search

darwin-containers / rund

OCI Container Runtime for Darwin
Apache License 2.0
432 stars 13 forks source link

Xcode image or at least Dockerfile #16

Open slonopotamus opened 9 months ago

slonopotamus commented 9 months ago

It should be something like

FROM ghcr.io/macoscontainers/macos-jail/ventura:latest
RUN curl -L -4 https://storage.googleapis.com/xcodes-cache/Xcode_14.3.1.xip -o /xcode.xip
RUN curl -L https://github.com/XcodesOrg/xcodes/releases/download/1.4.1/xcodes.zip -o /xcodes.zip && \
    mkdir -p /usr/local/bin && \
    unzip /xcodes.zip -d /usr/local/bin && \
    rm /xcodes.zip && \
    codesign --remove-signature /usr/local/bin/xcodes
RUN mkdir -m 775 /Applications
RUN xcodes install 14.3.1 --path /xcode.xip
RUN xcodes select 14.3.1
RUN xcodebuild -downloadAllPlatforms

But xcodes install crashes currently.

Note to myself: I forgot why I do codesign --remove-signature /usr/bin/xcodes. Maybe I shouldn't? Or it should be put in a different directory where macOS doesn't care about signing?

slonopotamus commented 9 months ago

Aaaaargh... We're almost there

FROM ghcr.io/macoscontainers/macos-jail/ventura:latest
RUN curl -L -4 https://storage.googleapis.com/xcodes-cache/Xcode_14.3.1.xip -o /xcode.xip
RUN curl -L https://github.com/XcodesOrg/xcodes/releases/download/1.4.1/xcodes.zip -o /xcodes.zip && \
    mkdir -p /usr/local/bin && \
    unzip /xcodes.zip -d /usr/local/bin && \
    rm /xcodes.zip && \
    codesign --remove-signature /usr/local/bin/xcodes
RUN mkdir -m 775 /Applications
RUN xcodes install 14.3.1 --experimental-unxip --path /xcode.xip --select
% docker build .
[+] Building 416.4s (9/9) FINISHED                                                                                                                                                           docker:default
 => [internal] load build definition from Dockerfile                                                                                                                                                   0.0s
 => => transferring dockerfile: 563B                                                                                                                                                                   0.0s
 => [internal] load metadata for ghcr.io/macoscontainers/macos-jail/ventura:latest                                                                                                                     1.1s
 => [auth] macoscontainers/macos-jail/ventura:pull token for ghcr.io                                                                                                                                   0.0s
 => [internal] load .dockerignore                                                                                                                                                                      0.0s
 => => transferring context: 2B                                                                                                                                                                        0.0s
 => [1/5] FROM ghcr.io/macoscontainers/macos-jail/ventura:latest@sha256:e2e480b375688538d1d8c37251f87e029a49d751d68ad80d4ae27f27c0278481                                                               0.0s
 => => resolve ghcr.io/macoscontainers/macos-jail/ventura:latest@sha256:e2e480b375688538d1d8c37251f87e029a49d751d68ad80d4ae27f27c0278481                                                               0.0s
 => CACHED [2/5] RUN curl -L -4 https://storage.googleapis.com/xcodes-cache/Xcode_14.3.1.xip -o /xcode.xip                                                                                             0.0s
 => CACHED [3/5] RUN curl -L https://github.com/XcodesOrg/xcodes/releases/download/1.4.1/xcodes.zip -o /xcodes.zip &&     mkdir -p /usr/local/bin &&     unzip /xcodes.zip -d /usr/local/bin &&     r  0.0s
 => CACHED [4/5] RUN mkdir -m 775 /Applications                                                                                                                                                        0.0s
 => ERROR [5/5] RUN xcodes install 14.3.1 --experimental-unxip --path /xcode.xip --select                                                                                            414.8s
------                                                                                                                                                                                                      
 > [5/5] RUN xcodes install 14.3.1 --experimental-unxip --path /xcode.xip --select:                                                                                                          
414.5 (2/6) Unarchiving Xcode (This can take a while)                                                                                                                                                       
414.5 Using experimental unxip. If you encounter any issues, remove the flag and try again                                                                                                                  
414.5 (3/6) Moving Xcode to /Applications/Xcode-14.3.1.app
414.5 Failed to move Xcode to the /Applications directory.
------
Dockerfile:9
--------------------
   7 |         codesign --remove-signature /usr/local/bin/xcodes
   8 |     RUN mkdir -m 775 /Applications
   9 | >>> RUN xcodes install 14.3.1 --experimental-unxip --path /xcode.xip --select
  10 |     
--------------------
ERROR: failed to solve: process "/bin/sh -c xcodes install 14.3.1 --experimental-unxip --path /xcode.xip --select" did not complete successfully: exit code: 1
slonopotamus commented 9 months ago

Thoughts: do I actually need xcodes? Does it do anything useful? Can't I just xip -x?

UPD: weird.

# xip -x /xcode.xip 
xip: error: OUT_OF_SPACE_ERROR
slonopotamus commented 9 months ago

A better attempt:

FROM ghcr.io/macoscontainers/macos-jail/ventura:latest
RUN curl -L -4 https://storage.googleapis.com/xcodes-cache/Xcode_14.3.1.xip -o /xcode.xip
RUN mkdir -p /usr/local/bin && \
    curl -L https://github.com/saagarjha/unxip/releases/download/v2.2/unxip -o /usr/local/bin/unxip && \
    codesign --remove-signature /usr/local/bin/unxip && \
    chmod +x /usr/local/bin/unxip && \
    mkdir -p /Applications /Library/Preferences /var/db && \
    unxip /xcode.xip /Applications/ && \
    rm /xcode.xip && \
    xcode-select -s /Applications/Xcode.app/Contents/Developer
RUN xcodebuild -license accept

Fails on xcodebuild -license accept.

awdAvenger commented 7 months ago

I was able to get further on this, by basing the image of the progress in #22 and in addition creating the folder /Library/Preferences the xcodebuild -license accept command succeeds.

The next issue now is that there are missing frameworks, supposedly to be installed by xcodebuild -runFirstLaunch.

This however fails:

bash-3.2# xcodebuild -verbose -runFirstLaunch
Install Started
2023-11-14 13:09:47.240 xcodebuild[38161:449537]  DVTDownloadable: Failed to preflight installation Error Domain=PKInstallErrorDomain Code=105 "(null)" UserInfo={NSURL=MobileDeviceDevelopment.pkg -- file:///Applications/Xcode-15.0.1.app/Contents/Resources/Packages/, PKInstallPackageIdentifier=com.apple.pkg.MobileDeviceDevelopment, NSUnderlyingError=0x600000332e80 {Error Domain=NSOSStatusErrorDomain Code=-67674 "OSStatus -67674" UserInfo={NSLocalizedDescription=OSStatus -67674}}}
Install Failed: Error Domain=PKInstallErrorDomain Code=105 "(null)" UserInfo={NSURL=MobileDeviceDevelopment.pkg -- file:///Applications/Xcode-15.0.1.app/Contents/Resources/Packages/, PKInstallPackageIdentifier=com.apple.pkg.MobileDeviceDevelopment, NSUnderlyingError=0x600000332e80 {Error Domain=NSOSStatusErrorDomain Code=-67674 "OSStatus -67674" UserInfo={NSLocalizedDescription=OSStatus -67674}}}
2023-11-14 13:09:47.249 xcodebuild[38161:449534] Writing error result bundle to /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/ResultBundle_2023-14-11_13-09-0047.xcresult
2023-11-14 13:09:47.269 xcodebuild[38161:449534] Requested but did not find extension point with identifier Xcode.IDEFoundation.IDEResultKitSerializationConverter
xcodebuild: error: The operation couldn\U2019t be completed. (PKInstallErrorDomain error 105.)

Looking up the error code -67674 reveals this as a signature verification error on the package. So we are possibly missing a signature store of some kind.

Note that adding -skipPackageSignatureValidation does not fix this error.

awdAvenger commented 7 months ago

Creating the folders /private/var/db/mds/system/ and /private/var/tmp lets me get even further, but now it fails with code -67689

After copying the contents of my host mac /private/var/db/mds/system/ to the container it gets even further, but it seems to fail to contact the trustd xpc service to verify the certificate. Not sure how to proceed from that.

Jaskowicz1 commented 7 months ago

Would there not be a way to copy over the entire Xcode installation from the host Mac into the container (and then somehow link all the components like clang, git, etc)?

jlsalmon commented 4 months ago

If there’s any way I can donate to help move this along, I’d be glad to know.

We’ve been trying to get build isolation using Tart, but due to some macOS bugs in virtiofs it fails for disk-heavy workloads such as Unreal Engine builds. Being able to do that with docker would be a game changer for us.

fkorotkov commented 4 months ago

@jlsalmon are you referring to bugs in mounted folders? Tart recently started supporting mounting block devices which don't use VirtioFS all together. Might worth checking it out and we'll be glad to help.