Skip to content

feat: Add LinuxContainer block I/O resources#1

Open
chrisgeo wants to merge 11 commits into
mainfrom
feat/chaos-1380-blkio-runtime
Open

feat: Add LinuxContainer block I/O resources#1
chrisgeo wants to merge 11 commits into
mainfrom
feat/chaos-1380-blkio-runtime

Conversation

@chrisgeo

@chrisgeo chrisgeo commented May 6, 2026
edited
Loading

Copy link
Copy Markdown

Summary

  • Adds LinuxContainer.Configuration.blockIO and forwards it into generated OCI Linux resources.
  • Makes generateRuntimeSpec() testable from the package test target.
  • Adds a focused runtime-spec test covering configured block I/O resources.

Validation

  • CLANG_MODULE_CACHE_PATH=/tmp/containerization-clang-cache SWIFTPM_ENABLE_PLUGINS=0 swift test --filter LinuxContainerTests

This was referenced May 6, 2026
Open
Merged
@chrisgeo chrisgeo changed the title [codex] Add LinuxContainer block I/O resources feat: Add LinuxContainer block I/O resources May 14, 2026
@chrisgeo chrisgeo marked this pull request as ready for review May 14, 2026 17:17
@chrisgeo chrisgeo force-pushed the feat/chaos-1380-blkio-runtime branch from 409ec3f to 5268c48 Compare May 14, 2026 17:30
@chrisgeo chrisgeo force-pushed the feat/chaos-1380-blkio-runtime branch from 3d009df to 14dec0e Compare May 27, 2026 18:35
@full-chaos full-chaos deleted a comment from linear Bot May 27, 2026
@chrisgeo chrisgeo force-pushed the feat/chaos-1380-blkio-runtime branch from 6fee484 to 05d849e Compare June 2, 2026 17:18
yibozhuang and others added 11 commits June 3, 2026 12:07
@yibozhuang @crosbymichael
add IPv6 support (apple#752)
e1e31b7 
Extends the network plumbing to support per-interface IPv6 address
configuration.
The `Interface` protocol supports `ipv6Address` and `ipv6Gateway`.
The agent's networking RPCs carry per-family fields via new
`InterfaceAddress`, `LinkRoute`, and `DefaultRoute` types in
`ContainerizationExtras`.
`NetlinkSession` adds IPv6 methods for address and route operations.

---------

Co-authored-by: michael_crosby <michael_crosby@apple.com>
Co-authored-by: Michael Crosby <crosbymichael@gmail.com>
@dcantah
[Experimental] Add Sandboxy binary (apple#607)
9275f36 
Sandboxy is an example tool to run isolated coding agents.
@katiewasnothere
Update github actions to use SHA versions (apple#763)
1437c67 
Related to apple/container#1649. This PR updates
the GitHub workflows to ensure all imported actions are referenced by
commit SHA.

Signed-off-by: Kathryn Baldauf <k_baldauf@apple.com>
@Otoru
fix(Platform): make arm64 nil-variant and v8 hash identically (apple#764
4f6df44 
)

## Summary

`Platform.==` treats `arm64` with `nil` variant as equal to `arm64/v8`,
but `hash(into:)` used `description` which serializes them differently
(`linux/arm64` vs `linux/arm64/v8`). This violates the `Hashable`
contract — equal values must produce the same hash.

### Root cause

```swift
// == returns true for these two
let a = Platform(arch: "arm64", os: "linux", variant: nil)
let b = Platform(arch: "arm64", os: "linux", variant: "v8")
a == b // true ✓

// but hash was different — broken
a.hashValue == b.hashValue // false ✗ (before this fix)
```

This mismatch caused `Set<Platform>` and `Dictionary<Platform, ...>`
lookups to silently miss entries when one platform was decoded from JSON
(no `variant` field in the manifest) and another was created via
`Platform(from:)` or `Platform.current` (which both set `variant =
"v8"`).

### Practical consequence

In `apple/container`, this manifests as inconsistent platform-string
normalization across stages of a single `container build` — some stages
log `linux/arm64`, others `linux/arm64/v8` — which can cause `COPY
--from=<stage>` to fail to resolve the source stage under concurrent
builds. See apple/container#1542.

### Fix

`hash(into:)` now normalizes `arm64` with `nil` variant to `"v8"` before
hashing, matching the existing `==` behavior.
@jglogan
Pin macOS CI builds to Swift 6.3 for now. (apple#771)
e29657b 
- CI runners moved to the Xcode developer beta as the default, but macOS
builds are failing with a conflicting options error for
`-warnings-as-errors` and `-suppress-warnings`.
@crosbymichael
add x86 kernel config (apple#765)
ddd19a6 
Add x86 kernel config and build scripts.

Signed-off-by: michael_crosby <michael_crosby@apple.com>
@MojtabaHs @jglogan
docs: fix traversal in a public method's documentation (apple#770)
7e2ae5a 
Seems like a typo.
The change only affected a comment and does not disturb the code at all
(backward compatible).

Co-authored-by: J Logan <john_logan@apple.com>
@adityaramani
Allow setting log level for vminitd (apple#772)
d55cc18 
The `--log-level` option when running the agent sub-command for vminitd
was being silently ignored cause of the way the agent is being run. As a
workaround we need to read `/proc/self/cmdline` to get the right args
@chrisgeo
Add LinuxContainer block I/O resources
35b4acb
@chrisgeo
Wrap LinuxBlockIO with a Containerization type
f361c34 
Mirrors the LinuxRLimit/LinuxCapabilities pattern so the public API can
evolve independently of the OCI spec types. Configuration.blockIO now
holds the wrapper and is converted via toOCI() at spec assembly.
@chrisgeo
Fix formatting and license header for block I/O changes
dffb914
@chrisgeo chrisgeo force-pushed the feat/chaos-1380-blkio-runtime branch from 05d849e to dffb914 Compare June 17, 2026 15:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@chrisgeo @yibozhuang @dcantah @katiewasnothere @Otoru @jglogan @crosbymichael @MojtabaHs @adityaramani