller script
@install scripts/uninstall-container.sh "$(join $(STAGING_DIR), bin/uninstall-container.sh)"
.PHONY: installer-pkg
installer-pkg: $(STAGING_DIR)
@echo Signing container binaries...
@codesign $(CODESIGN_OPTS) --identifier com.apple.container.cli "$(join $(STAGING_DIR), bin/container)"
@codesign $(CODESIGN_OPTS) --identifier com.apple.container.apiserver "$(join $(STAGING_DIR), bin/container-apiserver)"
@codesign $(CODESIGN_OPTS) --prefix=com.apple.container. "$(join $(STAGING_DIR), libexec/container/plugins/container-core-images/bin/container-core-images)"
@codesign $(CODESIGN_OPTS) --prefix=com.apple.container. --entitlements=signing/container-runtime-linux.entitlements "$(join $(STAGING_DIR), libexec/container/plugins/container-runtime-linux/bin/container-runtime-linux)"
@codesign $(CODESIGN_OPTS) --prefix=com.apple.container. --entitlements=signing/container-network-vmnet.entitlements "$(join $(STAGING_DIR), libexec/container/plugins/container-network-vmnet/bin/container-network-vmnet)"
@echo Creating application installer
@pkgbuild --root "$(STAGING_DIR)" --identifier com.apple.container-installer --install-location /usr/local --version ${RELEASE_VERSION} $(PKG_PATH)
@rm -rf "$(STAGING_DIR)"
.PHONY: dsym
dsym:
@echo Copying debug symbols...
@rm -rf "$(DSYM_DIR)"
@mkdir -p "$(DSYM_DIR)"
@cp -a "$(BUILD_BIN_DIR)/container-runtime-linux.dSYM" "$(DSYM_DIR)"
@cp -a "$(BUILD_BIN_DIR)/container-network-vmnet.dSYM" "$(DSYM_DIR)"
@cp -a "$(BUILD_BIN_DIR)/container-core-images.dSYM" "$(DSYM_DIR)"
@cp -a "$(BUILD_BIN_DIR)/container-apiserver.dSYM" "$(DSYM_DIR)"
@cp -a "$(BUILD_BIN_DIR)/container.dSYM" "$(DSYM_DIR)"
@echo Packaging the debug symbols...
@(cd "$(dir $(DSYM_DIR))" ; zip -r $(notdir $(DSYM_PATH)) $(notdir $(DSYM_DIR)))
.PHONY: test
test:
@$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --skip TestCLI
.PHONY: install-kernel
install-kernel:
@echo Stopping system before installing kernel
@bin/container system stop || true
@echo Starting system to install kernel
@bin/container --debug system start --timeout 60 --enable-kernel-install $(SYSTEM_START_OPTS)
.PHONY: coverage
coverage: init-block
@echo Ensuring apiserver stopped before the coverage analysis
@bin/container system stop && sleep 3 && scripts/ensure-container-stopped.sh
@bin/container --debug system start $(SYSTEM_START_OPTS) && \
echo "Starting coverage analysis" && \
{ \
exit_code=0; \
$(SWIFT) test --no-parallel --enable-code-coverage -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) || exit_code=1 ; \
echo Ensuring apiserver stopped after the CLI integration tests ; \
scripts/ensure-container-stopped.sh ; \
echo Generating code coverage report... ; \
xcrun llvm-profdata merge -sparse $(COV_DATA_DIR)/*.profraw -o $(COV_DATA_DIR)/default.profdata ; \
xcrun llvm-cov show --compilation-dir=`pwd` \
-instr-profile=$(COV_DATA_DIR)/default.profdata \
--ignore-filename-regex=".build/" \
--ignore-filename-regex=".pb.swift" \
--ignore-filename-regex=".proto" \
--ignore-filename-regex=".grpc.swift" \
$(BUILD_BIN_DIR)/containerPackageTests.xctest/Contents/MacOS/containerPackageTests > $(COV_REPORT_FILE) ; \
echo Code coverage report generated: $(COV_REPORT_FILE) ; \
exit $${exit_code} ; \
}
.PHONY: integration
integration: init-block
@echo Ensuring apiserver stopped before the CLI integration tests...
@bin/container system stop && sleep 3 && scripts/ensure-container-stopped.sh
@echo Running the integration tests...
@bin/container --debug system start --timeout 60 $(SYSTEM_START_OPTS) && \
echo "Starting CLI integration tests" && \
{ \
exit_code=0; \
CLITEST_LOG_ROOT=$(LOG_ROOT) && export CLITEST_LOG_ROOT ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLINetwork || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIRunLifecycle || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIExecCommand || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLICreateCommand || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIRunCommand1 || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIRunCommand2 || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIRunCommand3 || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIPruneCommand || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIRegistry || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIStatsCommand || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIImagesCommand || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIRunBase || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIRunInitImage || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIBuildBase || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIExportCommand || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIVolumes || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIKernelSet || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLIAnonymousVolumes || exit_code=1 ; \
$(SWIFT) test -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --filter TestCLINoParallelCases || exit_code=1 ; \
echo Ensuring apiserver stopped after the CLI integration tests ; \
scripts/ensure-container-stopped.sh ; \
exit $${exit_code} ; \
}
.PHONY: fmt
fmt: swift-fmt update-licenses
.PHONY: check
check: swift-fmt-check check-licenses
.PHONY: swift-fmt
SWIFT_SRC = $(shell find . -type f -name '*.swift' -not -path "*/.*" -not -path "*.pb.swift" -not -path "*.grpc.swift" -not -path "*/checkouts/*")
swift-fmt:
@echo Applying the standard code formatting...
@$(SWIFT) format --recursive --configuration .swift-format -i $(SWIFT_SRC)
swift-fmt-check:
@echo Applying the standard code formatting...
@$(SWIFT) format lint --recursive --strict --configuration .swift-format-nolint $(SWIFT_SRC)
.PHONY: update-licenses
update-licenses:
@echo Updating license headers...
@./scripts/ensure-hawkeye-exists.sh
@.local/bin/hawkeye format --fail-if-unknown --fail-if-updated false
.PHONY: check-licenses
check-licenses:
@echo Checking license headers existence in source files...
@./scripts/ensure-hawkeye-exists.sh
@.local/bin/hawkeye check --fail-if-unknown
.PHONY: pre-commit
pre-commit:
cp Scripts/pre-commit.fmt .git/hooks
touch .git/hooks/pre-commit
cat .git/hooks/pre-commit | grep -v 'hooks/pre-commit\.fmt' > /tmp/pre-commit.new || true
echo 'PRECOMMIT_NOFMT=$${PRECOMMIT_NOFMT} $$(git rev-parse --show-toplevel)/.git/hooks/pre-commit.fmt' >> /tmp/pre-commit.new
mv /tmp/pre-commit.new .git/hooks/pre-commit
chmod +x .git/hooks/pre-commit
.PHONY: serve-docs
serve-docs:
@echo 'to browse: open http://127.0.0.1:8000/container/documentation/'
@rm -rf _serve
@mkdir -p _serve
@cp -a _site _serve/container
@python3 -m http.server --bind 127.0.0.1 --directory ./_serve
.PHONY: docs
docs:
@echo Updating API documentation...
@rm -rf _site
@scripts/make-docs.sh _site container
.PHONY: cleancontent
cleancontent:
@bin/container system stop || true
@echo Cleaning the content...
@rm -rf ~/Library/Application\ Support/com.apple.container
.PHONY: clean
clean:
@echo Cleaning build files...
@rm -rf bin/ libexec/
@rm -rf _site _serve
@rm -f $(COV_REPORT_FILE)
@$(SWIFT) package clean
================================================
FILE: Package.resolved
================================================
{
"originHash" : "4ec05f4e83999a89d3397d0657536924d4a425d7f0e3f0fd6a3578e34c924502",
"pins" : [
{
"identity" : "async-http-client",
"kind" : "remoteSourceControl",
"location" : "https://github.com/swift-server/async-http-client.git",
"state" : {
"revision" : "60235983163d040f343a489f7e2e77c1918a8bd9",
"version" : "1.26.1"
}
},
{
"identity" : "containerization",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/containerization.git",
"state" : {
"revision" : "420b915d8b4b0bc5d7edc638b985ee8fd32a3fbe",
"version" : "0.29.0"
}
},
{
"identity" : "grpc-swift",
"kind" : "remoteSourceControl",
"location" : "https://github.com/grpc/grpc-swift.git",
"state" : {
"revision" : "a56a157218877ef3e9625f7e1f7b2cb7e46ead1b",
"version" : "1.26.1"
}
},
{
"identity" : "swift-algorithms",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-algorithms.git",
"state" : {
"revision" : "87e50f483c54e6efd60e885f7f5aa946cee68023",
"version" : "1.2.1"
}
},
{
"identity" : "swift-argument-parser",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-argument-parser.git",
"state" : {
"revision" : "309a47b2b1d9b5e991f36961c983ecec72275be3",
"version" : "1.6.1"
}
},
{
"identity" : "swift-asn1",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-asn1.git",
"state" : {
"revision" : "f70225981241859eb4aa1a18a75531d26637c8cc",
"version" : "1.4.0"
}
},
{
"identity" : "swift-async-algorithms",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-async-algorithms.git",
"state" : {
"revision" : "6c050d5ef8e1aa6342528460db614e9770d7f804",
"version" : "1.1.1"
}
},
{
"identity" : "swift-atomics",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-atomics.git",
"state" : {
"revision" : "b601256eab081c0f92f059e12818ac1d4f178ff7",
"version" : "1.3.0"
}
},
{
"identity" : "swift-certificates",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-certificates.git",
"state" : {
"revision" : "133a347911b6ad0fc8fe3bf46ca90c66cff97130",
"version" : "1.17.0"
}
},
{
"identity" : "swift-collections",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-collections.git",
"state" : {
"revision" : "8c0c0a8b49e080e54e5e328cc552821ff07cd341",
"version" : "1.2.1"
}
},
{
"identity" : "swift-crypto",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-crypto.git",
"state" : {
"revision" : "334e682869394ee239a57dbe9262bff3cd9495bd",
"version" : "3.14.0"
}
},
{
"identity" : "swift-docc-plugin",
"kind" : "remoteSourceControl",
"location" : "https://github.com/swiftlang/swift-docc-plugin.git",
"state" : {
"revision" : "3e4f133a77e644a5812911a0513aeb7288b07d06",
"version" : "1.4.5"
}
},
{
"identity" : "swift-docc-symbolkit",
"kind" : "remoteSourceControl",
"location" : "https://github.com/swiftlang/swift-docc-symbolkit",
"state" : {
"revision" : "b45d1f2ed151d057b54504d653e0da5552844e34",
"version" : "1.0.0"
}
},
{
"identity" : "swift-http-structured-headers",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-http-structured-headers.git",
"state" : {
"revision" : "76d7627bd88b47bf5a0f8497dd244885960dde0b",
"version" : "1.6.0"
}
},
{
"identity" : "swift-http-types",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-http-types.git",
"state" : {
"revision" : "45eb0224913ea070ec4fba17291b9e7ecf4749ca",
"version" : "1.5.1"
}
},
{
"identity" : "swift-log",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-log.git",
"state" : {
"revision" : "ce592ae52f982c847a4efc0dd881cc9eb32d29f2",
"version" : "1.6.4"
}
},
{
"identity" : "swift-nio",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-nio.git",
"state" : {
"revision" : "1c30f0f2053b654e3d1302492124aa6d242cdba7",
"version" : "2.86.0"
}
},
{
"identity" : "swift-nio-extras",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-nio-extras.git",
"state" : {
"revision" : "a55c3dd3a81d035af8a20ce5718889c0dcab073d",
"version" : "1.29.0"
}
},
{
"identity" : "swift-nio-http2",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-nio-http2.git",
"state" : {
"revision" : "5e9e99ec96c53bc2c18ddd10c1e25a3cd97c55e5",
"version" : "1.38.0"
}
},
{
"identity" : "swift-nio-ssl",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-nio-ssl.git",
"state" : {
"revision" : "173cc69a058623525a58ae6710e2f5727c663793",
"version" : "2.36.0"
}
},
{
"identity" : "swift-nio-transport-services",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-nio-transport-services.git",
"state" : {
"revision" : "e645014baea2ec1c2db564410c51a656cf47c923",
"version" : "1.25.1"
}
},
{
"identity" : "swift-numerics",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-numerics.git",
"state" : {
"revision" : "0c0290ff6b24942dadb83a929ffaaa1481df04a2",
"version" : "1.1.1"
}
},
{
"identity" : "swift-protobuf",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-protobuf.git",
"state" : {
"revision" : "102a647b573f60f73afdce5613a51d71349fe507",
"version" : "1.30.0"
}
},
{
"identity" : "swift-service-lifecycle",
"kind" : "remoteSourceControl",
"location" : "https://github.com/swift-server/swift-service-lifecycle.git",
"state" : {
"revision" : "e7187309187695115033536e8fc9b2eb87fd956d",
"version" : "2.8.0"
}
},
{
"identity" : "swift-system",
"kind" : "remoteSourceControl",
"location" : "https://github.com/apple/swift-system.git",
"state" : {
"revision" : "890830fff1a577dc83134890c7984020c5f6b43b",
"version" : "1.6.2"
}
},
{
"identity" : "zstd",
"kind" : "remoteSourceControl",
"location" : "https://github.com/facebook/zstd.git",
"state" : {
"revision" : "f8745da6ff1ad1e7bab384bd1f9d742439278e99",
"version" : "1.5.7"
}
}
],
"version" : 3
}
================================================
FILE: Package.swift
================================================
// swift-tools-version: 6.2
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
// The swift-tools-version declares the minimum version of Swift required to build this package.
import Foundation
import PackageDescription
let releaseVersion = ProcessInfo.processInfo.environment["RELEASE_VERSION"] ?? "0.0.0"
let gitCommit = ProcessInfo.processInfo.environment["GIT_COMMIT"] ?? "unspecified"
let builderShimVersion = "0.10.0"
let scVersion = "0.29.0"
let package = Package(
name: "container",
platforms: [.macOS("15")],
products: [
.library(name: "ContainerCommands", targets: ["ContainerCommands"]),
.library(name: "ContainerBuild", targets: ["ContainerBuild"]),
.library(name: "ContainerAPIService", targets: ["ContainerAPIService"]),
.library(name: "ContainerAPIClient", targets: ["ContainerAPIClient"]),
.library(name: "ContainerImagesService", targets: ["ContainerImagesService", "ContainerImagesServiceClient"]),
.library(name: "ContainerNetworkService", targets: ["ContainerNetworkService", "ContainerNetworkServiceClient"]),
.library(name: "ContainerSandboxService", targets: ["ContainerSandboxService", "ContainerSandboxServiceClient"]),
.library(name: "ContainerResource", targets: ["ContainerResource"]),
.library(name: "ContainerLog", targets: ["ContainerLog"]),
.library(name: "ContainerPersistence", targets: ["ContainerPersistence"]),
.library(name: "ContainerPlugin", targets: ["ContainerPlugin"]),
.library(name: "ContainerVersion", targets: ["ContainerVersion"]),
.library(name: "ContainerXPC", targets: ["ContainerXPC"]),
.library(name: "ContainerOS", targets: ["ContainerOS"]),
.library(name: "SocketForwarder", targets: ["SocketForwarder"]),
.library(name: "TerminalProgress", targets: ["TerminalProgress"]),
],
dependencies: [
.package(url: "https://github.com/apple/containerization.git", exact: Version(stringLiteral: scVersion)),
.package(url: "https://github.com/apple/swift-argument-parser.git", from: "1.3.0"),
.package(url: "https://github.com/apple/swift-collections.git", from: "1.2.0"),
.package(url: "https://github.com/apple/swift-log.git", from: "1.0.0"),
.package(url: "https://github.com/apple/swift-nio.git", from: "2.80.0"),
.package(url: "https://github.com/apple/swift-protobuf.git", from: "1.29.0"),
.package(url: "https://github.com/apple/swift-system.git", from: "1.4.0"),
.package(url: "https://github.com/grpc/grpc-swift.git", from: "1.26.0"),
.package(url: "https://github.com/swift-server/async-http-client.git", from: "1.20.1"),
.package(url: "https://github.com/swiftlang/swift-docc-plugin.git", from: "1.1.0"),
],
targets: [
.executableTarget(
name: "container",
dependencies: [
.product(name: "ArgumentParser", package: "swift-argument-parser"),
"ContainerAPIClient",
"ContainerCommands",
],
path: "Sources/CLI"
),
.testTarget(
name: "CLITests",
dependencies: [
.product(name: "AsyncHTTPClient", package: "async-http-client"),
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationArchive", package: "containerization"),
.product(name: "ContainerizationExtras", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
"ContainerBuild",
"ContainerLog",
"ContainerResource",
],
path: "Tests/CLITests"
),
.target(
name: "ContainerCommands",
dependencies: [
.product(name: "ArgumentParser", package: "swift-argument-parser"),
.product(name: "Logging", package: "swift-log"),
.product(name: "SwiftProtobuf", package: "swift-protobuf"),
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationOCI", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
"ContainerBuild",
"ContainerAPIClient",
"ContainerLog",
"ContainerNetworkService",
"ContainerPersistence",
"ContainerPlugin",
"ContainerResource",
"ContainerVersion",
"ContainerXPC",
"TerminalProgress",
],
path: "Sources/ContainerCommands"
),
.target(
name: "ContainerBuild",
dependencies: [
.product(name: "Logging", package: "swift-log"),
.product(name: "NIO", package: "swift-nio"),
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationArchive", package: "containerization"),
.product(name: "ContainerizationOCI", package: "containerization"),
.product(name: "ArgumentParser", package: "swift-argument-parser"),
"ContainerAPIClient",
]
),
.testTarget(
name: "ContainerBuildTests",
dependencies: [
"ContainerBuild"
]
),
.executableTarget(
name: "container-apiserver",
dependencies: [
.product(name: "ArgumentParser", package: "swift-argument-parser"),
.product(name: "AsyncHTTPClient", package: "async-http-client"),
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationExtras", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
.product(name: "ContainerizationEXT4", package: "containerization"),
.product(name: "GRPC", package: "grpc-swift"),
.product(name: "Logging", package: "swift-log"),
"ContainerAPIService",
"ContainerAPIClient",
"ContainerLog",
"ContainerNetworkService",
"ContainerPersistence",
"ContainerPlugin",
"ContainerResource",
"ContainerVersion",
"ContainerXPC",
"ContainerOS",
"DNSServer",
],
path: "Sources/Helpers/APIServer"
),
.target(
name: "ContainerAPIService",
dependencies: [
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationArchive", package: "containerization"),
.product(name: "ContainerizationExtras", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
.product(name: "Logging", package: "swift-log"),
.product(name: "SystemPackage", package: "swift-system"),
"CVersion",
"ContainerAPIClient",
"ContainerNetworkServiceClient",
"ContainerPersistence",
"ContainerPlugin",
"ContainerResource",
"ContainerSandboxServiceClient",
"ContainerVersion",
"ContainerXPC",
"TerminalProgress",
],
path: "Sources/Services/ContainerAPIService/Server"
),
.target(
name: "ContainerAPIClient",
dependencies: [
.product(name: "ArgumentParser", package: "swift-argument-parser"),
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationArchive", package: "containerization"),
.product(name: "ContainerizationOCI", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
.product(name: "Logging", package: "swift-log"),
.product(name: "NIOCore", package: "swift-nio"),
.product(name: "NIOPosix", package: "swift-nio"),
.product(name: "SystemPackage", package: "swift-system"),
"ContainerImagesServiceClient",
"ContainerPersistence",
"ContainerPlugin",
"ContainerResource",
"ContainerXPC",
"TerminalProgress",
],
path: "Sources/Services/ContainerAPIService/Client"
),
.testTarget(
name: "ContainerAPIClientTests",
dependencies: [
.product(name: "Containerization", package: "containerization"),
"ContainerAPIClient",
"ContainerPersistence",
]
),
.executableTarget(
name: "container-core-images",
dependencies: [
.product(name: "ArgumentParser", package: "swift-argument-parser"),
.product(name: "Logging", package: "swift-log"),
.product(name: "Containerization", package: "containerization"),
.product(name: "SystemPackage", package: "swift-system"),
"ContainerImagesService",
"ContainerLog",
"ContainerPlugin",
"ContainerVersion",
"ContainerXPC",
],
path: "Sources/Helpers/Images"
),
.target(
name: "ContainerImagesService",
dependencies: [
.product(name: "Logging", package: "swift-log"),
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationArchive", package: "containerization"),
.product(name: "ContainerizationExtras", package: "containerization"),
.product(name: "ContainerizationOCI", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
"ContainerAPIClient",
"ContainerImagesServiceClient",
"ContainerLog",
"ContainerPersistence",
"ContainerResource",
"ContainerXPC",
"TerminalProgress",
],
path: "Sources/Services/ContainerImagesService/Server"
),
.target(
name: "ContainerImagesServiceClient",
dependencies: [
.product(name: "Logging", package: "swift-log"),
.product(name: "Containerization", package: "containerization"),
"ContainerXPC",
"ContainerLog",
],
path: "Sources/Services/ContainerImagesService/Client"
),
.executableTarget(
name: "container-network-vmnet",
dependencies: [
.product(name: "ArgumentParser", package: "swift-argument-parser"),
.product(name: "Logging", package: "swift-log"),
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationExtras", package: "containerization"),
.product(name: "ContainerizationIO", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
"ContainerLog",
"ContainerNetworkService",
"ContainerNetworkServiceClient",
"ContainerPlugin",
"ContainerResource",
"ContainerVersion",
"ContainerXPC",
],
path: "Sources/Helpers/NetworkVmnet"
),
.target(
name: "ContainerNetworkService",
dependencies: [
.product(name: "Logging", package: "swift-log"),
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
"ContainerNetworkServiceClient",
"ContainerPersistence",
"ContainerResource",
"ContainerXPC",
],
path: "Sources/Services/ContainerNetworkService/Server"
),
.testTarget(
name: "ContainerNetworkServiceTests",
dependencies: [
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationExtras", package: "containerization"),
"ContainerNetworkService",
]
),
.target(
name: "ContainerNetworkServiceClient",
dependencies: [
.product(name: "Logging", package: "swift-log"),
.product(name: "Containerization", package: "containerization"),
"ContainerLog",
"ContainerResource",
"ContainerXPC",
],
path: "Sources/Services/ContainerNetworkService/Client"
),
.executableTarget(
name: "container-runtime-linux",
dependencies: [
.product(name: "ArgumentParser", package: "swift-argument-parser"),
.product(name: "Logging", package: "swift-log"),
.product(name: "GRPC", package: "grpc-swift"),
.product(name: "Containerization", package: "containerization"),
"ContainerLog",
"ContainerPlugin",
"ContainerResource",
"ContainerSandboxService",
"ContainerSandboxServiceClient",
"ContainerVersion",
"ContainerXPC",
],
path: "Sources/Helpers/RuntimeLinux"
),
.target(
name: "ContainerSandboxService",
dependencies: [
.product(name: "Logging", package: "swift-log"),
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationExtras", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
.product(name: "ArgumentParser", package: "swift-argument-parser"),
"ContainerAPIClient",
"ContainerOS",
"ContainerPersistence",
"ContainerResource",
"ContainerSandboxServiceClient",
"ContainerXPC",
"SocketForwarder",
],
path: "Sources/Services/ContainerSandboxService/Server"
),
.target(
name: "ContainerSandboxServiceClient",
dependencies: [
"ContainerAPIClient",
"ContainerResource",
"ContainerXPC",
],
path: "Sources/Services/ContainerSandboxService/Client"
),
.target(
name: "ContainerResource",
dependencies: [
.product(name: "Containerization", package: "containerization"),
"ContainerXPC",
"CAuditToken",
"CVersion",
]
),
.testTarget(
name: "ContainerResourceTests",
dependencies: [
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationExtras", package: "containerization"),
"ContainerAPIService",
"ContainerResource",
]
),
.target(
name: "ContainerLog",
dependencies: [
.product(name: "Logging", package: "swift-log"),
.product(name: "SystemPackage", package: "swift-system"),
]
),
.target(
name: "ContainerPersistence",
dependencies: [
.product(name: "Logging", package: "swift-log"),
.product(name: "Containerization", package: "containerization"),
"CVersion",
"ContainerVersion",
]
),
.target(
name: "ContainerPlugin",
dependencies: [
.product(name: "Logging", package: "swift-log"),
.product(name: "ContainerizationOS", package: "containerization"),
.product(name: "SystemPackage", package: "swift-system"),
"ContainerVersion",
]
),
.testTarget(
name: "ContainerPluginTests",
dependencies: [
"ContainerPlugin"
]
),
.testTarget(
name: "ContainerSandboxServiceTests",
dependencies: [
.product(name: "Containerization", package: "containerization"),
"ContainerResource",
"ContainerSandboxServiceClient",
]
),
.target(
name: "ContainerXPC",
dependencies: [
.product(name: "ContainerizationExtras", package: "containerization"),
.product(name: "Logging", package: "swift-log"),
"CAuditToken",
]
),
.target(
name: "ContainerOS",
dependencies: [
.product(name: "Containerization", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
],
path: "Sources/ContainerOS"
),
.target(
name: "TerminalProgress",
dependencies: [
.product(name: "ContainerizationOS", package: "containerization")
]
),
.testTarget(
name: "TerminalProgressTests",
dependencies: ["TerminalProgress"]
),
.target(
name: "DNSServer",
dependencies: [
.product(name: "NIOCore", package: "swift-nio"),
.product(name: "NIOPosix", package: "swift-nio"),
.product(name: "Logging", package: "swift-log"),
.product(name: "ContainerizationExtras", package: "containerization"),
.product(name: "ContainerizationOS", package: "containerization"),
]
),
.testTarget(
name: "DNSServerTests",
dependencies: [
"DNSServer"
]
),
.testTarget(
name: "ContainerOSTests",
dependencies: [
"ContainerOS"
]
),
.target(
name: "SocketForwarder",
dependencies: [
.product(name: "Collections", package: "swift-collections"),
.product(name: "Logging", package: "swift-log"),
.product(name: "NIOCore", package: "swift-nio"),
.product(name: "NIOFoundationCompat", package: "swift-nio"),
]
),
.testTarget(
name: "SocketForwarderTests",
dependencies: ["SocketForwarder"]
),
.target(
name: "ContainerVersion",
dependencies: [
"CVersion"
],
),
.target(
name: "CVersion",
dependencies: [],
publicHeadersPath: "include",
cSettings: [
.define("CZ_VERSION", to: "\"\(scVersion)\""),
.define("GIT_COMMIT", to: "\"\(gitCommit)\""),
.define("RELEASE_VERSION", to: "\"\(releaseVersion)\""),
.define("BUILDER_SHIM_VERSION", to: "\"\(builderShimVersion)\""),
],
),
.target(
name: "CAuditToken",
dependencies: [],
publicHeadersPath: "include",
linkerSettings: [
.linkedLibrary("bsm")
]
),
]
)
================================================
FILE: Protobuf.Makefile
================================================
# Copyright © 2025-2026 Apple Inc. and the container project authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
ROOT_DIR := $(shell git rev-parse --show-toplevel)
LOCAL_DIR := $(ROOT_DIR)/.local
LOCAL_BIN_DIR := $(LOCAL_DIR)/bin
BUILDER_SHIM_REPO ?= https://github.com/apple/container-builder-shim.git
# Versions
BUILDER_SHIM_VERSION ?= $(shell sed -n 's/let builderShimVersion *= *"\(.*\)"/\1/p' Package.swift)
PROTOC_VERSION := 26.1
# Protoc binary installation
PROTOC_ZIP := protoc-$(PROTOC_VERSION)-osx-universal_binary.zip
PROTOC := $(LOCAL_BIN_DIR)/protoc@$(PROTOC_VERSION)/protoc
$(PROTOC):
@echo Downloading protocol buffers...
@mkdir -p $(LOCAL_DIR)
@curl -OL https://github.com/protocolbuffers/protobuf/releases/download/v$(PROTOC_VERSION)/$(PROTOC_ZIP)
@mkdir -p $(dir $@)
@unzip -jo $(PROTOC_ZIP) bin/protoc -d $(dir $@)
@unzip -o $(PROTOC_ZIP) 'include/*' -d $(dir $@)
@rm -f $(PROTOC_ZIP)
.PHONY: protoc-gen-swift
protoc-gen-swift:
@$(SWIFT) build --product protoc-gen-swift
@$(SWIFT) build --product protoc-gen-grpc-swift
.PHONY: protos
protos: $(PROTOC) protoc-gen-swift
@echo Generating protocol buffers source code...
@mkdir -p $(LOCAL_DIR)
@if [ ! -d "$(LOCAL_DIR)/container-builder-shim" ]; then \
cd $(LOCAL_DIR) && git clone --branch $(BUILDER_SHIM_VERSION) --depth 1 $(BUILDER_SHIM_REPO); \
fi
@$(PROTOC) $(LOCAL_DIR)/container-builder-shim/pkg/api/Builder.proto \
--plugin=protoc-gen-grpc-swift=$(BUILD_BIN_DIR)/protoc-gen-grpc-swift \
--plugin=protoc-gen-swift=$(BUILD_BIN_DIR)/protoc-gen-swift \
--proto_path=$(LOCAL_DIR)/container-builder-shim/pkg/api \
--grpc-swift_out="Sources/ContainerBuild" \
--grpc-swift_opt=Visibility=Public \
--swift_out="Sources/ContainerBuild" \
--swift_opt=Visibility=Public \
-I.
@"$(MAKE)" update-licenses
.PHONY: clean-proto-tools
clean-proto-tools:
@echo Cleaning proto tools...
@rm -rf $(LOCAL_DIR)/bin/protoc*
@rm -rf $(LOCAL_DIR)/container-builder-shim
================================================
FILE: README.md
================================================
# `container`
`container` is a tool that you can use to create and run Linux containers as lightweight virtual machines on your Mac. It's written in Swift, and optimized for Apple silicon.
The tool consumes and produces [OCI-compatible container images](https://github.com/opencontainers/image-spec), so you can pull and run images from any standard container registry. You can push images that you build to those registries as well, and run the images in any other OCI-compatible application.
`container` uses the [Containerization](https://github.com/apple/containerization) Swift package for low level container, image, and process management.
## Get started
### Requirements
You need a Mac with Apple silicon to run `container`. To build it, see the [BUILDING](./BUILDING.md) document.
`container` is supported on macOS 26, since it takes advantage of new features and enhancements to virtualization and networking in this release. We do not support older versions of macOS and the `container` maintainers typically will not address issues that cannot be reproduced on the macOS 26.
### Initial install
Download the latest signed installer package for `container` from the [GitHub release page](https://github.com/apple/container/releases).
To install the tool, double-click the package file and follow the instructions. Enter your administrator password when prompted, to give the installer permission to place the installed files under `/usr/local`.
Start the system service with:
```bash
container system start
```
### Upgrade or downgrade
For both upgrading and downgrading, you can manually download and install the signed installer package by following the steps from [initial install](#initial-install) or use the `update-container.sh` script (installed to `/usr/local/bin`).
If you're upgrading and downgrading, you must stop your existing `container`:
```bash
container system stop
```
For upgrading to the latest release version, simply run the command below:
```bash
/usr/local/bin/update-container.sh
```
If you're downgrading, you must uninstall your existing `container` (the `-k` flag keeps your user data, while `-d` removes it):
```bash
/usr/local/bin/uninstall-container.sh -k
/usr/local/bin/update-container.sh -v 0.3.0
```
Start the system service with:
```bash
container system start
```
### Uninstall
Use the `uninstall-container.sh` script (installed to `/usr/local/bin`) to remove `container` from your system. To remove your user data along with the tool, run:
```bash
/usr/local/bin/uninstall-container.sh -d
```
To retain your user data so that it is available should you reinstall later, run:
```bash
/usr/local/bin/uninstall-container.sh -k
```
## Next steps
- Take [a guided tour of `container`](./docs/tutorial.md) by building, running, and publishing a simple web server image.
- Learn how to [use various `container` features](./docs/how-to.md).
- Read a brief description and [technical overview](./docs/technical-overview.md) of `container`.
- Browse the [full command reference](./docs/command-reference.md).
- [Build and run](./BUILDING.md) `container` on your own development system.
- View the project [API documentation](https://apple.github.io/container/documentation/).
## Contributing
Contributions to `container` are welcomed and encouraged. Please see our [main contributing guide](https://github.com/apple/containerization/blob/main/CONTRIBUTING.md) for more information.
## Project Status
The container project is currently under active development. Its stability, both for consuming the project as a Swift package and the `container` tool, is only guaranteed within patch versions, such as between 0.1.1 and 0.1.2. Minor version number releases may include breaking changes until we achieve a 1.0.0 release.
================================================
FILE: SECURITY.md
================================================
# Security disclosure process
If you believe that you have discovered a security or privacy vulnerability in our open source software, please report it to us using the [GitHub private vulnerability feature](https://github.com/apple/container/security/advisories/new). Reports should include specific product and software version(s) that you believe are affected; a technical description of the behavior that you observed and the behavior that you expected; the steps required to reproduce the issue; and a proof of concept or exploit.
The project team will do their best to acknowledge receiving all security reports within 7 days of submission. This initial acknowledgment is neither acceptance nor rejection of your report. The project team may come back to you with further questions or invite you to collaborate while working through the details of your report.
Keep these additional guidelines in mind when submitting your report:
* Reports concerning known, publicly disclosed CVEs can be submitted as normal issues to this project.
* Output from automated security scans or fuzzers MUST include additional context demonstrating the vulnerability with a proof of concept or working exploit.
* Application crashes due to malformed inputs are typically not treated as security vulnerabilities, unless they are shown to also impact other processes on the system.
While we welcome reports for open source software projects, they are not eligible for Apple Security Bounties.
================================================
FILE: Sources/CAuditToken/AuditToken.c
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
// This file is required for Xcode to generate `CAuditToken.o`.
================================================
FILE: Sources/CAuditToken/include/AuditToken.h
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
#include <xpc/xpc.h>
#include <bsm/libbsm.h>
void xpc_dictionary_get_audit_token(xpc_object_t xdict, audit_token_t *token);
================================================
FILE: Sources/CLI/ContainerCLI.swift
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
import ArgumentParser
import ContainerAPIClient
import ContainerCommands
@main
public struct ContainerCLI: AsyncParsableCommand {
public init() {}
@Argument(parsing: .captureForPassthrough)
var arguments: [String] = []
public static let configuration = Application.configuration
public static func main() async throws {
try await Application.main()
}
public func run() async throws {
var application = try Application.parse(arguments)
try application.validate()
try application.run()
}
}
================================================
FILE: Sources/CVersion/Version.c
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
#include "Version.h"
const char* get_git_commit() {
return GIT_COMMIT;
}
const char* get_release_version() {
return RELEASE_VERSION;
}
const char* get_swift_containerization_version() {
return CZ_VERSION;
}
const char* get_container_builder_shim_version() {
return BUILDER_SHIM_VERSION;
}
================================================
FILE: Sources/CVersion/include/Version.h
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
#ifndef CZ_VERSION
#define CZ_VERSION "latest"
#endif
#ifndef GIT_COMMIT
#define GIT_COMMIT "unspecified"
#endif
#ifndef RELEASE_VERSION
#define RELEASE_VERSION "0.0.0"
#endif
#ifndef BUILDER_SHIM_VERSION
#define BUILDER_SHIM_VERSION "0.0.0"
#endif
const char* get_git_commit();
const char* get_release_version();
const char* get_swift_containerization_version();
const char* get_container_builder_shim_version();
================================================
FILE: Sources/ContainerBuild/BuildAPI+Extensions.swift
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
import Containerization
import ContainerizationOCI
public typealias IO = Com_Apple_Container_Build_V1_IO
public typealias InfoRequest = Com_Apple_Container_Build_V1_InfoRequest
public typealias InfoResponse = Com_Apple_Container_Build_V1_InfoResponse
public typealias ClientStream = Com_Apple_Container_Build_V1_ClientStream
public typealias ServerStream = Com_Apple_Container_Build_V1_ServerStream
public typealias ImageTransfer = Com_Apple_Container_Build_V1_ImageTransfer
public typealias BuildTransfer = Com_Apple_Container_Build_V1_BuildTransfer
public typealias BuilderClient = Com_Apple_Container_Build_V1_BuilderNIOClient
public typealias BuilderClientAsync = Com_Apple_Container_Build_V1_BuilderAsyncClient
public typealias BuilderClientProtocol = Com_Apple_Container_Build_V1_BuilderClientProtocol
public typealias BuilderClientAsyncProtocol = Com_Apple_Container_Build_V1_BuilderAsyncClient
extension BuildTransfer {
func stage() -> String? {
let stage = self.metadata["stage"]
return stage == "" ? nil : stage
}
func method() -> String? {
let method = self.metadata["method"]
return method == "" ? nil : method
}
func includePatterns() -> [String]? {
guard let includePatternsString = self.metadata["include-patterns"] else {
return nil
}
return includePatternsString == "" ? nil : includePatternsString.components(separatedBy: ",")
}
func followPaths() -> [String]? {
guard let followPathString = self.metadata["followpaths"] else {
return nil
}
return followPathString == "" ? nil : followPathString.components(separatedBy: ",")
}
func mode() -> String? {
self.metadata["mode"]
}
func size() -> Int? {
guard let sizeStr = self.metadata["size"] else {
return nil
}
return sizeStr == "" ? nil : Int(sizeStr)
}
func offset() -> UInt64? {
guard let offsetStr = self.metadata["offset"] else {
return nil
}
return offsetStr == "" ? nil : UInt64(offsetStr)
}
func len() -> Int? {
guard let lenStr = self.metadata["length"] else {
return nil
}
return lenStr == "" ? nil : Int(lenStr)
}
}
extension ImageTransfer {
func stage() -> String? {
self.metadata["stage"]
}
func method() -> String? {
self.metadata["method"]
}
func ref() -> String? {
self.metadata["ref"]
}
func platform() throws -> Platform? {
let metadata = self.metadata
guard let platform = metadata["platform"] else {
return nil
}
return try Platform(from: platform)
}
func mode() -> String? {
self.metadata["mode"]
}
func size() -> Int? {
let metadata = self.metadata
guard let sizeStr = metadata["size"] else {
return nil
}
return Int(sizeStr)
}
func len() -> Int? {
let metadata = self.metadata
guard let lenStr = metadata["length"] else {
return nil
}
return Int(lenStr)
}
func offset() -> UInt64? {
let metadata = self.metadata
guard let offsetStr = metadata["offset"] else {
return nil
}
return UInt64(offsetStr)
}
}
extension ServerStream {
func getImageTransfer() -> ImageTransfer? {
if case .imageTransfer(let v) = self.packetType {
return v
}
return nil
}
func getBuildTransfer() -> BuildTransfer? {
if case .buildTransfer(let v) = self.packetType {
return v
}
return nil
}
func getIO() -> IO? {
if case .io(let v) = self.packetType {
return v
}
return nil
}
}
================================================
FILE: Sources/ContainerBuild/BuildFSSync.swift
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
import Collections
import ContainerAPIClient
import ContainerizationArchive
import ContainerizationOCI
import CryptoKit
import Foundation
import GRPC
actor BuildFSSync: BuildPipelineHandler {
let contextDir: URL
init(_ contextDir: URL) throws {
guard FileManager.default.fileExists(atPath: contextDir.cleanPath) else {
throw Error.contextNotFound(contextDir.cleanPath)
}
guard try contextDir.isDir() else {
throw Error.contextIsNotDirectory(contextDir.cleanPath)
}
self.contextDir = contextDir
}
nonisolated func accept(_ packet: ServerStream) throws -> Bool {
guard let buildTransfer = packet.getBuildTransfer() else {
return false
}
guard buildTransfer.stage() == "fssync" else {
return false
}
return true
}
func handle(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: ServerStream) async throws {
guard let buildTransfer = packet.getBuildTransfer() else {
throw Error.buildTransferMissing
}
guard let method = buildTransfer.method() else {
throw Error.methodMissing
}
switch try FSSyncMethod(method) {
case .read:
try await self.read(sender, buildTransfer, packet.buildID)
case .info:
try await self.info(sender, buildTransfer, packet.buildID)
case .walk:
try await self.walk(sender, buildTransfer, packet.buildID)
}
}
func read(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: BuildTransfer, _ buildID: String) async throws {
let offset: UInt64 = packet.offset() ?? 0
let size: Int = packet.len() ?? 0
var path: URL
if packet.source.hasPrefix("/") {
path = URL(fileURLWithPath: packet.source).standardizedFileURL
} else {
path =
contextDir
.appendingPathComponent(packet.source)
.standardizedFileURL
}
if !FileManager.default.fileExists(atPath: path.cleanPath) {
path = URL(filePath: self.contextDir.cleanPath)
path.append(components: packet.source.cleanPathComponent)
}
let data = try {
if try path.isDir() {
return Data()
}
let file = try LocalContent(path: path.standardizedFileURL)
return try file.data(offset: offset, length: size) ?? Data()
}()
let transfer = try path.buildTransfer(id: packet.id, contextDir: self.contextDir, complete: true, data: data)
var response = ClientStream()
response.buildID = buildID
response.buildTransfer = transfer
response.packetType = .buildTransfer(transfer)
sender.yield(response)
}
func info(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: BuildTransfer, _ buildID: String) async throws {
let path: URL
if packet.source.hasPrefix("/") {
path = URL(fileURLWithPath: packet.source).standardizedFileURL
} else {
path =
contextDir
.appendingPathComponent(packet.source)
.standardizedFileURL
}
let transfer = try path.buildTransfer(id: packet.id, contextDir: self.contextDir, complete: true)
var response = ClientStream()
response.buildID = buildID
response.buildTransfer = transfer
response.packetType = .buildTransfer(transfer)
sender.yield(response)
}
private struct DirEntry: Hashable {
let url: URL
let isDirectory: Bool
let relativePath: String
func hash(into hasher: inout Hasher) {
hasher.combine(relativePath)
}
static func == (lhs: DirEntry, rhs: DirEntry) -> Bool {
lhs.relativePath == rhs.relativePath
}
}
func walk(
_ sender: AsyncStream<ClientStream>.Continuation,
_ packet: BuildTransfer,
_ buildID: String
) async throws {
let wantsTar = packet.mode() == "tar"
var entries: [String: Set<DirEntry>] = [:]
let followPaths: [String] = packet.followPaths() ?? []
let followPathsWalked = try walk(root: self.contextDir, includePatterns: followPaths)
for url in followPathsWalked {
guard self.contextDir.absoluteURL.cleanPath != url.absoluteURL.cleanPath else {
continue
}
guard self.contextDir.parentOf(url) else {
continue
}
let relPath = try url.relativeChildPath(to: contextDir)
let parentPath = try url.deletingLastPathComponent().relativeChildPath(to: contextDir)
let entry = DirEntry(url: url, isDirectory: url.hasDirectoryPath, relativePath: relPath)
entries[parentPath, default: []].insert(entry)
if url.isSymlink {
let target: URL = url.resolvingSymlinksInPath()
if self.contextDir.parentOf(target) {
let relPath = try target.relativeChildPath(to: self.contextDir)
let entry = DirEntry(url: target, isDirectory: target.hasDirectoryPath, relativePath: relPath)
let parentPath: String = try target.deletingLastPathComponent().relativeChildPath(to: self.contextDir)
entries[parentPath, default: []].insert(entry)
}
}
}
var fileOrder = [String]()
try processDirectory("", inputEntries: entries, processedPaths: &fileOrder)
if !wantsTar {
let fileInfos = try fileOrder.map { rel -> FileInfo in
try FileInfo(path: contextDir.appendingPathComponent(rel), contextDir: contextDir)
}
let data = try JSONEncoder().encode(fileInfos)
let transfer = BuildTransfer(
id: packet.id,
source: packet.source,
complete: true,
isDir: false,
metadata: [
"os": "linux",
"stage": "fssync",
"mode": "json",
],
data: data
)
var resp = ClientStream()
resp.buildID = buildID
resp.buildTransfer = transfer
resp.packetType = .buildTransfer(transfer)
sender.yield(resp)
return
}
let tarURL = URL.temporaryDirectory
.appendingPathComponent(UUID().uuidString + ".tar")
defer { try? FileManager.default.removeItem(at: tarURL) }
let writerCfg = ArchiveWriterConfiguration(
format: .paxRestricted,
filter: .none)
let tarHash = try Archiver.compress(
source: contextDir,
destination: tarURL,
writerConfiguration: writerCfg
) { url in
guard let rel = try? url.relativeChildPath(to: contextDir) else {
return nil
}
guard let parent = try? url.deletingLastPathComponent().relativeChildPath(to: self.contextDir) else {
return nil
}
guard let items = entries[parent] else {
return nil
}
let include = items.contains { item in
item.relativePath == rel
}
guard include else {
return nil
}
return Archiver.ArchiveEntryInfo(
pathOnHost: url,
pathInArchive: URL(fileURLWithPath: rel))
}
let hash = tarHash.compactMap { String(format: "%02x", $0) }.joined()
let header = BuildTransfer(
id: packet.id,
source: tarURL.path,
complete: false,
isDir: false,
metadata: [
"os": "linux",
"stage": "fssync",
"mode": "tar",
"hash": hash,
]
)
var resp = ClientStream()
resp.buildID = buildID
resp.buildTransfer = header
resp.packetType = .buildTransfer(header)
sender.yield(resp)
for try await chunk in try tarURL.bufferedCopyReader() {
let part = BuildTransfer(
id: packet.id,
source: tarURL.path,
complete: false,
isDir: false,
metadata: [
"os": "linux",
"stage": "fssync",
"mode": "tar",
],
data: chunk
)
var resp = ClientStream()
resp.buildID = buildID
resp.buildTransfer = part
resp.packetType = .buildTransfer(part)
sender.yield(resp)
}
let done = BuildTransfer(
id: packet.id,
source: tarURL.path,
complete: true,
isDir: false,
metadata: [
"os": "linux",
"stage": "fssync",
"mode": "tar",
],
data: Data()
)
var finalResp = ClientStream()
finalResp.buildID = buildID
finalResp.buildTransfer = done
finalResp.packetType = .buildTransfer(done)
sender.yield(finalResp)
}
func walk(root: URL, includePatterns: [String]) throws -> [URL] {
let globber = Globber(root)
for p in includePatterns {
try globber.match(p)
}
return Array(globber.results)
}
private func processDirectory(
_ currentDir: String,
inputEntries: [String: Set<DirEntry>],
processedPaths: inout [String]
) throws {
guard let entries = inputEntries[currentDir] else {
return
}
// Sort purely by lexicographical order of relativePath
let sortedEntries = entries.sorted { $0.relativePath < $1.relativePath }
for entry in sortedEntries {
processedPaths.append(entry.relativePath)
if entry.isDirectory {
try processDirectory(
entry.relativePath,
inputEntries: inputEntries,
processedPaths: &processedPaths
)
}
}
}
struct FileInfo: Codable {
let name: String
let modTime: String
let mode: UInt32
let size: UInt64
let isDir: Bool
let uid: UInt32
let gid: UInt32
let target: String
init(path: URL, contextDir: URL) throws {
if path.isSymlink {
let target: URL = path.resolvingSymlinksInPath()
if contextDir.parentOf(target) {
self.target = target.relativePathFrom(from: path)
} else {
self.target = target.cleanPath
}
} else {
self.target = ""
}
self.name = try path.relativeChildPath(to: contextDir)
self.modTime = try path.modTime()
self.mode = try path.mode()
self.size = try path.size()
self.isDir = path.hasDirectoryPath
self.uid = 0
self.gid = 0
}
}
enum FSSyncMethod: String {
case read = "Read"
case info = "Info"
case walk = "Walk"
init(_ method: String) throws {
switch method {
case "Read":
self = .read
case "Info":
self = .info
case "Walk":
self = .walk
default:
throw Error.unknownMethod(method)
}
}
}
}
extension BuildFSSync {
enum Error: Swift.Error, CustomStringConvertible, Equatable {
case buildTransferMissing
case methodMissing
case unknownMethod(String)
case contextNotFound(String)
case contextIsNotDirectory(String)
case couldNotDetermineFileSize(String)
case couldNotDetermineModTime(String)
case couldNotDetermineFileMode(String)
case invalidOffsetSizeForFile(String, UInt64, Int)
case couldNotDetermineUID(String)
case couldNotDetermineGID(String)
case pathIsNotChild(String, String)
var description: String {
switch self {
case .buildTransferMissing:
return "buildTransfer field missing in packet"
case .methodMissing:
return "method is missing in request"
case .unknownMethod(let m):
return "unknown content-store method \(m)"
case .contextNotFound(let path):
return "context dir \(path) not found"
case .contextIsNotDirectory(let path):
return "context \(path) not a directory"
case .couldNotDetermineFileSize(let path):
return "could not determine size of file \(path)"
case .couldNotDetermineModTime(let path):
return "could not determine last modified time of \(path)"
case .couldNotDetermineFileMode(let path):
return "could not determine posix permissions (FileMode) of \(path)"
case .invalidOffsetSizeForFile(let digest, let offset, let size):
return "invalid request for file: \(digest) with offset: \(offset) size: \(size)"
case .couldNotDetermineUID(let path):
return "could not determine UID of file at path: \(path)"
case .couldNotDetermineGID(let path):
return "could not determine GID of file at path: \(path)"
case .pathIsNotChild(let path, let parent):
return "\(path) is not a child of \(parent)"
}
}
}
}
extension BuildTransfer {
fileprivate init(id: String, source: String, complete: Bool, isDir: Bool, metadata: [String: String], data: Data? = nil) {
self.init()
self.id = id
self.source = source
self.direction = .outof
self.complete = complete
self.metadata = metadata
self.isDirectory = isDir
if let data {
self.data = data
}
}
}
extension URL {
fileprivate func size() throws -> UInt64 {
let attrs = try FileManager.default.attributesOfItem(atPath: self.cleanPath)
if let size = attrs[FileAttributeKey.size] as? UInt64 {
return size
}
throw BuildFSSync.Error.couldNotDetermineFileSize(self.cleanPath)
}
fileprivate func modTime() throws -> String {
let attrs = try FileManager.default.attributesOfItem(atPath: self.cleanPath)
if let date = attrs[FileAttributeKey.modificationDate] as? Date {
return date.rfc3339()
}
throw BuildFSSync.Error.couldNotDetermineModTime(self.cleanPath)
}
fileprivate func isDir() throws -> Bool {
let attrs = try FileManager.default.attributesOfItem(atPath: self.cleanPath)
guard let t = attrs[.type] as? FileAttributeType, t == .typeDirectory else {
return false
}
return true
}
fileprivate func mode() throws -> UInt32 {
let attrs = try FileManager.default.attributesOfItem(atPath: self.cleanPath)
if let mode = attrs[FileAttributeKey.posixPermissions] as? NSNumber {
return mode.uint32Value
}
throw BuildFSSync.Error.couldNotDetermineFileMode(self.cleanPath)
}
fileprivate func uid() throws -> UInt32 {
let attrs = try FileManager.default.attributesOfItem(atPath: self.cleanPath)
if let uid = attrs[.ownerAccountID] as? UInt32 {
return uid
}
throw BuildFSSync.Error.couldNotDetermineUID(self.cleanPath)
}
fileprivate func gid() throws -> UInt32 {
let attrs = try FileManager.default.attributesOfItem(atPath: self.cleanPath)
if let gid = attrs[.groupOwnerAccountID] as? UInt32 {
return gid
}
throw BuildFSSync.Error.couldNotDetermineGID(self.cleanPath)
}
fileprivate func buildTransfer(
id: String,
contextDir: URL? = nil,
complete: Bool = false,
data: Data = Data()
) throws -> BuildTransfer {
let p = try {
if let contextDir { return try self.relativeChildPath(to: contextDir) }
return self.cleanPath
}()
return BuildTransfer(
id: id,
source: String(p),
complete: complete,
isDir: try self.isDir(),
metadata: [
"os": "linux",
"stage": "fssync",
"mode": String(try self.mode()),
"size": String(try self.size()),
"modified_at": try self.modTime(),
"uid": String(try self.uid()),
"gid": String(try self.gid()),
],
data: data
)
}
}
extension Date {
fileprivate func rfc3339() -> String {
let dateFormatter = DateFormatter()
dateFormatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ssZZZZZ"
dateFormatter.locale = Locale(identifier: "en_US_POSIX")
dateFormatter.timeZone = TimeZone(secondsFromGMT: 0) // Adjust if necessary
return dateFormatter.string(from: self)
}
}
extension String {
var cleanPathComponent: String {
let trimmed = self.trimmingCharacters(in: CharacterSet(charactersIn: "/"))
if let clean = trimmed.removingPercentEncoding {
return clean
}
return trimmed
}
}
================================================
FILE: Sources/ContainerBuild/BuildFile.swift
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
import Foundation
import Logging
public struct BuildFile {
/// Tries to resolve either a Dockerfile or Containerfile relative to contextDir.
/// Checks for Dockerfile, then falls back to Containerfile.
public static func resolvePath(contextDir: String, log: Logger? = nil) throws -> String? {
// Check for Dockerfile then Containerfile in context directory
let dockerfilePath = URL(filePath: contextDir).appendingPathComponent("Dockerfile").path
let containerfilePath = URL(filePath: contextDir).appendingPathComponent("Containerfile").path
let dockerfileExists = FileManager.default.fileExists(atPath: dockerfilePath)
let containerfileExists = FileManager.default.fileExists(atPath: containerfilePath)
if dockerfileExists && containerfileExists {
log?.info("Detected both Dockerfile and Containerfile, choosing Dockerfile")
return dockerfilePath
}
if dockerfileExists {
return dockerfilePath
}
if containerfileExists {
return containerfilePath
}
return nil
}
}
================================================
FILE: Sources/ContainerBuild/BuildImageResolver.swift
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
import ContainerAPIClient
import Containerization
import ContainerizationOCI
import Foundation
import GRPC
import Logging
import TerminalProgress
struct BuildImageResolver: BuildPipelineHandler {
let contentStore: ContentStore
let quiet: Bool
let output: FileHandle
let pull: Bool
public init(_ contentStore: ContentStore, quiet: Bool = false, output: FileHandle = FileHandle.standardError, pull: Bool = false) throws {
self.contentStore = contentStore
self.quiet = quiet
self.output = output
self.pull = pull
}
func accept(_ packet: ServerStream) throws -> Bool {
guard let imageTransfer = packet.getImageTransfer() else {
return false
}
guard imageTransfer.stage() == "resolver" else {
return false
}
guard imageTransfer.method() == "/resolve" else {
return false
}
return true
}
func handle(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: ServerStream) async throws {
guard let imageTransfer = packet.getImageTransfer() else {
throw Error.imageTransferMissing
}
guard let ref = imageTransfer.ref() else {
throw Error.tagMissing
}
guard let platform = try imageTransfer.platform() else {
throw Error.platformMissing
}
let img = try await {
let progressConfig = try ProgressConfig(
terminal: self.output,
description: "Pulling \(ref)",
showPercent: true,
showProgressBar: true,
showSize: true,
showSpeed: true,
disableProgressUpdates: self.quiet
)
let progress = ProgressBar(config: progressConfig)
defer { progress.finish() }
progress.start()
if self.pull {
return try await ClientImage.pull(reference: ref, platform: platform, progressUpdate: progress.handler)
}
// Use fetch() which checks cache first, then pulls if needed
return try await ClientImage.fetch(reference: ref, platform: platform, progressUpdate: progress.handler)
}()
let index: Index = try await img.index()
let buildID = packet.buildID
let platforms = index.manifests.compactMap { $0.platform }
for pl in platforms {
if pl == platform {
let manifest = try await img.manifest(for: pl)
guard let ociImage: ContainerizationOCI.Image = try await self.contentStore.get(digest: manifest.config.digest) else {
continue
}
let enc = JSONEncoder()
let data = try enc.encode(ociImage)
let transfer = try ImageTransfer(
id: imageTransfer.id,
digest: img.descriptor.digest,
ref: ref,
platform: platform.description,
data: data
)
var response = ClientStream()
response.buildID = buildID
response.imageTransfer = transfer
response.packetType = .imageTransfer(transfer)
sender.yield(response)
return
}
}
throw Error.unknownPlatformForImage(platform.description, ref)
}
}
extension ImageTransfer {
fileprivate init(id: String, digest: String, ref: String, platform: String, data: Data) throws {
self.init()
self.id = id
self.tag = digest
self.metadata = [
"os": "linux",
"stage": "resolver",
"method": "/resolve",
"ref": ref,
"platform": platform,
]
self.complete = true
self.direction = .into
self.data = data
}
}
extension BuildImageResolver {
enum Error: Swift.Error, CustomStringConvertible {
case imageTransferMissing
case tagMissing
case platformMissing
case imageNameMissing
case imageTagMissing
case imageNotFound
case indexDigestMissing(String)
case unknownRegistry(String)
case digestIsNotIndex(String)
case digestIsNotManifest(String)
case unknownPlatformForImage(String, String)
var description: String {
switch self {
case .imageTransferMissing:
return "imageTransfer is missing"
case .tagMissing:
return "tag parameter missing in metadata"
case .platformMissing:
return "platform parameter missing in metadata"
case .imageNameMissing:
return "image name missing in $ref parameter"
case .imageTagMissing:
return "image tag missing in $ref parameter"
case .imageNotFound:
return "image not found"
case .indexDigestMissing(let ref):
return "index digest is missing for image: \(ref)"
case .unknownRegistry(let registry):
return "registry \(registry) is unknown"
case .digestIsNotIndex(let digest):
return "digest \(digest) is not a descriptor to an index"
case .digestIsNotManifest(let digest):
return "digest \(digest) is not a descriptor to a manifest"
case .unknownPlatformForImage(let platform, let ref):
return "platform \(platform) for image \(ref) not found"
}
}
}
}
================================================
FILE: Sources/ContainerBuild/BuildPipelineHandler.swift
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
import Foundation
import GRPC
import NIO
protocol BuildPipelineHandler: Sendable {
func accept(_ packet: ServerStream) throws -> Bool
func handle(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: ServerStream) async throws
}
public actor BuildPipeline {
let handlers: [BuildPipelineHandler]
public init(_ config: Builder.BuildConfig) async throws {
self.handlers =
[
try BuildFSSync(URL(filePath: config.contextDir)),
try BuildRemoteContentProxy(config.contentStore),
try BuildImageResolver(config.contentStore, quiet: config.quiet, output: config.terminal?.handle ?? FileHandle.standardError, pull: config.pull),
try BuildStdio(quiet: config.quiet, output: config.terminal?.handle ?? FileHandle.standardError),
]
}
public func run(
sender: AsyncStream<ClientStream>.Continuation,
receiver: GRPCAsyncResponseStream<ServerStream>
) async throws {
defer { sender.finish() }
try await untilFirstError { group in
for try await packet in receiver {
try Task.checkCancellation()
for handler in self.handlers {
try Task.checkCancellation()
guard try handler.accept(packet) else {
continue
}
try Task.checkCancellation()
try await handler.handle(sender, packet)
break
}
}
}
}
/// untilFirstError() throws when any one of its submitted tasks fail.
/// This is useful for asynchronous packet processing scenarios which
/// have the following 3 requirements:
/// - the packet should be processed without blocking I/O
/// - the packet stream is never-ending
/// - when the first task fails, the error needs to be propagated to the caller
///
/// Usage:
///
/// ```
/// try await untilFirstError { group in
/// for try await packet in receiver {
/// group.addTask {
/// try await handler.handle(sender, packet)
/// }
/// }
/// }
/// ```
///
///
/// WithThrowingTaskGroup cannot accomplish this because it
/// doesn't provide a mechanism to exit when one of the tasks fail
/// before all the tasks have been added. i.e. it is more suitable for
/// tasks that are limited. Here's a sample code where withThrowingTaskGroup
/// doesn't solve the problem:
///
/// ```
/// withThrowingTaskGroup { group in
/// for try await packet in receiver {
/// group.addTask {
/// /* process packet */
/// }
/// } /* this loop blocks forever waiting for more packets */
/// try await group.next() /* this never gets called */
/// }
/// ```
/// The above closure never returns even when a handler encounters an error
/// because the blocking operation `try await group.next()` cannot be
/// called while iterating over the receiver stream.
private func untilFirstError(body: @Sendable @escaping (UntilFirstError) async throws -> Void) async throws {
let group = try await UntilFirstError()
var taskContinuation: AsyncStream<Task<(), Error>>.Continuation?
let tasks = AsyncStream<Task<(), Error>> { continuation in
taskContinuation = continuation
}
guard let taskContinuation else {
throw NSError(
domain: "untilFirstError",
code: 1,
userInfo: [NSLocalizedDescriptionKey: "failed to initialize task continuation"])
}
defer { taskContinuation.finish() }
let stream = AsyncStream<Error> { continuation in
let processTasks = Task {
let taskStream = await group.tasks()
defer {
continuation.finish()
}
for await item in taskStream {
try Task.checkCancellation()
let addedTask = Task {
try Task.checkCancellation()
do {
try await item()
} catch {
continuation.yield(error)
await group.continuation?.finish()
throw error
}
}
taskContinuation.yield(addedTask)
}
}
taskContinuation.yield(processTasks)
let mainTask = Task { @Sendable in
defer {
continuation.finish()
processTasks.cancel()
taskContinuation.finish()
}
do {
try Task.checkCancellation()
try await body(group)
} catch {
continuation.yield(error)
await group.continuation?.finish()
throw error
}
}
taskContinuation.yield(mainTask)
}
// when the first handler fails, cancel all tasks and throw error
for await item in stream {
try Task.checkCancellation()
Task {
for await task in tasks {
task.cancel()
}
}
throw item
}
// if none of the handlers fail, wait for all subtasks to complete
for await task in tasks {
try Task.checkCancellation()
try await task.value
}
}
private actor UntilFirstError {
var stream: AsyncStream<@Sendable () async throws -> Void>?
var continuation: AsyncStream<@Sendable () async throws -> Void>.Continuation?
init() async throws {
self.stream = AsyncStream { cont in
self.continuation = cont
}
guard let _ = continuation else {
throw NSError()
}
}
func addTask(body: @Sendable @escaping () async throws -> Void) {
if !Task.isCancelled {
self.continuation?.yield(body)
}
}
func tasks() -> AsyncStream<@Sendable () async throws -> Void> {
self.stream!
}
}
}
================================================
FILE: Sources/ContainerBuild/BuildRemoteContentProxy.swift
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
import ContainerAPIClient
import Containerization
import ContainerizationArchive
import ContainerizationOCI
import Foundation
import GRPC
struct BuildRemoteContentProxy: BuildPipelineHandler {
let local: ContentStore
public init(_ contentStore: ContentStore) throws {
self.local = contentStore
}
func accept(_ packet: ServerStream) throws -> Bool {
guard let imageTransfer = packet.getImageTransfer() else {
return false
}
guard imageTransfer.stage() == "content-store" else {
return false
}
return true
}
func handle(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: ServerStream) async throws {
guard let imageTransfer = packet.getImageTransfer() else {
throw Error.imageTransferMissing
}
guard let method = imageTransfer.method() else {
throw Error.methodMissing
}
switch try ContentStoreMethod(method) {
case .info:
try await self.info(sender, imageTransfer, packet.buildID)
case .readerAt:
try await self.readerAt(sender, imageTransfer, packet.buildID)
default:
throw Error.unknownMethod(method)
}
}
func info(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: ImageTransfer, _ buildID: String) async throws {
let descriptor = try await local.get(digest: packet.tag)
let size = try descriptor?.size()
let transfer = try ImageTransfer(
id: packet.id,
digest: packet.tag,
method: ContentStoreMethod.info.rawValue,
size: size
)
var response = ClientStream()
response.buildID = buildID
response.imageTransfer = transfer
response.packetType = .imageTransfer(transfer)
sender.yield(response)
}
func readerAt(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: ImageTransfer, _ buildID: String) async throws {
let digest = packet.descriptor.digest
let offset: UInt64 = packet.offset() ?? 0
let size: Int = packet.len() ?? 0
guard let descriptor = try await local.get(digest: digest) else {
throw Error.contentMissing
}
if offset == 0 && size == 0 { // Metadata request
var transfer = try ImageTransfer(
id: packet.id,
digest: packet.tag,
method: ContentStoreMethod.readerAt.rawValue,
size: descriptor.size(),
data: Data()
)
transfer.complete = true
var response = ClientStream()
response.buildID = buildID
response.imageTransfer = transfer
response.packetType = .imageTransfer(transfer)
sender.yield(response)
return
}
guard let data = try descriptor.data(offset: offset, length: size) else {
throw Error.invalidOffsetSizeForContent(packet.descriptor.digest, offset, size)
}
let transfer = try ImageTransfer(
id: packet.id,
digest: packet.tag,
method: ContentStoreMethod.readerAt.rawValue,
size: UInt64(data.count),
data: data
)
var response = ClientStream()
response.buildID = buildID
response.imageTransfer = transfer
response.packetType = .imageTransfer(transfer)
sender.yield(response)
}
func delete(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: ImageTransfer) async throws {
throw NSError(domain: "RemoteContentProxy", code: 1, userInfo: [NSLocalizedDescriptionKey: "unimplemented method \(ContentStoreMethod.delete)"])
}
func update(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: ImageTransfer) async throws {
throw NSError(domain: "RemoteContentProxy", code: 1, userInfo: [NSLocalizedDescriptionKey: "unimplemented method \(ContentStoreMethod.update)"])
}
func walk(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: ImageTransfer) async throws {
throw NSError(domain: "RemoteContentProxy", code: 1, userInfo: [NSLocalizedDescriptionKey: "unimplemented method \(ContentStoreMethod.walk)"])
}
enum ContentStoreMethod: String {
case info = "/containerd.services.content.v1.Content/Info"
case readerAt = "/containerd.services.content.v1.Content/ReaderAt"
case delete = "/containerd.services.content.v1.Content/Delete"
case update = "/containerd.services.content.v1.Content/Update"
case walk = "/containerd.services.content.v1.Content/Walk"
init(_ method: String) throws {
guard let value = ContentStoreMethod(rawValue: method) else {
throw Error.unknownMethod(method)
}
self = value
}
}
}
extension ImageTransfer {
fileprivate init(id: String, digest: String, method: String, size: UInt64? = nil, data: Data = Data()) throws {
self.init()
self.id = id
self.tag = digest
self.metadata = [
"os": "linux",
"stage": "content-store",
"method": method,
]
if let size {
self.metadata["size"] = String(size)
}
self.complete = true
self.direction = .into
self.data = data
}
}
extension BuildRemoteContentProxy {
enum Error: Swift.Error, CustomStringConvertible {
case imageTransferMissing
case methodMissing
case contentMissing
case unknownMethod(String)
case invalidOffsetSizeForContent(String, UInt64, Int)
var description: String {
switch self {
case .imageTransferMissing:
return "imageTransfer is missing"
case .methodMissing:
return "method is missing in request"
case .contentMissing:
return "content cannot be found"
case .unknownMethod(let m):
return "unknown content-store method \(m)"
case .invalidOffsetSizeForContent(let digest, let offset, let size):
return "invalid request for content: \(digest) with offset: \(offset) size: \(size)"
}
}
}
}
================================================
FILE: Sources/ContainerBuild/BuildStdio.swift
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
import ContainerizationOS
import Foundation
import GRPC
import NIO
actor BuildStdio: BuildPipelineHandler {
public let quiet: Bool
public let handle: FileHandle
init(quiet: Bool = false, output: FileHandle = FileHandle.standardError) throws {
self.quiet = quiet
self.handle = output
}
nonisolated func accept(_ packet: ServerStream) throws -> Bool {
guard let _ = packet.getIO() else {
return false
}
return true
}
func handle(_ sender: AsyncStream<ClientStream>.Continuation, _ packet: ServerStream) async throws {
guard !quiet else {
return
}
guard let io = packet.getIO() else {
throw Error.ioMissing
}
if let cmdString = try TerminalCommand().json() {
var response = ClientStream()
response.buildID = packet.buildID
response.command = .init()
response.command.id = packet.buildID
response.command.command = cmdString
sender.yield(response)
}
handle.write(io.data)
}
}
extension BuildStdio {
enum Error: Swift.Error, CustomStringConvertible {
case ioMissing
case invalidContinuation
var description: String {
switch self {
case .ioMissing:
return "io field missing in packet"
case .invalidContinuation:
return "continuation could not created"
}
}
}
}
================================================
FILE: Sources/ContainerBuild/Builder.grpc.swift
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
//
// DO NOT EDIT.
// swift-format-ignore-file
//
// Generated by the protocol buffer compiler.
// Source: Builder.proto
//
import GRPC
import NIO
import NIOConcurrencyHelpers
import SwiftProtobuf
/// Builder service implements APIs for performing an image build with
/// Container image builder agent.
///
/// To perform a build:
///
/// 1. CreateBuild to create a new build
/// 2. StartBuild to start the build execution where client and server
/// both have a stream for exchanging data during the build.
///
/// The client may send:
/// a) signal packet to signal to the build process (e.g. SIGINT)
///
/// b) command packet for executing a command in the build file on the
/// server
/// NOTE: the server will need to switch on the command to determine the
/// type of command to execute (e.g. RUN, ENV, etc.)
///
/// c) transfer build data either to or from the server
/// - INTO direction is for sending build data to the server at specific
/// location (e.g. COPY)
/// - OUTOF direction is for copying build data from the server to be
/// used in subsequent build stages
///
/// d) transfer image content data either to or from the server
/// - INTO direction is for sending inherited image content data to the
/// server's local content store
/// - OUTOF direction is for copying successfully built OCI image from
/// the server to the client
///
/// The server may send:
/// a) stdio packet for the build progress
///
/// b) build error indicating unsuccessful build
///
/// c) command complete packet indicating a command has finished executing
///
/// d) handle transfer build data either to or from the client
///
/// e) handle transfer image content data either to or from the client
///
///
/// NOTE: The build data and image content data transfer is ALWAYS initiated
/// by the client.
///
/// Sequence for transferring from the client to the server:
/// 1. client send a BuildTransfer/ImageTransfer request with ID, direction
/// of 'INTO',
/// destination path, and first chunk of data
/// 2. server starts to receive the data and stream to a temporary file
/// 3. client continues to send all chunks of data until last chunk, which
/// client will
/// send with 'complete' set to true
/// 4. server continues to receive until the last chunk with 'complete' set
/// to true,
/// server will finish writing the last chunk and un-archive the
/// temporary file to the destination path
/// 5. server completes the transfer by sending a last
/// BuildTransfer/ImageTransfer with
/// 'complete' set to true
/// 6. client waits for the last BuildTransfer/ImageTransfer with 'complete'
/// set to true
/// before proceeding with the rest of the commands
///
/// Sequence for transferring from the server to the client:
/// 1. client send a BuildTransfer/ImageTransfer request with ID, direction
/// of 'OUTOF',
/// source path, and empty data
/// 2. server archives the data at source path, and starts to send chunks to
/// the client
/// 3. server continues to send all chunks until last chunk, which server
/// will send with
/// 'complete' set to true
/// 4. client starts to receive the data and stream to a temporary file
/// 5. client continues to receive until the last chunk with 'complete' set
/// to true,
/// client will finish writing last chunk and un-archive the temporary
/// file to the destination path
/// 6. client MAY choose to send one last BuildTransfer/ImageTransfer with
/// 'complete'
/// set to true, but NOT required.
///
///
/// NOTE: the client should close the send stream once it has finished
/// receiving the build output or abandon the current build due to error.
/// Server should keep the stream open until it receives the EOF that client
/// has closed the stream, which the server should then close its send stream.
///
/// Usage: instantiate `Com_Apple_Container_Build_V1_BuilderClient`, then call methods of this protocol to make API calls.
public protocol Com_Apple_Container_Build_V1_BuilderClientProtocol: GRPCClient {
var serviceName: String { get }
var interceptors: Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol? { get }
func createBuild(
_ request: Com_Apple_Container_Build_V1_CreateBuildRequest,
callOptions: CallOptions?
) -> UnaryCall<Com_Apple_Container_Build_V1_CreateBuildRequest, Com_Apple_Container_Build_V1_CreateBuildResponse>
func performBuild(
callOptions: CallOptions?,
handler: @escaping (Com_Apple_Container_Build_V1_ServerStream) -> Void
) -> BidirectionalStreamingCall<Com_Apple_Container_Build_V1_ClientStream, Com_Apple_Container_Build_V1_ServerStream>
func info(
_ request: Com_Apple_Container_Build_V1_InfoRequest,
callOptions: CallOptions?
) -> UnaryCall<Com_Apple_Container_Build_V1_InfoRequest, Com_Apple_Container_Build_V1_InfoResponse>
}
extension Com_Apple_Container_Build_V1_BuilderClientProtocol {
public var serviceName: String {
return "com.apple.container.build.v1.Builder"
}
/// Create a build request.
///
/// - Parameters:
/// - request: Request to send to CreateBuild.
/// - callOptions: Call options.
/// - Returns: A `UnaryCall` with futures for the metadata, status and response.
public func createBuild(
_ request: Com_Apple_Container_Build_V1_CreateBuildRequest,
callOptions: CallOptions? = nil
) -> UnaryCall<Com_Apple_Container_Build_V1_CreateBuildRequest, Com_Apple_Container_Build_V1_CreateBuildResponse> {
return self.makeUnaryCall(
path: Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.createBuild.path,
request: request,
callOptions: callOptions ?? self.defaultCallOptions,
interceptors: self.interceptors?.makeCreateBuildInterceptors() ?? []
)
}
/// Perform the build.
/// Executes the entire build sequence with attaching input/output
/// to handling data exchange with the server during the build.
///
/// Callers should use the `send` method on the returned object to send messages
/// to the server. The caller should send an `.end` after the final message has been sent.
///
/// - Parameters:
/// - callOptions: Call options.
/// - handler: A closure called when each response is received from the server.
/// - Returns: A `ClientStreamingCall` with futures for the metadata and status.
public func performBuild(
callOptions: CallOptions? = nil,
handler: @escaping (Com_Apple_Container_Build_V1_ServerStream) -> Void
) -> BidirectionalStreamingCall<Com_Apple_Container_Build_V1_ClientStream, Com_Apple_Container_Build_V1_ServerStream> {
return self.makeBidirectionalStreamingCall(
path: Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.performBuild.path,
callOptions: callOptions ?? self.defaultCallOptions,
interceptors: self.interceptors?.makePerformBuildInterceptors() ?? [],
handler: handler
)
}
/// Unary call to Info
///
/// - Parameters:
/// - request: Request to send to Info.
/// - callOptions: Call options.
/// - Returns: A `UnaryCall` with futures for the metadata, status and response.
public func info(
_ request: Com_Apple_Container_Build_V1_InfoRequest,
callOptions: CallOptions? = nil
) -> UnaryCall<Com_Apple_Container_Build_V1_InfoRequest, Com_Apple_Container_Build_V1_InfoResponse> {
return self.makeUnaryCall(
path: Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.info.path,
request: request,
callOptions: callOptions ?? self.defaultCallOptions,
interceptors: self.interceptors?.makeInfoInterceptors() ?? []
)
}
}
@available(*, deprecated)
extension Com_Apple_Container_Build_V1_BuilderClient: @unchecked Sendable {}
@available(*, deprecated, renamed: "Com_Apple_Container_Build_V1_BuilderNIOClient")
public final class Com_Apple_Container_Build_V1_BuilderClient: Com_Apple_Container_Build_V1_BuilderClientProtocol {
private let lock = Lock()
private var _defaultCallOptions: CallOptions
private var _interceptors: Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol?
public let channel: GRPCChannel
public var defaultCallOptions: CallOptions {
get { self.lock.withLock { return self._defaultCallOptions } }
set { self.lock.withLockVoid { self._defaultCallOptions = newValue } }
}
public var interceptors: Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol? {
get { self.lock.withLock { return self._interceptors } }
set { self.lock.withLockVoid { self._interceptors = newValue } }
}
/// Creates a client for the com.apple.container.build.v1.Builder service.
///
/// - Parameters:
/// - channel: `GRPCChannel` to the service host.
/// - defaultCallOptions: Options to use for each service call if the user doesn't provide them.
/// - interceptors: A factory providing interceptors for each RPC.
public init(
channel: GRPCChannel,
defaultCallOptions: CallOptions = CallOptions(),
interceptors: Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol? = nil
) {
self.channel = channel
self._defaultCallOptions = defaultCallOptions
self._interceptors = interceptors
}
}
public struct Com_Apple_Container_Build_V1_BuilderNIOClient: Com_Apple_Container_Build_V1_BuilderClientProtocol {
public var channel: GRPCChannel
public var defaultCallOptions: CallOptions
public var interceptors: Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol?
/// Creates a client for the com.apple.container.build.v1.Builder service.
///
/// - Parameters:
/// - channel: `GRPCChannel` to the service host.
/// - defaultCallOptions: Options to use for each service call if the user doesn't provide them.
/// - interceptors: A factory providing interceptors for each RPC.
public init(
channel: GRPCChannel,
defaultCallOptions: CallOptions = CallOptions(),
interceptors: Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol? = nil
) {
self.channel = channel
self.defaultCallOptions = defaultCallOptions
self.interceptors = interceptors
}
}
/// Builder service implements APIs for performing an image build with
/// Container image builder agent.
///
/// To perform a build:
///
/// 1. CreateBuild to create a new build
/// 2. StartBuild to start the build execution where client and server
/// both have a stream for exchanging data during the build.
///
/// The client may send:
/// a) signal packet to signal to the build process (e.g. SIGINT)
///
/// b) command packet for executing a command in the build file on the
/// server
/// NOTE: the server will need to switch on the command to determine the
/// type of command to execute (e.g. RUN, ENV, etc.)
///
/// c) transfer build data either to or from the server
/// - INTO direction is for sending build data to the server at specific
/// location (e.g. COPY)
/// - OUTOF direction is for copying build data from the server to be
/// used in subsequent build stages
///
/// d) transfer image content data either to or from the server
/// - INTO direction is for sending inherited image content data to the
/// server's local content store
/// - OUTOF direction is for copying successfully built OCI image from
/// the server to the client
///
/// The server may send:
/// a) stdio packet for the build progress
///
/// b) build error indicating unsuccessful build
///
/// c) command complete packet indicating a command has finished executing
///
/// d) handle transfer build data either to or from the client
///
/// e) handle transfer image content data either to or from the client
///
///
/// NOTE: The build data and image content data transfer is ALWAYS initiated
/// by the client.
///
/// Sequence for transferring from the client to the server:
/// 1. client send a BuildTransfer/ImageTransfer request with ID, direction
/// of 'INTO',
/// destination path, and first chunk of data
/// 2. server starts to receive the data and stream to a temporary file
/// 3. client continues to send all chunks of data until last chunk, which
/// client will
/// send with 'complete' set to true
/// 4. server continues to receive until the last chunk with 'complete' set
/// to true,
/// server will finish writing the last chunk and un-archive the
/// temporary file to the destination path
/// 5. server completes the transfer by sending a last
/// BuildTransfer/ImageTransfer with
/// 'complete' set to true
/// 6. client waits for the last BuildTransfer/ImageTransfer with 'complete'
/// set to true
/// before proceeding with the rest of the commands
///
/// Sequence for transferring from the server to the client:
/// 1. client send a BuildTransfer/ImageTransfer request with ID, direction
/// of 'OUTOF',
/// source path, and empty data
/// 2. server archives the data at source path, and starts to send chunks to
/// the client
/// 3. server continues to send all chunks until last chunk, which server
/// will send with
/// 'complete' set to true
/// 4. client starts to receive the data and stream to a temporary file
/// 5. client continues to receive until the last chunk with 'complete' set
/// to true,
/// client will finish writing last chunk and un-archive the temporary
/// file to the destination path
/// 6. client MAY choose to send one last BuildTransfer/ImageTransfer with
/// 'complete'
/// set to true, but NOT required.
///
///
/// NOTE: the client should close the send stream once it has finished
/// receiving the build output or abandon the current build due to error.
/// Server should keep the stream open until it receives the EOF that client
/// has closed the stream, which the server should then close its send stream.
@available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *)
public protocol Com_Apple_Container_Build_V1_BuilderAsyncClientProtocol: GRPCClient {
static var serviceDescriptor: GRPCServiceDescriptor { get }
var interceptors: Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol? { get }
func makeCreateBuildCall(
_ request: Com_Apple_Container_Build_V1_CreateBuildRequest,
callOptions: CallOptions?
) -> GRPCAsyncUnaryCall<Com_Apple_Container_Build_V1_CreateBuildRequest, Com_Apple_Container_Build_V1_CreateBuildResponse>
func makePerformBuildCall(
callOptions: CallOptions?
) -> GRPCAsyncBidirectionalStreamingCall<Com_Apple_Container_Build_V1_ClientStream, Com_Apple_Container_Build_V1_ServerStream>
func makeInfoCall(
_ request: Com_Apple_Container_Build_V1_InfoRequest,
callOptions: CallOptions?
) -> GRPCAsyncUnaryCall<Com_Apple_Container_Build_V1_InfoRequest, Com_Apple_Container_Build_V1_InfoResponse>
}
@available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *)
extension Com_Apple_Container_Build_V1_BuilderAsyncClientProtocol {
public static var serviceDescriptor: GRPCServiceDescriptor {
return Com_Apple_Container_Build_V1_BuilderClientMetadata.serviceDescriptor
}
public var interceptors: Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol? {
return nil
}
public func makeCreateBuildCall(
_ request: Com_Apple_Container_Build_V1_CreateBuildRequest,
callOptions: CallOptions? = nil
) -> GRPCAsyncUnaryCall<Com_Apple_Container_Build_V1_CreateBuildRequest, Com_Apple_Container_Build_V1_CreateBuildResponse> {
return self.makeAsyncUnaryCall(
path: Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.createBuild.path,
request: request,
callOptions: callOptions ?? self.defaultCallOptions,
interceptors: self.interceptors?.makeCreateBuildInterceptors() ?? []
)
}
public func makePerformBuildCall(
callOptions: CallOptions? = nil
) -> GRPCAsyncBidirectionalStreamingCall<Com_Apple_Container_Build_V1_ClientStream, Com_Apple_Container_Build_V1_ServerStream> {
return self.makeAsyncBidirectionalStreamingCall(
path: Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.performBuild.path,
callOptions: callOptions ?? self.defaultCallOptions,
interceptors: self.interceptors?.makePerformBuildInterceptors() ?? []
)
}
public func makeInfoCall(
_ request: Com_Apple_Container_Build_V1_InfoRequest,
callOptions: CallOptions? = nil
) -> GRPCAsyncUnaryCall<Com_Apple_Container_Build_V1_InfoRequest, Com_Apple_Container_Build_V1_InfoResponse> {
return self.makeAsyncUnaryCall(
path: Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.info.path,
request: request,
callOptions: callOptions ?? self.defaultCallOptions,
interceptors: self.interceptors?.makeInfoInterceptors() ?? []
)
}
}
@available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *)
extension Com_Apple_Container_Build_V1_BuilderAsyncClientProtocol {
public func createBuild(
_ request: Com_Apple_Container_Build_V1_CreateBuildRequest,
callOptions: CallOptions? = nil
) async throws -> Com_Apple_Container_Build_V1_CreateBuildResponse {
return try await self.performAsyncUnaryCall(
path: Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.createBuild.path,
request: request,
callOptions: callOptions ?? self.defaultCallOptions,
interceptors: self.interceptors?.makeCreateBuildInterceptors() ?? []
)
}
public func performBuild<RequestStream>(
_ requests: RequestStream,
callOptions: CallOptions? = nil
) -> GRPCAsyncResponseStream<Com_Apple_Container_Build_V1_ServerStream> where RequestStream: Sequence, RequestStream.Element == Com_Apple_Container_Build_V1_ClientStream {
return self.performAsyncBidirectionalStreamingCall(
path: Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.performBuild.path,
requests: requests,
callOptions: callOptions ?? self.defaultCallOptions,
interceptors: self.interceptors?.makePerformBuildInterceptors() ?? []
)
}
public func performBuild<RequestStream>(
_ requests: RequestStream,
callOptions: CallOptions? = nil
) -> GRPCAsyncResponseStream<Com_Apple_Container_Build_V1_ServerStream> where RequestStream: AsyncSequence & Sendable, RequestStream.Element == Com_Apple_Container_Build_V1_ClientStream {
return self.performAsyncBidirectionalStreamingCall(
path: Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.performBuild.path,
requests: requests,
callOptions: callOptions ?? self.defaultCallOptions,
interceptors: self.interceptors?.makePerformBuildInterceptors() ?? []
)
}
public func info(
_ request: Com_Apple_Container_Build_V1_InfoRequest,
callOptions: CallOptions? = nil
) async throws -> Com_Apple_Container_Build_V1_InfoResponse {
return try await self.performAsyncUnaryCall(
path: Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.info.path,
request: request,
callOptions: callOptions ?? self.defaultCallOptions,
interceptors: self.interceptors?.makeInfoInterceptors() ?? []
)
}
}
@available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *)
public struct Com_Apple_Container_Build_V1_BuilderAsyncClient: Com_Apple_Container_Build_V1_BuilderAsyncClientProtocol {
public var channel: GRPCChannel
public var defaultCallOptions: CallOptions
public var interceptors: Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol?
public init(
channel: GRPCChannel,
defaultCallOptions: CallOptions = CallOptions(),
interceptors: Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol? = nil
) {
self.channel = channel
self.defaultCallOptions = defaultCallOptions
self.interceptors = interceptors
}
}
public protocol Com_Apple_Container_Build_V1_BuilderClientInterceptorFactoryProtocol: Sendable {
/// - Returns: Interceptors to use when invoking 'createBuild'.
func makeCreateBuildInterceptors() -> [ClientInterceptor<Com_Apple_Container_Build_V1_CreateBuildRequest, Com_Apple_Container_Build_V1_CreateBuildResponse>]
/// - Returns: Interceptors to use when invoking 'performBuild'.
func makePerformBuildInterceptors() -> [ClientInterceptor<Com_Apple_Container_Build_V1_ClientStream, Com_Apple_Container_Build_V1_ServerStream>]
/// - Returns: Interceptors to use when invoking 'info'.
func makeInfoInterceptors() -> [ClientInterceptor<Com_Apple_Container_Build_V1_InfoRequest, Com_Apple_Container_Build_V1_InfoResponse>]
}
public enum Com_Apple_Container_Build_V1_BuilderClientMetadata {
public static let serviceDescriptor = GRPCServiceDescriptor(
name: "Builder",
fullName: "com.apple.container.build.v1.Builder",
methods: [
Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.createBuild,
Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.performBuild,
Com_Apple_Container_Build_V1_BuilderClientMetadata.Methods.info,
]
)
public enum Methods {
public static let createBuild = GRPCMethodDescriptor(
name: "CreateBuild",
path: "/com.apple.container.build.v1.Builder/CreateBuild",
type: GRPCCallType.unary
)
public static let performBuild = GRPCMethodDescriptor(
name: "PerformBuild",
path: "/com.apple.container.build.v1.Builder/PerformBuild",
type: GRPCCallType.bidirectionalStreaming
)
public static let info = GRPCMethodDescriptor(
name: "Info",
path: "/com.apple.container.build.v1.Builder/Info",
type: GRPCCallType.unary
)
}
}
/// Builder service implements APIs for performing an image build with
/// Container image builder agent.
///
/// To perform a build:
///
/// 1. CreateBuild to create a new build
/// 2. StartBuild to start the build execution where client and server
/// both have a stream for exchanging data during the build.
///
/// The client may send:
/// a) signal packet to signal to the build process (e.g. SIGINT)
///
/// b) command packet for executing a command in the build file on the
/// server
/// NOTE: the server will need to switch on the command to determine the
/// type of command to execute (e.g. RUN, ENV, etc.)
///
/// c) transfer build data either to or from the server
/// - INTO direction is for sending build data to the server at specific
/// location (e.g. COPY)
/// - OUTOF direction is for copying build data from the server to be
/// used in subsequent build stages
///
/// d) transfer image content data either to or from the server
/// - INTO direction is for sending inherited image content data to the
/// server's local content store
/// - OUTOF direction is for copying successfully built OCI image from
/// the server to the client
///
/// The server may send:
/// a) stdio packet for the build progress
///
/// b) build error indicating unsuccessful build
///
/// c) command complete packet indicating a command has finished executing
///
/// d) handle transfer build data either to or from the client
///
/// e) handle transfer image content data either to or from the client
///
///
/// NOTE: The build data and image content data transfer is ALWAYS initiated
/// by the client.
///
/// Sequence for transferring from the client to the server:
/// 1. client send a BuildTransfer/ImageTransfer request with ID, direction
/// of 'INTO',
/// destination path, and first chunk of data
/// 2. server starts to receive the data and stream to a temporary file
/// 3. client continues to send all chunks of data until last chunk, which
/// client will
/// send with 'complete' set to true
/// 4. server continues to receive until the last chunk with 'complete' set
/// to true,
/// server will finish writing the last chunk and un-archive the
/// temporary file to the destination path
/// 5. server completes the transfer by sending a last
/// BuildTransfer/ImageTransfer with
/// 'complete' set to true
/// 6. client waits for the last BuildTransfer/ImageTransfer with 'complete'
/// set to true
/// before proceeding with the rest of the commands
///
/// Sequence for transferring from the server to the client:
/// 1. client send a BuildTransfer/ImageTransfer request with ID, direction
/// of 'OUTOF',
/// source path, and empty data
/// 2. server archives the data at source path, and starts to send chunks to
/// the client
/// 3. server continues to send all chunks until last chunk, which server
/// will send with
/// 'complete' set to true
/// 4. client starts to receive the data and stream to a temporary file
/// 5. client continues to receive until the last chunk with 'complete' set
/// to true,
/// client will finish writing last chunk and un-archive the temporary
/// file to the destination path
/// 6. client MAY choose to send one last BuildTransfer/ImageTransfer with
/// 'complete'
/// set to true, but NOT required.
///
///
/// NOTE: the client should close the send stream once it has finished
/// receiving the build output or abandon the current build due to error.
/// Server should keep the stream open until it receives the EOF that client
/// has closed the stream, which the server should then close its send stream.
///
/// To build a server, implement a class that conforms to this protocol.
public protocol Com_Apple_Container_Build_V1_BuilderProvider: CallHandlerProvider {
var interceptors: Com_Apple_Container_Build_V1_BuilderServerInterceptorFactoryProtocol? { get }
/// Create a build request.
func createBuild(request: Com_Apple_Container_Build_V1_CreateBuildRequest, context: StatusOnlyCallContext) -> EventLoopFuture<Com_Apple_Container_Build_V1_CreateBuildResponse>
/// Perform the build.
/// Executes the entire build sequence with attaching input/output
/// to handling data exchange with the server during the build.
func performBuild(context: StreamingResponseCallContext<Com_Apple_Container_Build_V1_ServerStream>) -> EventLoopFuture<(StreamEvent<Com_Apple_Container_Build_V1_ClientStream>) -> Void>
func info(request: Com_Apple_Container_Build_V1_InfoRequest, context: StatusOnlyCallContext) -> EventLoopFuture<Com_Apple_Container_Build_V1_InfoResponse>
}
extension Com_Apple_Container_Build_V1_BuilderProvider {
public var serviceName: Substring {
return Com_Apple_Container_Build_V1_BuilderServerMetadata.serviceDescriptor.fullName[...]
}
/// Determines, calls and returns the appropriate request handler, depending on the request's method.
/// Returns nil for methods not handled by this service.
public func handle(
method name: Substring,
context: CallHandlerContext
) -> GRPCServerHandlerProtocol? {
switch name {
case "CreateBuild":
return UnaryServerHandler(
context: context,
requestDeserializer: ProtobufDeserializer<Com_Apple_Container_Build_V1_CreateBuildRequest>(),
responseSerializer: ProtobufSerializer<Com_Apple_Container_Build_V1_CreateBuildResponse>(),
interceptors: self.interceptors?.makeCreateBuildInterceptors() ?? [],
userFunction: self.createBuild(request:context:)
)
case "PerformBuild":
return BidirectionalStreamingServerHandler(
context: context,
requestDeserializer: ProtobufDeserializer<Com_Apple_Container_Build_V1_ClientStream>(),
responseSerializer: ProtobufSerializer<Com_Apple_Container_Build_V1_ServerStream>(),
interceptors: self.interceptors?.makePerformBuildInterceptors() ?? [],
observerFactory: self.performBuild(context:)
)
case "Info":
return UnaryServerHandler(
context: context,
requestDeserializer: ProtobufDeserializer<Com_Apple_Container_Build_V1_InfoRequest>(),
responseSerializer: ProtobufSerializer<Com_Apple_Container_Build_V1_InfoResponse>(),
interceptors: self.interceptors?.makeInfoInterceptors() ?? [],
userFunction: self.info(request:context:)
)
default:
return nil
}
}
}
/// Builder service implements APIs for performing an image build with
/// Container image builder agent.
///
/// To perform a build:
///
/// 1. CreateBuild to create a new build
/// 2. StartBuild to start the build execution where client and server
/// both have a stream for exchanging data during the build.
///
/// The client may send:
/// a) signal packet to signal to the build process (e.g. SIGINT)
///
/// b) command packet for executing a command in the build file on the
/// server
/// NOTE: the server will need to switch on the command to determine the
/// type of command to execute (e.g. RUN, ENV, etc.)
///
/// c) transfer build data either to or from the server
/// - INTO direction is for sending build data to the server at specific
/// location (e.g. COPY)
/// - OUTOF direction is for copying build data from the server to be
/// used in subsequent build stages
///
/// d) transfer image content data either to or from the server
/// - INTO direction is for sending inherited image content data to the
/// server's local content store
/// - OUTOF direction is for copying successfully built OCI image from
/// the server to the client
///
/// The server may send:
/// a) stdio packet for the build progress
///
/// b) build error indicating unsuccessful build
///
/// c) command complete packet indicating a command has finished executing
///
/// d) handle transfer build data either to or from the client
///
/// e) handle transfer image content data either to or from the client
///
///
/// NOTE: The build data and image content data transfer is ALWAYS initiated
/// by the client.
///
/// Sequence for transferring from the client to the server:
/// 1. client send a BuildTransfer/ImageTransfer request with ID, direction
/// of 'INTO',
/// destination path, and first chunk of data
/// 2. server starts to receive the data and stream to a temporary file
/// 3. client continues to send all chunks of data until last chunk, which
/// client will
/// send with 'complete' set to true
/// 4. server continues to receive until the last chunk with 'complete' set
/// to true,
/// server will finish writing the last chunk and un-archive the
/// temporary file to the destination path
/// 5. server completes the transfer by sending a last
/// BuildTransfer/ImageTransfer with
/// 'complete' set to true
/// 6. client waits for the last BuildTransfer/ImageTransfer with 'complete'
/// set to true
/// before proceeding with the rest of the commands
///
/// Sequence for transferring from the server to the client:
/// 1. client send a BuildTransfer/ImageTransfer request with ID, direction
/// of 'OUTOF',
/// source path, and empty data
/// 2. server archives the data at source path, and starts to send chunks to
/// the client
/// 3. server continues to send all chunks until last chunk, which server
/// will send with
/// 'complete' set to true
/// 4. client starts to receive the data and stream to a temporary file
/// 5. client continues to receive until the last chunk with 'complete' set
/// to true,
/// client will finish writing last chunk and un-archive the temporary
/// file to the destination path
/// 6. client MAY choose to send one last BuildTransfer/ImageTransfer with
/// 'complete'
/// set to true, but NOT required.
///
///
/// NOTE: the client should close the send stream once it has finished
/// receiving the build output or abandon the current build due to error.
/// Server should keep the stream open until it receives the EOF that client
/// has closed the stream, which the server should then close its send stream.
///
/// To implement a server, implement an object which conforms to this protocol.
@available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *)
public protocol Com_Apple_Container_Build_V1_BuilderAsyncProvider: CallHandlerProvider, Sendable {
static var serviceDescriptor: GRPCServiceDescriptor { get }
var interceptors: Com_Apple_Container_Build_V1_BuilderServerInterceptorFactoryProtocol? { get }
/// Create a build request.
func createBuild(
request: Com_Apple_Container_Build_V1_CreateBuildRequest,
context: GRPCAsyncServerCallContext
) async throws -> Com_Apple_Container_Build_V1_CreateBuildResponse
/// Perform the build.
/// Executes the entire build sequence with attaching input/output
/// to handling data exchange with the server during the build.
func performBuild(
requestStream: GRPCAsyncRequestStream<Com_Apple_Container_Build_V1_ClientStream>,
responseStream: GRPCAsyncResponseStreamWriter<Com_Apple_Container_Build_V1_ServerStream>,
context: GRPCAsyncServerCallContext
) async throws
func info(
request: Com_Apple_Container_Build_V1_InfoRequest,
context: GRPCAsyncServerCallContext
) async throws -> Com_Apple_Container_Build_V1_InfoResponse
}
@available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *)
extension Com_Apple_Container_Build_V1_BuilderAsyncProvider {
public static var serviceDescriptor: GRPCServiceDescriptor {
return Com_Apple_Container_Build_V1_BuilderServerMetadata.serviceDescriptor
}
public var serviceName: Substring {
return Com_Apple_Container_Build_V1_BuilderServerMetadata.serviceDescriptor.fullName[...]
}
public var interceptors: Com_Apple_Container_Build_V1_BuilderServerInterceptorFactoryProtocol? {
return nil
}
public func handle(
method name: Substring,
context: CallHandlerContext
) -> GRPCServerHandlerProtocol? {
switch name {
case "CreateBuild":
return GRPCAsyncServerHandler(
context: context,
requestDeserializer: ProtobufDeserializer<Com_Apple_Container_Build_V1_CreateBuildRequest>(),
responseSerializer: ProtobufSerializer<Com_Apple_Container_Build_V1_CreateBuildResponse>(),
interceptors: self.interceptors?.makeCreateBuildInterceptors() ?? [],
wrapping: { try await self.createBuild(request: $0, context: $1) }
)
case "PerformBuild":
return GRPCAsyncServerHandler(
context: context,
requestDeserializer: ProtobufDeserializer<Com_Apple_Container_Build_V1_ClientStream>(),
responseSerializer: ProtobufSerializer<Com_Apple_Container_Build_V1_ServerStream>(),
interceptors: self.interceptors?.makePerformBuildInterceptors() ?? [],
wrapping: { try await self.performBuild(requestStream: $0, responseStream: $1, context: $2) }
)
case "Info":
return GRPCAsyncServerHandler(
context: context,
requestDeserializer: ProtobufDeserializer<Com_Apple_Container_Build_V1_InfoRequest>(),
responseSerializer: ProtobufSerializer<Com_Apple_Container_Build_V1_InfoResponse>(),
interceptors: self.interceptors?.makeInfoInterceptors() ?? [],
wrapping: { try await self.info(request: $0, context: $1) }
)
default:
return nil
}
}
}
public protocol Com_Apple_Container_Build_V1_BuilderServerInterceptorFactoryProtocol: Sendable {
/// - Returns: Interceptors to use when handling 'createBuild'.
/// Defaults to calling `self.makeInterceptors()`.
func makeCreateBuildInterceptors() -> [ServerInterceptor<Com_Apple_Container_Build_V1_CreateBuildRequest, Com_Apple_Container_Build_V1_CreateBuildResponse>]
/// - Returns: Interceptors to use when handling 'performBuild'.
/// Defaults to calling `self.makeInterceptors()`.
func makePerformBuildInterceptors() -> [ServerInterceptor<Com_Apple_Container_Build_V1_ClientStream, Com_Apple_Container_Build_V1_ServerStream>]
/// - Returns: Interceptors to use when handling 'info'.
/// Defaults to calling `self.makeInterceptors()`.
func makeInfoInterceptors() -> [ServerInterceptor<Com_Apple_Container_Build_V1_InfoRequest, Com_Apple_Container_Build_V1_InfoResponse>]
}
public enum Com_Apple_Container_Build_V1_BuilderServerMetadata {
public static let serviceDescriptor = GRPCServiceDescriptor(
name: "Builder",
fullName: "com.apple.container.build.v1.Builder",
methods: [
Com_Apple_Container_Build_V1_BuilderServerMetadata.Methods.createBuild,
Com_Apple_Container_Build_V1_BuilderServerMetadata.Methods.performBuild,
Com_Apple_Container_Build_V1_BuilderServerMetadata.Methods.info,
]
)
public enum Methods {
public static let createBuild = GRPCMethodDescriptor(
name: "CreateBuild",
path: "/com.apple.container.build.v1.Builder/CreateBuild",
type: GRPCCallType.unary
)
public static let performBuild = GRPCMethodDescriptor(
name: "PerformBuild",
path: "/com.apple.container.build.v1.Builder/PerformBuild",
type: GRPCCallType.bidirectionalStreaming
)
public static let info = GRPCMethodDescriptor(
name: "Info",
path: "/com.apple.container.build.v1.Builder/Info",
type: GRPCCallType.unary
)
}
}
================================================
FILE: Sources/ContainerBuild/Builder.pb.swift
================================================
//===----------------------------------------------------------------------===//
// Copyright © 2025-2026 Apple Inc. and the container project authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//===----------------------------------------------------------------------===//
// DO NOT EDIT.
// swift-format-ignore-file
// swiftlint:disable all
//
// Generated by the Swift generator plugin for the protocol buffer compiler.
// Source: Builder.proto
//
// For information on using the generated types, please see the documentation:
// https://github.com/apple/swift-protobuf/
import Foundation
import SwiftProtobuf
// If the compiler emits an error on this type, it is because this file
// was generated by a version of the `protoc` Swift plug-in that is
// incompatible with the version of SwiftProtobuf to which you are linking.
// Please ensure that you are building against the same version of the API
// that was used to generate this file.
fileprivate struct _GeneratedWithProtocGenSwiftVersion: SwiftProtobuf.ProtobufAPIVersionCheck {
struct _2: SwiftProtobuf.ProtobufAPIVersion_2 {}
typealias Version = _2
}
public enum Com_Apple_Container_Build_V1_TransferDirection: SwiftProtobuf.Enum, Swift.CaseIterable {
public typealias RawValue = Int
case into // = 0
case outof // = 1
case UNRECOGNIZED(Int)
public init() {
self = .into
}
public init?(rawValue: Int) {
switch rawValue {
case 0: self = .into
case 1: self = .outof
default: self = .UNRECOGNIZED(rawValue)
}
}
public var rawValue: Int {
switch self {
case .into: return 0
case .outof: return 1
case .UNRECOGNIZED(let i): return i
}
}
// The compiler won't synthesize support with the UNRECOGNIZED case.
public static let allCases: [Com_Apple_Container_Build_V1_TransferDirection] = [
.into,
.outof,
]
}
/// Standard input/output.
public enum Com_Apple_Container_Build_V1_Stdio: SwiftProtobuf.Enum, Swift.CaseIterable {
public typealias RawValue = Int
case stdin // = 0
case stdout // = 1
case stderr // = 2
case UNRECOGNIZED(Int)
public init() {
self = .stdin
}
public init?(rawValue: Int) {
switch rawValue {
case 0: self = .stdin
case 1: self = .stdout
case 2: self = .stderr
default: self = .UNRECOGNIZED(rawValue)
}
}
public var rawValue: Int {
switch self {
case .stdin: return 0
case .stdout: return 1
case .stderr: return 2
case .UNRECOGNIZED(let i): return i
}
}
// The compiler won't synthesize support with the UNRECOGNIZED case.
public static let allCases: [Com_Apple_Container_Build_V1_Stdio] = [
.stdin,
.stdout,
.stderr,
]
}
/// Build error type.
public enum Com_Apple_Container_Build_V1_BuildErrorType: SwiftProtobuf.Enum, Swift.CaseIterable {
public typealias RawValue = Int
case buildFailed // = 0
case `internal` // = 1
case UNRECOGNIZED(Int)
public init() {
self = .buildFailed
}
public init?(rawValue: Int) {
switch rawValue {
case 0: self = .buildFailed
case 1: self = .internal
default: self = .UNRECOGNIZED(rawValue)
}
}
public var rawValue: Int {
switch self {
case .buildFailed: return 0
case .internal: return 1
case .UNRECOGNIZED(let i): return i
}
}
// The compiler won't synthesize support with the UNRECOGNIZED case.
public static let allCases: [Com_Apple_Container_Build_V1_BuildErrorType] = [
.buildFailed,
.internal,
]
}
public struct Com_Apple_Container_Build_V1_InfoRequest: Sendable {
// SwiftProtobuf.Message conformance is added in an extension below. See the
// `Message` and `Message+*Additions` files in the SwiftProtobuf library for
// methods supported on all messages.
public var unknownFields = SwiftProtobuf.UnknownStorage()
public init() {}
}
public struct Com_Apple_Container_Build_V1_InfoResponse: Sendable {
// SwiftProtobuf.Message conformance is added in an extension below. See the
// `Message` and `Message+*Additions` files in the SwiftProtobuf library for
// methods supported on all messages.
public var unknownFields = SwiftProtobuf.UnknownStorage()
public init() {}
}
public struct Com_Apple_Container_Build_V1_CreateBuildRequest: Sendable {
// SwiftProtobuf.Message conformance is added in an extension below. See the
// `Message` and `Message+*Additions` files in the SwiftProtobuf library for
// methods supported on all messages.
/// The name of the build stage.
public var stageName: String = String()
/// The tag of the image to be created.
public var tag: String = String()
/// Any additional metadata to be associated with the build.
public var metadata: Dictionary<String,String> = [:]
/// Additional build arguments.
public var buildArgs: [String] = []
/// Enable debug logging.
public var debug: Bool = false
public var unknownFields = SwiftProtobuf.UnknownStorage()
public init() {}
}
public struct Com_Apple_Container_Build_V1_CreateBuildResponse: Sendable {
// SwiftProtobuf.Message conformance is added in an extension below. See the
// `Message` and `Message+*Additions` files in the SwiftProtobuf library for
// methods supported on all messages.
/// A unique ID for the build.
public var buildID: String = String()
/// Any additional metadata to be associated with the build.
public var metadata: Dictionary<String,String> = [:]
public var unknownFields = SwiftProtobuf.UnknownStorage()
public init() {}
}
public struct Com_Apple_Container_Build_V1_ClientStream: @unchecked Sendable {
// SwiftProtobuf.Message conformance is added in an extension below. See the
// `Message` and `Message+*Additions` files in the SwiftProtobuf library for
// methods supported on all messages.
/// A unique ID for the build.
public var buildID: String {
get {return _storage._buildID}
set {_uniqueStorage()._buildID = newValue}
}
/// The packet type.
public var packetType: OneOf_PacketType? {
get {return _storage._packetType}
set {_uniqueStorage()._packetType = newValue}
}
public var signal: Com_Apple_Container_Build_V1_Signal {
get {
if case .signal(let v)? = _storage._packetType {return v}
return Com_Apple_Container_Build_V1_Signal()
}
set {_uniqueStorage()._packetType = .signal(newValue)}
}
public var command: Com_Apple_Container_Build_V1_Run {
get {
if case .command(let v)? = _storage._packetType {return v}
return Com_Apple_Container_Build_V1_Run()
}
set {_uniqueStorage()._packetType = .command(newValue)}
}
public var buildTransfer: Com_Apple_Container_Build_V1_BuildTransfer {
get {
if case .buildTransfer(let v)? = _storage._packetType {return v}
return Com_Apple_Container_Build_V1_BuildTransfer()
}
set {_uniqueStorage()._packetType = .buildTransfer(newValue)}
}
public var imageTransfer: Com_Apple_Container_Build_V1_ImageTransfer {
get {
if case .imageTransfer(let v)? = _storage._packetType {return v}
return Com_Apple_Container_Build_V1_ImageTransfer()
}
set {_uniqueStorage()._packetType = .imageTransfer(newValue)}
}
public var unknownFields = SwiftProtobuf.UnknownStorage()
/// The packet type.
public enum OneOf_PacketType: Equatable, Sendable {
case signal(Com_Apple_Container_Build_V1_Signal)
case command(Com_Apple_Container_Build_V1_Run)
case buildTransfer(Com_Apple_Container_Build_V1_BuildTransfer)
case imageTransfer(Com_Apple_Container_Build_V1_ImageTransfer)
}
public init() {}
fileprivate var _storage = _StorageClass.defaultInstance
}
public struct Com_Apple_Container_Build_V1_Signal: Sendable {
// SwiftProtobuf.Message conformance is added in an extension below. See the
// `Message` and `Message+*Additions` files in the SwiftProtobuf library for
// methods supported on all messages.
/// A POSIX signal to send to the build process.
/// Can be used for cancelling builds.
public var signal: Int32 = 0
public var unknownFields = SwiftProtobuf.UnknownStorage()
public init() {}
}
public struct Com_Apple_Container_Build_V1_Run: Sendable {
// SwiftProtobuf.Message conformance is added in an extension below. See the
// `Message` and `Message+*Additions` files in the SwiftProtobuf library for
// methods supported on all messages.
/// A unique ID for the execution.
public var id: String = String()
/// The type of command to execute.
public var command: String = String()
public var unknownFields = SwiftProtobuf.UnknownStorage()
public init() {}
}
public struct Com_Apple_Container_Build_V1_RunComplete: Sendable {
// SwiftProtobuf.Message conformance is added in an extension below. See the
// `Message` and `Message+*Additions` files in the SwiftProtobuf library for
// methods supported on all messages.
/// A unique ID for the execution.
public var id: String = String()
public var unknownFields = SwiftProtobuf.UnknownStorage()
public init() {}
}
public struct Com_Apple_Container_Build_V1_BuildTransfer: @unchecked Sendable {
// SwiftProtobuf.Message conformance is added in an extension below. See the
// `Message` and `Message+*Additions` files in the SwiftProtobuf library for
// methods supported on all messages.
/// A unique ID for the transfer.
public var id: String = String()
/// The direction for transferring data (either to the server or from the
/// server).
public var direction: Com_Apple_Container_Build_V1_TransferDirection = .into
/// The absolute path to the source from the server perspective.
public var source: String {
get {return _source ?? String()}
set {_source = newValue}
}
/// Returns true if `source` has been explicitly set.
public var hasSource: Bool {return self._source != nil}
/// Clears the value of `source`. Subsequent reads from it will return its default value.
public mutating func clearSource() {self._source = nil}
/// The absolute path for the destination from the server perspective.
public var destination: String {
get {return _destination ?? String()}
set {_destination = newValue}
}
/// Returns true if `destination` has been explicitly set.
public var hasDestination: Bool {return self._destination != nil}
/// Clears the value of `destination`. Subsequent reads from it will return its default value.
public mutating func clearDestination() {self._destination = nil}
/// The actual data bytes to be transferred.
public var data: Data = Data()
/// Signal to indicate that the transfer of data for the request has finished.
public var complete: Bool = false
/// Boolean to indicate if the content is a directory.
public var isDirectory: Bool = false
/// Metadata for the transfer.
public var metadata: Dictionary<String,String> = [:]
public var unknownFields = SwiftProtobuf.UnknownStorage()
public init() {}
fil
gitextract_3edvqd6j/
├── .github/
│ ├── ISSUE_TEMPLATE/
│ │ ├── 01-bug.yml
│ │ ├── 02-feature.yml
│ │ └── config.yml
│ ├── dependabot.yml
│ ├── labeler.yml
│ ├── pull_request_template.md
│ └── workflows/
│ ├── common.yml
│ ├── docs-release.yml
│ ├── merge-build.yml
│ ├── pr-build.yml
│ ├── pr-label-analysis.yml
│ ├── pr-label-apply.yml
│ ├── release-build.yml
│ └── release.yml
├── .gitignore
├── .spi.yml
├── .swift-format
├── .swift-format-nolint
├── BUILDING.md
├── CONTRIBUTING.md
├── LICENSE
├── MAINTAINERS.txt
├── Makefile
├── Package.resolved
├── Package.swift
├── Protobuf.Makefile
├── README.md
├── SECURITY.md
├── Sources/
│ ├── CAuditToken/
│ │ ├── AuditToken.c
│ │ └── include/
│ │ └── AuditToken.h
│ ├── CLI/
│ │ └── ContainerCLI.swift
│ ├── CVersion/
│ │ ├── Version.c
│ │ └── include/
│ │ └── Version.h
│ ├── ContainerBuild/
│ │ ├── BuildAPI+Extensions.swift
│ │ ├── BuildFSSync.swift
│ │ ├── BuildFile.swift
│ │ ├── BuildImageResolver.swift
│ │ ├── BuildPipelineHandler.swift
│ │ ├── BuildRemoteContentProxy.swift
│ │ ├── BuildStdio.swift
│ │ ├── Builder.grpc.swift
│ │ ├── Builder.pb.swift
│ │ ├── Builder.swift
│ │ ├── Globber.swift
│ │ ├── TerminalCommand.swift
│ │ └── URL+Extensions.swift
│ ├── ContainerCommands/
│ │ ├── AggregateError.swift
│ │ ├── Application.swift
│ │ ├── AsyncLoggableCommand.swift
│ │ ├── BuildCommand.swift
│ │ ├── Builder/
│ │ │ ├── Builder.swift
│ │ │ ├── BuilderDelete.swift
│ │ │ ├── BuilderStart.swift
│ │ │ ├── BuilderStatus.swift
│ │ │ └── BuilderStop.swift
│ │ ├── Codable+JSON.swift
│ │ ├── Container/
│ │ │ ├── ContainerCreate.swift
│ │ │ ├── ContainerDelete.swift
│ │ │ ├── ContainerExec.swift
│ │ │ ├── ContainerExport.swift
│ │ │ ├── ContainerInspect.swift
│ │ │ ├── ContainerKill.swift
│ │ │ ├── ContainerList.swift
│ │ │ ├── ContainerLogs.swift
│ │ │ ├── ContainerPrune.swift
│ │ │ ├── ContainerRun.swift
│ │ │ ├── ContainerStart.swift
│ │ │ ├── ContainerStats.swift
│ │ │ ├── ContainerStop.swift
│ │ │ └── ProcessUtils.swift
│ │ ├── DefaultCommand.swift
│ │ ├── Image/
│ │ │ ├── ImageCommand.swift
│ │ │ ├── ImageDelete.swift
│ │ │ ├── ImageInspect.swift
│ │ │ ├── ImageList.swift
│ │ │ ├── ImageLoad.swift
│ │ │ ├── ImagePrune.swift
│ │ │ ├── ImagePull.swift
│ │ │ ├── ImagePush.swift
│ │ │ ├── ImageSave.swift
│ │ │ └── ImageTag.swift
│ │ ├── Network/
│ │ │ ├── NetworkCommand.swift
│ │ │ ├── NetworkCreate.swift
│ │ │ ├── NetworkDelete.swift
│ │ │ ├── NetworkInspect.swift
│ │ │ ├── NetworkList.swift
│ │ │ └── NetworkPrune.swift
│ │ ├── Registry/
│ │ │ ├── RegistryCommand.swift
│ │ │ ├── RegistryList.swift
│ │ │ ├── RegistryLogin.swift
│ │ │ └── RegistryLogout.swift
│ │ ├── System/
│ │ │ ├── DNS/
│ │ │ │ ├── DNSCreate.swift
│ │ │ │ ├── DNSDelete.swift
│ │ │ │ └── DNSList.swift
│ │ │ ├── Kernel/
│ │ │ │ └── KernelSet.swift
│ │ │ ├── Property/
│ │ │ │ ├── PropertyClear.swift
│ │ │ │ ├── PropertyGet.swift
│ │ │ │ ├── PropertyList.swift
│ │ │ │ └── PropertySet.swift
│ │ │ ├── SystemCommand.swift
│ │ │ ├── SystemDF.swift
│ │ │ ├── SystemDNS.swift
│ │ │ ├── SystemKernel.swift
│ │ │ ├── SystemLogs.swift
│ │ │ ├── SystemProperty.swift
│ │ │ ├── SystemStart.swift
│ │ │ ├── SystemStatus.swift
│ │ │ ├── SystemStop.swift
│ │ │ └── SystemVersion.swift
│ │ └── Volume/
│ │ ├── VolumeCommand.swift
│ │ ├── VolumeCreate.swift
│ │ ├── VolumeDelete.swift
│ │ ├── VolumeInspect.swift
│ │ ├── VolumeList.swift
│ │ └── VolumePrune.swift
│ ├── ContainerLog/
│ │ ├── FileLogHandler.swift
│ │ ├── OSLogHandler.swift
│ │ ├── ServiceLogger.swift
│ │ └── StderrLogHandler.swift
│ ├── ContainerOS/
│ │ ├── DirectoryWatcher.swift
│ │ └── LocalNetworkPrivacy.swift
│ ├── ContainerPersistence/
│ │ ├── DefaultsStore.swift
│ │ └── EntityStore.swift
│ ├── ContainerPlugin/
│ │ ├── ApplicationRoot.swift
│ │ ├── InstallRoot.swift
│ │ ├── LaunchPlist.swift
│ │ ├── LogRoot.swift
│ │ ├── Plugin.swift
│ │ ├── PluginConfig.swift
│ │ ├── PluginFactory.swift
│ │ ├── PluginLoader.swift
│ │ └── ServiceManager.swift
│ ├── ContainerResource/
│ │ ├── Common/
│ │ │ ├── ManagedResource.swift
│ │ │ └── ResourceLabels.swift
│ │ ├── Container/
│ │ │ ├── Bundle.swift
│ │ │ ├── ContainerConfiguration.swift
│ │ │ ├── ContainerCreateOptions.swift
│ │ │ ├── ContainerListFilters.swift
│ │ │ ├── ContainerSnapshot.swift
│ │ │ ├── ContainerStats.swift
│ │ │ ├── ContainerStopOptions.swift
│ │ │ ├── Filesystem.swift
│ │ │ ├── ProcessConfiguration.swift
│ │ │ ├── PublishPort.swift
│ │ │ ├── PublishSocket.swift
│ │ │ └── RuntimeStatus.swift
│ │ ├── Image/
│ │ │ ├── ImageDescription.swift
│ │ │ └── ImageDetail.swift
│ │ ├── Network/
│ │ │ ├── AllocatedAttachment.swift
│ │ │ ├── Attachment.swift
│ │ │ ├── AttachmentConfiguration.swift
│ │ │ ├── NetworkConfiguration.swift
│ │ │ ├── NetworkMode.swift
│ │ │ └── NetworkState.swift
│ │ ├── Registry/
│ │ │ └── RegistryResource.swift
│ │ └── Volume/
│ │ └── Volume.swift
│ ├── ContainerVersion/
│ │ ├── Bundle+AppBundle.swift
│ │ ├── CommandLine+Executable.swift
│ │ └── ReleaseVersion.swift
│ ├── ContainerXPC/
│ │ ├── XPCClient.swift
│ │ ├── XPCMessage.swift
│ │ └── XPCServer.swift
│ ├── DNSServer/
│ │ ├── DNSHandler.swift
│ │ ├── DNSServer+Handle.swift
│ │ ├── DNSServer.swift
│ │ ├── Handlers/
│ │ │ ├── CompositeResolver.swift
│ │ │ ├── HostTableResolver.swift
│ │ │ ├── NxDomainResolver.swift
│ │ │ └── StandardQueryValidator.swift
│ │ ├── Records/
│ │ │ ├── DNSBindError.swift
│ │ │ ├── DNSEnums.swift
│ │ │ ├── DNSName.swift
│ │ │ ├── IPAddressProtocol.swift
│ │ │ ├── Message.swift
│ │ │ ├── Question.swift
│ │ │ ├── ResourceRecord.swift
│ │ │ └── UInt8+Binding.swift
│ │ └── Types.swift
│ ├── Helpers/
│ │ ├── APIServer/
│ │ │ ├── APIServer+Start.swift
│ │ │ ├── APIServer.swift
│ │ │ ├── ContainerDNSHandler.swift
│ │ │ └── LocalhostDNSHandler.swift
│ │ ├── Images/
│ │ │ └── ImagesHelper.swift
│ │ ├── NetworkVmnet/
│ │ │ ├── NetworkVmnetHelper+Start.swift
│ │ │ └── NetworkVmnetHelper.swift
│ │ └── RuntimeLinux/
│ │ ├── IsolatedInterfaceStrategy.swift
│ │ ├── NonisolatedInterfaceStrategy.swift
│ │ ├── RuntimeLinuxHelper+Start.swift
│ │ └── RuntimeLinuxHelper.swift
│ ├── Services/
│ │ ├── ContainerAPIService/
│ │ │ ├── Client/
│ │ │ │ ├── Arch.swift
│ │ │ │ ├── Archiver.swift
│ │ │ │ ├── Array+Dedupe.swift
│ │ │ │ ├── ClientDiskUsage.swift
│ │ │ │ ├── ClientHealthCheck.swift
│ │ │ │ ├── ClientImage.swift
│ │ │ │ ├── ClientKernel.swift
│ │ │ │ ├── ClientNetwork.swift
│ │ │ │ ├── ClientProcess.swift
│ │ │ │ ├── ClientVolume.swift
│ │ │ │ ├── Constants.swift
│ │ │ │ ├── ContainerClient.swift
│ │ │ │ ├── ContainerizationProgressAdapter.swift
│ │ │ │ ├── DefaultPlatform.swift
│ │ │ │ ├── DiskUsage.swift
│ │ │ │ ├── FileDownloader.swift
│ │ │ │ ├── Flags.swift
│ │ │ │ ├── HostDNSResolver.swift
│ │ │ │ ├── ImageLoadResult.swift
│ │ │ │ ├── Measurement+Parse.swift
│ │ │ │ ├── PacketFilter.swift
│ │ │ │ ├── Parser.swift
│ │ │ │ ├── ProcessIO.swift
│ │ │ │ ├── ProgressUpdateClient.swift
│ │ │ │ ├── ProgressUpdateService.swift
│ │ │ │ ├── RequestScheme.swift
│ │ │ │ ├── SignalThreshold.swift
│ │ │ │ ├── String+Extensions.swift
│ │ │ │ ├── SystemHealth.swift
│ │ │ │ ├── TableOutput.swift
│ │ │ │ ├── Utility.swift
│ │ │ │ └── XPC+.swift
│ │ │ └── Server/
│ │ │ ├── Containers/
│ │ │ │ ├── ContainersHarness.swift
│ │ │ │ └── ContainersService.swift
│ │ │ ├── DiskUsage/
│ │ │ │ ├── DiskUsageHarness.swift
│ │ │ │ └── DiskUsageService.swift
│ │ │ ├── HealthCheck/
│ │ │ │ └── HealthCheckHarness.swift
│ │ │ ├── Kernel/
│ │ │ │ ├── KernelHarness.swift
│ │ │ │ └── KernelService.swift
│ │ │ ├── Networks/
│ │ │ │ ├── NetworksHarness.swift
│ │ │ │ └── NetworksService.swift
│ │ │ ├── Plugin/
│ │ │ │ ├── PluginsHarness.swift
│ │ │ │ └── PluginsService.swift
│ │ │ └── Volumes/
│ │ │ ├── VolumesHarness.swift
│ │ │ └── VolumesService.swift
│ │ ├── ContainerImagesService/
│ │ │ ├── Client/
│ │ │ │ ├── ImageServiceXPCKeys.swift
│ │ │ │ ├── ImageServiceXPCRoutes.swift
│ │ │ │ └── RemoteContentStoreClient.swift
│ │ │ └── Server/
│ │ │ ├── ContentServiceHarness.swift
│ │ │ ├── ContentStoreService.swift
│ │ │ ├── ImagesService.swift
│ │ │ ├── ImagesServiceHarness.swift
│ │ │ └── SnapshotStore.swift
│ │ ├── ContainerNetworkService/
│ │ │ ├── Client/
│ │ │ │ ├── NetworkClient.swift
│ │ │ │ ├── NetworkKeys.swift
│ │ │ │ └── NetworkRoutes.swift
│ │ │ └── Server/
│ │ │ ├── AllocationOnlyVmnetNetwork.swift
│ │ │ ├── AttachmentAllocator.swift
│ │ │ ├── Network.swift
│ │ │ ├── NetworkService.swift
│ │ │ └── ReservedVmnetNetwork.swift
│ │ └── ContainerSandboxService/
│ │ ├── Client/
│ │ │ ├── Bundle+Log.swift
│ │ │ ├── ExitMonitor.swift
│ │ │ ├── SandboxClient.swift
│ │ │ ├── SandboxKeys.swift
│ │ │ ├── SandboxRoutes.swift
│ │ │ ├── SandboxRuntimeConfiguration.swift
│ │ │ └── SandboxSnapshot.swift
│ │ └── Server/
│ │ ├── InterfaceStrategy.swift
│ │ └── SandboxService.swift
│ ├── SocketForwarder/
│ │ ├── ConnectHandler.swift
│ │ ├── GlueHandler.swift
│ │ ├── LRUCache.swift
│ │ ├── SocketForwarder.swift
│ │ ├── SocketForwarderResult.swift
│ │ ├── TCPForwarder.swift
│ │ └── UDPForwarder.swift
│ └── TerminalProgress/
│ ├── Int+Formatted.swift
│ ├── Int64+Formatted.swift
│ ├── ProgressBar+Add.swift
│ ├── ProgressBar+State.swift
│ ├── ProgressBar+Terminal.swift
│ ├── ProgressBar.swift
│ ├── ProgressConfig.swift
│ ├── ProgressTaskCoordinator.swift
│ ├── ProgressTheme.swift
│ ├── ProgressUpdate.swift
│ └── StandardError.swift
├── Tests/
│ ├── CLITests/
│ │ ├── Subcommands/
│ │ │ ├── Build/
│ │ │ │ ├── CLIBuildBase.swift
│ │ │ │ ├── CLIBuilderEnvOnlyTest.swift
│ │ │ │ ├── CLIBuilderLifecycleTest.swift
│ │ │ │ ├── CLIBuilderLocalOutputTest.swift
│ │ │ │ ├── CLIBuilderTarExportTest.swift
│ │ │ │ ├── CLIBuilderTest.swift
│ │ │ │ ├── CLIRunBase.swift
│ │ │ │ └── TestCLITermIO.swift
│ │ │ ├── Containers/
│ │ │ │ ├── TestCLICreate.swift
│ │ │ │ ├── TestCLIExec.swift
│ │ │ │ ├── TestCLIExport.swift
│ │ │ │ ├── TestCLIPrune.swift
│ │ │ │ ├── TestCLIRmRace.swift
│ │ │ │ └── TestCLIStats.swift
│ │ │ ├── Images/
│ │ │ │ └── TestCLIImagesCommand.swift
│ │ │ ├── Networks/
│ │ │ │ └── TestCLINetwork.swift
│ │ │ ├── Plugins/
│ │ │ │ └── TestCLIPluginErrors.swift
│ │ │ ├── Registry/
│ │ │ │ └── TestCLIRegistry.swift
│ │ │ ├── Run/
│ │ │ │ ├── TestCLIRunCommand.swift
│ │ │ │ ├── TestCLIRunInitImage.swift
│ │ │ │ └── TestCLIRunLifecycle.swift
│ │ │ ├── System/
│ │ │ │ ├── TestCLIStatus.swift
│ │ │ │ ├── TestCLIVersion.swift
│ │ │ │ └── TestKernelSet.swift
│ │ │ └── Volumes/
│ │ │ ├── TestCLIAnonymousVolumes.swift
│ │ │ └── TestCLIVolumes.swift
│ │ ├── TestCLINoParallelCases.swift
│ │ └── Utilities/
│ │ └── CLITest.swift
│ ├── ContainerAPIClientTests/
│ │ ├── ArchTests.swift
│ │ ├── DefaultPlatformTests.swift
│ │ ├── DiskUsageTests.swift
│ │ ├── HostDNSResolverTest.swift
│ │ ├── Measurement+ParseTests.swift
│ │ ├── PacketFilterTest.swift
│ │ ├── ParserTest.swift
│ │ ├── RequestSchemeTests.swift
│ │ └── UtilityTests.swift
│ ├── ContainerBuildTests/
│ │ ├── BuildFile.swift
│ │ ├── BuilderExtensionsTests.swift
│ │ └── GlobberTests.swift
│ ├── ContainerNetworkServiceTests/
│ │ └── AttachmentAllocatorTest.swift
│ ├── ContainerOSTests/
│ │ └── DirectoryWatcherTest.swift
│ ├── ContainerPluginTests/
│ │ ├── CommandLine+ExecutableTest.swift
│ │ ├── MockPluginFactory.swift
│ │ ├── PluginConfigTest.swift
│ │ ├── PluginFactoryTest.swift
│ │ ├── PluginLoaderTest.swift
│ │ └── PluginTest.swift
│ ├── ContainerResourceTests/
│ │ ├── ManagedResourceTests.swift
│ │ ├── NetworkConfigurationTest.swift
│ │ ├── PublishPortTests.swift
│ │ ├── RegistryResourceTests.swift
│ │ └── VolumeValidationTests.swift
│ ├── ContainerSandboxServiceTests/
│ │ └── RuntimeConfigurationTests.swift
│ ├── DNSServerTests/
│ │ ├── CompositeResolverTest.swift
│ │ ├── HostTableResolverTest.swift
│ │ ├── MockHandlers.swift
│ │ ├── NxDomainResolverTest.swift
│ │ ├── RecordsTests.swift
│ │ └── StandardQueryValidatorTest.swift
│ ├── SocketForwarderTests/
│ │ ├── ConnectHandlerRaceTest.swift
│ │ ├── LRUCacheTest.swift
│ │ ├── TCPEchoHandler.swift
│ │ ├── TCPEchoServer.swift
│ │ ├── TCPForwarderTest.swift
│ │ ├── UDPEchoHandler.swift
│ │ ├── UDPEchoServer.swift
│ │ └── UDPForwarderTest.swift
│ └── TerminalProgressTests/
│ └── ProgressBarTests.swift
├── config/
│ ├── container-core-images-config.json
│ ├── container-network-vmnet-config.json
│ └── container-runtime-linux-config.json
├── docs/
│ ├── command-reference.md
│ ├── how-to.md
│ ├── technical-overview.md
│ └── tutorial.md
├── licenserc.toml
├── scripts/
│ ├── container-header-style.toml
│ ├── ensure-container-stopped.sh
│ ├── ensure-hawkeye-exists.sh
│ ├── install-hawkeye.sh
│ ├── install-init.sh
│ ├── license-header.txt
│ ├── make-docs.sh
│ ├── pre-commit.fmt
│ ├── uninstall-container.sh
│ └── update-container.sh
└── signing/
├── container-network-vmnet.entitlements
└── container-runtime-linux.entitlements
Condensed preview — 366 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (2,172K chars).
[
{
"path": ".github/ISSUE_TEMPLATE/01-bug.yml",
"chars": 2143,
"preview": "name: Bug report\ndescription: File a bug report.\ntitle: \"[Bug]: \"\ntype: \"Bug\"\nbody:\n - type: markdown\n attributes:\n "
},
{
"path": ".github/ISSUE_TEMPLATE/02-feature.yml",
"chars": 975,
"preview": "name: Feature or enhancement request\ndescription: File a request for a feature or enhancement\ntitle: \"[Request]: \"\ntype:"
},
{
"path": ".github/ISSUE_TEMPLATE/config.yml",
"chars": 186,
"preview": "blank_issues_enabled: false\ncontact_links:\n - name: Container community support\n url: https://github.com/apple/conta"
},
{
"path": ".github/dependabot.yml",
"chars": 225,
"preview": "version: 2\nupdates:\n - package-ecosystem: \"github-actions\"\n directory: \"/\"\n schedule:\n interval: \"weekly\"\n "
},
{
"path": ".github/labeler.yml",
"chars": 287,
"preview": "cli:\n - changed-files:\n - any-glob-to-any-file:\n - 'Sources/CLI/**'\n - 'Sources/ContainerCommands/**'\n\ndoc"
},
{
"path": ".github/pull_request_template.md",
"chars": 241,
"preview": "## Type of Change\n- [ ] Bug fix\n- [ ] New feature \n- [ ] Breaking change\n- [ ] Documentation update\n\n## Motivation and "
},
{
"path": ".github/workflows/common.yml",
"chars": 4955,
"preview": "name: container project - common jobs\n\npermissions:\n contents: read\n\non:\n workflow_call:\n inputs:\n release:\n "
},
{
"path": ".github/workflows/docs-release.yml",
"chars": 1143,
"preview": "# Manual workflow for releasing docs ad-hoc. Workflow can only be run for main or release branches.\n# Workflow does NOT "
},
{
"path": ".github/workflows/merge-build.yml",
"chars": 336,
"preview": "name: container project - merge build\n\npermissions:\n contents: read\n\non:\n push:\n branches:\n - main\n - rel"
},
{
"path": ".github/workflows/pr-build.yml",
"chars": 1593,
"preview": "name: container project - PR build\n\npermissions:\n contents: read\n\non:\n pull_request:\n types: [opened, reopened, syn"
},
{
"path": ".github/workflows/pr-label-analysis.yml",
"chars": 682,
"preview": "name: PR Label Analysis\n\non:\n pull_request:\n types: [opened]\n\npermissions:\n contents: read\n\njobs:\n analyze:\n na"
},
{
"path": ".github/workflows/pr-label-apply.yml",
"chars": 1361,
"preview": "name: PR Label Apply\n\non:\n workflow_run:\n workflows: [\"PR Label Analysis\"]\n types:\n - completed\n\npermissions"
},
{
"path": ".github/workflows/release-build.yml",
"chars": 1484,
"preview": "name: container project - release build\n\npermissions:\n contents: read\n\non:\n push:\n tags:\n - \"[0-9]+\\\\.[0-9]+\\\\"
},
{
"path": ".github/workflows/release.yml",
"chars": 1484,
"preview": "name: container project - release build\n\npermissions:\n contents: read\n\non:\n push:\n tags:\n - \"[0-9]+\\\\.[0-9]+\\\\"
},
{
"path": ".gitignore",
"chars": 260,
"preview": ".DS_Store\nbin\nlibexec\n.build\n.local\nxcuserdata/\nDerivedData/\nPackages/\n.swiftpm/\n.netrc\n.swiftpm\napi-docs/\nworkdir/\ninst"
},
{
"path": ".spi.yml",
"chars": 499,
"preview": "version: 1\nbuilder:\n configs:\n -\n documentation_targets:\n - ContainerAPIService\n - ContainerAPICl"
},
{
"path": ".swift-format",
"chars": 2372,
"preview": "{\n \"fileScopedDeclarationPrivacy\" : {\n \"accessLevel\" : \"private\"\n },\n \"indentation\" : {\n \"spaces\" : 4\n },\n \"i"
},
{
"path": ".swift-format-nolint",
"chars": 2395,
"preview": "{\n \"fileScopedDeclarationPrivacy\" : {\n \"accessLevel\" : \"private\"\n },\n \"indentation\" : {\n \"spaces\" : 4\n },\n \"i"
},
{
"path": "BUILDING.md",
"chars": 7162,
"preview": "# Building the project\n\nTo build the `container` project, you need:\n\n- Mac with Apple silicon\n- macOS 15 minimum, macOS "
},
{
"path": "CONTRIBUTING.md",
"chars": 178,
"preview": "# Contributing\n\nContributions are welcome and encouraged! Read our [main contributing guide](https://github.com/apple/co"
},
{
"path": "LICENSE",
"chars": 11357,
"preview": " Apache License\n Version 2.0, January 2004\n "
},
{
"path": "MAINTAINERS.txt",
"chars": 204,
"preview": "# Maintainers\n\nSee [MAINTAINERS](https://github.com/apple/containerization/blob/main/MAINTAINERS.txt) for the list of cu"
},
{
"path": "Makefile",
"chars": 12815,
"preview": "# Copyright © 2025-2026 Apple Inc. and the container project authors.\n#\n# Licensed under the Apache License, Version 2.0"
},
{
"path": "Package.resolved",
"chars": 7345,
"preview": "{\n \"originHash\" : \"4ec05f4e83999a89d3397d0657536924d4a425d7f0e3f0fd6a3578e34c924502\",\n \"pins\" : [\n {\n \"identit"
},
{
"path": "Package.swift",
"chars": 20968,
"preview": "// swift-tools-version: 6.2\n//===----------------------------------------------------------------------===//\n// Copyrigh"
},
{
"path": "Protobuf.Makefile",
"chars": 2462,
"preview": "# Copyright © 2025-2026 Apple Inc. and the container project authors.\n#\n# Licensed under the Apache License, Version 2.0"
},
{
"path": "README.md",
"chars": 3877,
"preview": "# `container`\n\n`container` is a tool that you can use to create and run Linux containers as lightweight virtual machines"
},
{
"path": "SECURITY.md",
"chars": 1482,
"preview": "# Security disclosure process\n\nIf you believe that you have discovered a security or privacy vulnerability in our open s"
},
{
"path": "Sources/CAuditToken/AuditToken.c",
"chars": 855,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/CAuditToken/include/AuditToken.h",
"chars": 917,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/CLI/ContainerCLI.swift",
"chars": 1348,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/CVersion/Version.c",
"chars": 1100,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/CVersion/include/Version.h",
"chars": 1212,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/BuildAPI+Extensions.swift",
"chars": 4639,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/BuildFSSync.swift",
"chars": 18533,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/BuildFile.swift",
"chars": 1919,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/BuildImageResolver.swift",
"chars": 6429,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/BuildPipelineHandler.swift",
"chars": 7368,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/BuildRemoteContentProxy.swift",
"chars": 7120,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/BuildStdio.swift",
"chars": 2306,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/Builder.grpc.swift",
"chars": 38672,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/Builder.pb.swift",
"chars": 59327,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/Builder.swift",
"chars": 14324,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/Globber.swift",
"chars": 4282,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/TerminalCommand.swift",
"chars": 1592,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerBuild/URL+Extensions.swift",
"chars": 9516,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/AggregateError.swift",
"chars": 1256,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerCommands/Application.swift",
"chars": 9527,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/AsyncLoggableCommand.swift",
"chars": 1291,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerCommands/BuildCommand.swift",
"chars": 23242,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Builder/Builder.swift",
"chars": 1420,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Builder/BuilderDelete.swift",
"chars": 2302,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Builder/BuilderStart.swift",
"chars": 13791,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Builder/BuilderStatus.swift",
"chars": 3568,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Builder/BuilderStop.swift",
"chars": 1804,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Codable+JSON.swift",
"chars": 1001,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerCreate.swift",
"chars": 3895,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerDelete.swift",
"chars": 4504,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerExec.swift",
"chars": 4275,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerExport.swift",
"chars": 2948,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerCommands/Container/ContainerInspect.swift",
"chars": 1680,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerKill.swift",
"chars": 2858,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerList.swift",
"chars": 3879,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerLogs.swift",
"chars": 5124,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerPrune.swift",
"chars": 2393,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerCommands/Container/ContainerRun.swift",
"chars": 6281,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerStart.swift",
"chars": 4119,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerStats.swift",
"chars": 10853,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ContainerStop.swift",
"chars": 3893,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Container/ProcessUtils.swift",
"chars": 1201,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/DefaultCommand.swift",
"chars": 4040,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Image/ImageCommand.swift",
"chars": 1529,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Image/ImageDelete.swift",
"chars": 4059,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Image/ImageInspect.swift",
"chars": 2734,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Image/ImageList.swift",
"chars": 7887,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Image/ImageLoad.swift",
"chars": 4418,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Image/ImagePrune.swift",
"chars": 3670,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Image/ImagePull.swift",
"chars": 4044,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Image/ImagePush.swift",
"chars": 2962,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Image/ImageSave.swift",
"chars": 4534,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Image/ImageTag.swift",
"chars": 1655,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Network/NetworkCommand.swift",
"chars": 1430,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Network/NetworkCreate.swift",
"chars": 2895,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Network/NetworkDelete.swift",
"chars": 5003,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Network/NetworkInspect.swift",
"chars": 1600,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Network/NetworkList.swift",
"chars": 3326,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Network/NetworkPrune.swift",
"chars": 2732,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Registry/RegistryCommand.swift",
"chars": 1359,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Registry/RegistryList.swift",
"chars": 2881,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerCommands/Registry/RegistryLogin.swift",
"chars": 3825,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerCommands/Registry/RegistryLogout.swift",
"chars": 1541,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerCommands/System/DNS/DNSCreate.swift",
"chars": 3358,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/DNS/DNSDelete.swift",
"chars": 2589,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/DNS/DNSList.swift",
"chars": 2383,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/Kernel/KernelSet.swift",
"chars": 5441,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/Property/PropertyClear.swift",
"chars": 1596,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/Property/PropertyGet.swift",
"chars": 1755,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/Property/PropertyList.swift",
"chars": 2910,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/Property/PropertySet.swift",
"chars": 4241,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/SystemCommand.swift",
"chars": 1554,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/SystemDF.swift",
"chars": 4134,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/SystemDNS.swift",
"chars": 1354,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/SystemKernel.swift",
"chars": 1265,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/SystemLogs.swift",
"chars": 2992,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/SystemProperty.swift",
"chars": 1443,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/SystemStart.swift",
"chars": 8078,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/SystemStatus.swift",
"chars": 5456,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/SystemStop.swift",
"chars": 4551,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/System/SystemVersion.swift",
"chars": 3135,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerCommands/Volume/VolumeCommand.swift",
"chars": 1422,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Volume/VolumeCreate.swift",
"chars": 2233,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Volume/VolumeDelete.swift",
"chars": 3831,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Volume/VolumeInspect.swift",
"chars": 1847,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Volume/VolumeList.swift",
"chars": 2984,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerCommands/Volume/VolumePrune.swift",
"chars": 2920,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerLog/FileLogHandler.swift",
"chars": 3752,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerLog/OSLogHandler.swift",
"chars": 2960,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerLog/ServiceLogger.swift",
"chars": 2743,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerLog/StderrLogHandler.swift",
"chars": 2588,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerOS/DirectoryWatcher.swift",
"chars": 5056,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerOS/LocalNetworkPrivacy.swift",
"chars": 4863,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerPersistence/DefaultsStore.swift",
"chars": 9560,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerPersistence/EntityStore.swift",
"chars": 4519,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerPlugin/ApplicationRoot.swift",
"chars": 1380,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerPlugin/InstallRoot.swift",
"chars": 1383,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerPlugin/LaunchPlist.swift",
"chars": 4315,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerPlugin/LogRoot.swift",
"chars": 1606,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerPlugin/Plugin.swift",
"chars": 3898,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerPlugin/PluginConfig.swift",
"chars": 5426,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerPlugin/PluginFactory.swift",
"chars": 3547,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerPlugin/PluginLoader.swift",
"chars": 9984,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerPlugin/ServiceManager.swift",
"chars": 5844,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerResource/Common/ManagedResource.swift",
"chars": 2441,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Common/ResourceLabels.swift",
"chars": 1441,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/Bundle.swift",
"chars": 6298,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/ContainerConfiguration.swift",
"chars": 6341,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/ContainerCreateOptions.swift",
"chars": 1306,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/ContainerListFilters.swift",
"chars": 1522,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/ContainerSnapshot.swift",
"chars": 1921,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/ContainerStats.swift",
"chars": 2335,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/ContainerStopOptions.swift",
"chars": 1190,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/Filesystem.swift",
"chars": 6105,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/ProcessConfiguration.swift",
"chars": 3479,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/PublishPort.swift",
"chars": 3384,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/PublishSocket.swift",
"chars": 1465,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Container/RuntimeStatus.swift",
"chars": 1160,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Image/ImageDescription.swift",
"chars": 1391,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Image/ImageDetail.swift",
"chars": 1506,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Network/AllocatedAttachment.swift",
"chars": 1431,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Network/Attachment.swift",
"chars": 4253,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Network/AttachmentConfiguration.swift",
"chars": 1832,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Network/NetworkConfiguration.swift",
"chars": 6518,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Network/NetworkMode.swift",
"chars": 1496,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Network/NetworkState.swift",
"chars": 4155,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Registry/RegistryResource.swift",
"chars": 4945,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerResource/Volume/Volume.swift",
"chars": 4157,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/ContainerVersion/Bundle+AppBundle.swift",
"chars": 1358,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerVersion/CommandLine+Executable.swift",
"chars": 1589,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerVersion/ReleaseVersion.swift",
"chars": 1838,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerXPC/XPCClient.swift",
"chars": 5199,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerXPC/XPCMessage.swift",
"chars": 8832,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/ContainerXPC/XPCServer.swift",
"chars": 10268,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/DNSServer/DNSHandler.swift",
"chars": 1201,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/DNSServer/DNSServer+Handle.swift",
"chars": 5009,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/DNSServer/DNSServer.swift",
"chars": 3209,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/DNSServer/Handlers/CompositeResolver.swift",
"chars": 1297,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/DNSServer/Handlers/HostTableResolver.swift",
"chars": 3975,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/DNSServer/Handlers/NxDomainResolver.swift",
"chars": 1644,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/DNSServer/Handlers/StandardQueryValidator.swift",
"chars": 2379,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/DNSServer/Records/DNSBindError.swift",
"chars": 1842,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/DNSServer/Records/DNSEnums.swift",
"chars": 8821,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/DNSServer/Records/DNSName.swift",
"chars": 8119,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/DNSServer/Records/IPAddressProtocol.swift",
"chars": 1338,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/DNSServer/Records/Message.swift",
"chars": 10991,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/DNSServer/Records/Question.swift",
"chars": 4776,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/DNSServer/Records/ResourceRecord.swift",
"chars": 3941,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/DNSServer/Records/UInt8+Binding.swift",
"chars": 3064,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/DNSServer/Types.swift",
"chars": 1761,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Helpers/APIServer/APIServer+Start.swift",
"chars": 15851,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Helpers/APIServer/APIServer.swift",
"chars": 1154,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Helpers/APIServer/ContainerDNSHandler.swift",
"chars": 4068,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Helpers/APIServer/LocalhostDNSHandler.swift",
"chars": 3954,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Helpers/Images/ImagesHelper.swift",
"chars": 5803,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Helpers/NetworkVmnet/NetworkVmnetHelper+Start.swift",
"chars": 5512,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Helpers/NetworkVmnet/NetworkVmnetHelper.swift",
"chars": 1201,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Helpers/RuntimeLinux/IsolatedInterfaceStrategy.swift",
"chars": 1602,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Helpers/RuntimeLinux/NonisolatedInterfaceStrategy.swift",
"chars": 2302,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Helpers/RuntimeLinux/RuntimeLinuxHelper+Start.swift",
"chars": 6012,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Helpers/RuntimeLinux/RuntimeLinuxHelper.swift",
"chars": 1201,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2025-2026 Apple Inc. and"
},
{
"path": "Sources/Services/ContainerAPIService/Client/Arch.swift",
"chars": 1268,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Services/ContainerAPIService/Client/Archiver.swift",
"chars": 11911,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Services/ContainerAPIService/Client/Array+Dedupe.swift",
"chars": 956,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Services/ContainerAPIService/Client/ClientDiskUsage.swift",
"chars": 1630,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Services/ContainerAPIService/Client/ClientHealthCheck.swift",
"chars": 3084,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Services/ContainerAPIService/Client/ClientImage.swift",
"chars": 23076,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Services/ContainerAPIService/Client/ClientKernel.swift",
"chars": 3915,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Services/ContainerAPIService/Client/ClientNetwork.swift",
"chars": 3663,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Services/ContainerAPIService/Client/ClientProcess.swift",
"chars": 3989,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Services/ContainerAPIService/Client/ClientVolume.swift",
"chars": 3497,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
},
{
"path": "Sources/Services/ContainerAPIService/Client/Constants.swift",
"chars": 987,
"preview": "//===----------------------------------------------------------------------===//\n// Copyright © 2026 Apple Inc. and the "
}
]
// ... and 166 more files (download for full content)
About this extraction
This page contains the full source code of the apple/container GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 366 files (2.0 MB), approximately 536.6k tokens. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.