Added many advanced compose commands, including --pull and --wait

Package and config updates

Fixed compilation issues

Author: mazdak

Makefile

@@ -60,7 +60,7 @@ plugins: plugin-compose
 .PHONY: plugin-compose
 plugin-compose:
 	@echo Building container-compose plugin...
-	@cd Plugins/container-compose && $(SWIFT) build -c $(BUILD_CONFIGURATION)
+	@cd Plugins/container-compose && $(SWIFT) build -c $(BUILD_CONFIGURATION) --product compose
 
 .PHONY: container
 # Install binaries under project directory
@@ -104,8 +104,8 @@ $(STAGING_DIR):
 	@install config/container-network-vmnet-config.json "$(join $(STAGING_DIR), libexec/container/plugins/container-network-vmnet/config.json)"
 	@install "$(BUILD_BIN_DIR)/container-core-images" "$(join $(STAGING_DIR), libexec/container/plugins/container-core-images/bin/container-core-images)"
 	@install config/container-core-images-config.json "$(join $(STAGING_DIR), libexec/container/plugins/container-core-images/config.json)"
-	@if [ -f "Plugins/container-compose/.build/$(BUILD_CONFIGURATION)/container-compose" ]; then \
-		install "Plugins/container-compose/.build/$(BUILD_CONFIGURATION)/container-compose" "$(join $(STAGING_DIR), libexec/container/plugins/compose/bin/compose)"; \
+	@if [ -f "Plugins/container-compose/.build/$(BUILD_CONFIGURATION)/compose" ]; then \
+		install "Plugins/container-compose/.build/$(BUILD_CONFIGURATION)/compose" "$(join $(STAGING_DIR), libexec/container/plugins/compose/bin/compose)"; \
 		install "Plugins/container-compose/config.json" "$(join $(STAGING_DIR), libexec/container/plugins/compose/config.json)"; \
 	fi
 

Plugins/container-compose/Package.resolved

@@ -21,11 +21,12 @@ let package = Package(
     name: "container-compose",
     platforms: [.macOS("15")],
     products: [
-        .executable(name: "compose", targets: ["ComposePlugin"])
+        .executable(name: "compose", targets: ["ComposePlugin"]),
+        .executable(name: "compose-debug", targets: ["ComposeDebug"])
     ],
     dependencies: [
         .package(name: "container", path: "../.."), // Main container package
-        .package(url: "https://github.com/apple/containerization.git", exact: "0.5.0"),
+        .package(url: "https://github.com/apple/containerization.git", exact: "0.6.2"),
         .package(url: "https://github.com/jpsim/Yams.git", from: "5.0.0"),
         .package(url: "https://github.com/apple/swift-argument-parser.git", from: "1.3.0"),
         .package(url: "https://github.com/apple/swift-log.git", from: "1.0.0"),
@@ -58,6 +59,14 @@ let package = Package(
             ],
             path: "Sources/Core"
         ),
+        .executableTarget(
+            name: "ComposeDebug",
+            dependencies: [
+                "ComposeCore",
+                .product(name: "Logging", package: "swift-log"),
+            ],
+            path: "Sources/Debug"
+        ),
         .testTarget(
             name: "ComposeTests",
             dependencies: [

Plugins/container-compose/Package.swift

@@ -7,10 +7,18 @@ This plugin provides docker-compose functionality for Apple Container, allowing
 - **Service Orchestration**: Define and run multi-container applications
 - **Build Support**: Automatically build Docker images from Dockerfiles
 - **Dependency Management**: Handle service dependencies and startup order
-- **Volume Management**: Support for named volumes and bind mounts
+- **Volume Management**: Bind mounts, named volumes, and anonymous volumes (bare `/path`)
 - **Network Configuration**: Automatic network setup and service discovery
 - **Health Checks**: Built-in health check support
 - **Environment Variables**: Flexible environment variable handling
+- **Compose Parity Additions**:
+  - Build target (`build.target`) forwarded to container build `--target`
+  - Port range mapping (e.g. `4510-4559:4510-4559[/proto]` expands to discrete rules)
+  - Long-form volumes: `type` bind/volume/tmpfs, `~` expansion, relative → absolute normalization, supports `ro|rw|z|Z|cached|delegated`
+  - Entrypoint/Cmd precedence: image Entrypoint/Cmd respected; service `entrypoint`/`command` override; `entrypoint: ''` clears image entrypoint
+  - `tty` and `stdin_open` respected (`tty` → interactive terminal; `stdin_open` → keep STDIN open)
+  - Image pulling policy on `compose up --pull` with `always|missing|never`
+  - Health gating with `depends_on` conditions and `--wait/--wait-timeout`
 
 ## Building
 
@@ -46,6 +54,74 @@ container compose ps
 # etc.
 ```
 
+### New flags (parity with Docker Compose)
+
+- `--pull <policy>`: `always|missing|never` — controls image pull behavior during `up`.
+- `--wait`: block until services reach running/healthy state.
+- `--wait-timeout <seconds>`: maximum wait time for `--wait`.
+
+## Volume and Mount Semantics
+
+The plugin aligns closely with Docker Compose while mapping to Apple Container’s runtime primitives. There are three user‑facing mount types you can declare in compose; internally they map to two host mechanisms:
+
+- Host directory share (virtiofs)
+- Managed block volume (ext4)
+
+### 1) Bind Mounts (host directories)
+
+- Compose syntax:
+  - Short: `./host_path:/container/path[:ro]`, `~/dir:/container/path`, `/abs/host:/container/path`
+  - Long: `type: bind`, `source: ./dir`, `target: /container/path`, `read_only: true`
+- Normalization:
+  - `~` expands to your home directory.
+  - Relative paths resolve to absolute paths using the working directory.
+- Runtime mapping:
+  - Mapped as a virtiofs share from the host path to the container path.
+  - Read‑only honored via `:ro` or `read_only: true`.
+- Notes:
+  - Options like `:cached`, `:delegated`, SELinux flags `:z`/`:Z` are accepted in YAML but currently do not alter behavior; the mount is still a virtiofs host share.
+
+### 2) Named Volumes
+
+- Compose syntax:
+  - Short: `myvol:/container/path[:ro]`
+  - Long: `type: volume`, `source: myvol`, `target: /container/path`
+  - Define in top‑level `volumes:` (optional if not `external: true`).
+- Runtime mapping:
+  - The orchestrator ensures the volume exists (creates if missing and not external), then mounts it using Apple Container’s managed block volume (ext4) and its host mountpoint.
+  - Labels set on created volumes: `com.apple.compose.project`, `com.apple.compose.service`, `com.apple.compose.target`, `com.apple.compose.anonymous=false`.
+- Cleanup:
+  - `container compose down --volumes` removes non‑external volumes declared in the project.
+
+### 3) Anonymous Volumes (bare container paths)
+
+- Compose syntax:
+  - Short: `- /container/path`
+  - Long (equivalent semantics): `type: volume`, `target: /container/path` with no `source`.
+- Runtime mapping:
+  - Treated as a named volume with a deterministic generated name: `<project>_<service>_anon_<hash>`.
+  - Created if missing and mounted as a managed block volume (ext4) using the volume’s host mountpoint.
+  - Labeled with `com.apple.compose.anonymous=true` for lifecycle management.
+- Cleanup:
+  - `container compose down --volumes` also removes these anonymous volumes (matched via labels).
+
+### 4) Tmpfs (container‑only memory mount)
+
+- Compose long form only: `type: tmpfs`, `target: /container/tmp`, `read_only: true|false`.
+- Runtime mapping:
+  - An in‑memory tmpfs mount at the container path.
+
+### Behavior Summary
+
+- Bind mount → virtiofs host share (best for live dev against host files).
+- Named/anonymous volume → managed block volume (best for persisted container data independent of your working tree).
+- Tmpfs → in‑memory ephemeral mount.
+
+### Port Publishing (for completeness)
+
+- Compose `ports:` entries like `"127.0.0.1:3000:3000"`, `"3000:3000"` are supported.
+- The runtime binds the host address/port and forwards to the container IP/port using a TCP/UDP forwarder.
+
 ## Build Support
 
 The plugin now supports building Docker images directly from your compose file:
@@ -81,6 +157,7 @@ When you run `container compose up`, the plugin will:
 - `context`: Build context directory (default: ".")
 - `dockerfile`: Path to Dockerfile (default: "Dockerfile")
 - `args`: Build arguments as key-value pairs
+- `target`: Build stage to use as final image (forwarded to `container build --target`).
 
 ### Build Caching
 
@@ -115,6 +192,8 @@ Services with unchanged build configurations reuse cached images using a stable
    - Prints service image tags and DNS names.
    - `--remove-orphans`: removes containers from the same project that are no longer defined (prefers labels; falls back to name prefix).
    - `--rm`: automatically removes containers when they exit.
+   - `--pull`: image pulling policy (`always|missing|never`).
+   - `--wait`, `--wait-timeout`: wait for running/healthy states (healthy if `healthcheck` exists; running otherwise).
 - `compose down`:
   - Stops and removes containers for the project, prints a summary of removed containers and volumes.
   - `--remove-orphans`: also removes any extra containers matching the project.
@@ -136,10 +215,33 @@ Services with unchanged build configurations reuse cached images using a stable
 - `.env` loading is applied consistently across commands: `up`, `down`, `ps`, `start`, `logs`, `exec`, `validate`.
 - Security: the loader warns if `.env` is group/other readable; consider `chmod 600 .env`.
 
+### Environment semantics and validation
+
+- Accepts both dictionary and list forms under `environment:`.
+- List items must be `KEY=VALUE`; unsupported forms are rejected.
+- Variable names must match `^[A-Za-z_][A-Za-z0-9_]*$`.
+- Unsafe interpolation in values is blocked during `${...}` and `$VAR` expansion.
+
+Examples:
+
+```yaml
+services:
+  app:
+    environment:
+      - "APP_ENV=prod"
+      - "_DEBUG=true"         # ok
+      # entrypoint override examples
+    entrypoint: "bash -lc"
+    command: ["./start.sh"]
+  worker:
+    entrypoint: ''             # clears image entrypoint
+```
+
 ## Compatibility and Limitations
 
 - YAML anchors and merge keys are disabled by default for hardening. You can enable them with `--allow-anchors` on compose commands.
-- Health gating and container recreation flags (`--force-recreate`, `--no-recreate`) are not fully implemented yet.
+- Health gating: `depends_on` supports `service_started`, `service_healthy`, and best‑effort `service_completed_successfully`.
+- Recreation flags: `--force-recreate` and `--no-recreate` respected; config hash drives default reuse behavior.
 - `ps`, `logs`, and `exec` implementations are limited and may not reflect full runtime state.
 
 ## Documentation

Plugins/container-compose/README.md

@@ -59,23 +59,33 @@ struct ComposeOptions: ParsableArguments {
         }
 
         // Default behavior: detect base compose file and include matching override
+        // Preferred order (first match wins):
+        // 1) container-compose.yaml / container-compose.yml
+        // 2) compose.yaml / compose.yml (Docker Compose v2 default)
+        // 3) docker-compose.yaml / docker-compose.yml (legacy)
         let candidates = [
-            "docker-compose.yml",
-            "docker-compose.yaml",
-            "compose.yml",
+            "container-compose.yaml",
+            "container-compose.yml",
             "compose.yaml",
+            "compose.yml",
+            "docker-compose.yaml",
+            "docker-compose.yml",
         ]
-        
+
         for base in candidates {
             let baseURL = URL(fileURLWithPath: currentPath).appendingPathComponent(base)
             if FileManager.default.fileExists(atPath: baseURL.path) {
                 var urls = [baseURL]
                 // Include override for the chosen base
                 let overrideCandidates: [String]
-                if base.hasPrefix("docker-compose") {
+                if base.hasPrefix("container-compose") {
+                    overrideCandidates = ["container-compose.override.yaml", "container-compose.override.yml"]
+                } else if base.hasPrefix("compose") {
+                    overrideCandidates = ["compose.override.yaml", "compose.override.yml"]
+                } else if base.hasPrefix("docker-compose") {
                     overrideCandidates = ["docker-compose.override.yml", "docker-compose.override.yaml"]
                 } else {
-                    overrideCandidates = ["compose.override.yml", "compose.override.yaml"]
+                    overrideCandidates = []
                 }
                 for o in overrideCandidates {
                     let oURL = URL(fileURLWithPath: currentPath).appendingPathComponent(o)

Plugins/container-compose/Sources/CLI/ComposeCommand.swift

@@ -19,6 +19,12 @@ import ContainerClient
 import ComposeCore
 import ContainerizationError
 import Foundation
+import Dispatch
+#if os(macOS)
+import Darwin
+#else
+import Glibc
+#endif
 
 
 struct ComposeUp: AsyncParsableCommand {
@@ -51,6 +57,15 @@ struct ComposeUp: AsyncParsableCommand {
     @Flag(name: .long, help: "Automatically remove containers when they exit")
     var rm: Bool = false
 
+    @Option(name: .long, help: "Pull policy: always|missing|never")
+    var pull: String = "missing"
+
+    @Flag(name: .long, help: "Wait for services to be running/healthy")
+    var wait: Bool = false
+
+    @Option(name: .long, help: "Wait timeout in seconds")
+    var waitTimeout: Int?
+
     @Argument(help: "Services to start")
     var services: [String] = []
 
@@ -95,7 +110,16 @@ struct ComposeUp: AsyncParsableCommand {
             noDeps: noDeps,
             removeOrphans: removeOrphans,
             removeOnExit: rm,
-            progressHandler: progress.handler
+            progressHandler: progress.handler,
+            pullPolicy: {
+                switch pull.lowercased() {
+                case "always": return .always
+                case "never": return .never
+                default: return .missing
+                }
+            }(),
+            wait: wait,
+            waitTimeoutSeconds: waitTimeout
         )
 
         progress.finish()
@@ -122,9 +146,42 @@ struct ComposeUp: AsyncParsableCommand {
         if detach {
             print("Started project '\(project.name)' in detached mode")
         } else {
+            // Install signal handlers so Ctrl-C stops services gracefully
+            func installSignal(_ signo: Int32) {
+                signal(signo, SIG_IGN)
+                // Create and retain the signal source on the main queue to satisfy concurrency rules
+                DispatchQueue.main.async {
+                    let src = DispatchSource.makeSignalSource(signal: signo, queue: .main)
+                    src.setEventHandler {
+                        // Use a MainActor-isolated flag so the compiler is happy about concurrency
+                        Task { @MainActor in
+                            // Second signal forces exit
+                            if SignalState.shared.seenFirstSignal {
+                                Darwin.exit(130)
+                            }
+                            SignalState.shared.seenFirstSignal = true
+                            do {
+                                print("\nStopping project '\(project.name)' (Ctrl-C again to force)...")
+                                let orchestratorForStop = Orchestrator(log: log)
+                                _ = try await orchestratorForStop.down(project: project, removeVolumes: false, removeOrphans: false, progressHandler: nil)
+                                Darwin.exit(0)
+                            } catch {
+                                // If graceful stop fails, exit with error code
+                                FileHandle.standardError.write(Data("compose: failed to stop services: \(error)\n".utf8))
+                                Darwin.exit(1)
+                            }
+                        }
+                    }
+                    src.resume()
+                    SignalRetainer.retain(src)
+                }
+            }
+            installSignal(SIGINT)
+            installSignal(SIGTERM)
+
             // Stream logs for selected services (or all if none selected), similar to docker-compose up
-            let orchestrator = Orchestrator(log: log)
-            let logStream = try await orchestrator.logs(
+            let orchestratorForLogs = Orchestrator(log: log)
+            let logStream = try await orchestratorForLogs.logs(
                 project: project,
                 services: services,
                 follow: true,
@@ -143,3 +200,21 @@ struct ComposeUp: AsyncParsableCommand {
         }
     }
 }
+
+// A tiny atomic flag helper for one-time behavior across signal handlers
+@MainActor
+fileprivate final class SignalState {
+    static let shared = SignalState()
+    var seenFirstSignal = false
+}
+
+// Keep strong references to DispatchSourceSignal so handlers fire reliably
+@MainActor
+fileprivate final class SignalRetainer {
+    private static let shared = SignalRetainer()
+    private var sources: [DispatchSourceSignal] = []
+    static func install() { /* ensure type is loaded */ }
+    static func retain(_ src: DispatchSourceSignal) {
+        shared.sources.append(src)
+    }
+}