feat: add Apple container workspace sandbox

[maxrochefortshugar]

Description

Add @mastra/apple-container, a workspace sandbox provider backed by Apple's container CLI.

The sandbox starts or reconnects to a long-lived OCI Linux container, executes foreground workspace commands with container exec, supports env/cwd/timeouts/streaming/output retention, and registers an editor provider for persisted workspace configs.

Related issue(s)

Fixes #18645

Type of change

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update
• Code refactoring
• Performance improvement
• Test update

Architecture

flowchart TB
  Agent["Agent / workspace tools"] --> Workspace["Workspace"]
  Workspace --> Sandbox["AppleContainerSandbox"]
  Editor["MastraEditor provider registry"] --> Provider["appleContainerSandboxProvider"]
  Provider --> Sandbox

  Sandbox --> Lifecycle["Lifecycle: inspect, run, start, stop, delete"]
  Sandbox --> Exec["executeCommand: env, cwd, timeout, streams"]
  Lifecycle --> Runner["AppleContainerCommandRunner"]
  Exec --> Runner

  Runner --> CLI["Apple container CLI"]
  CLI --> Service["container system service"]
  Service --> Container["Long-lived OCI Linux container"]
  Container --> Shell["sh -lc command execution"]
  Runner --> Output["ProcessHandle stdout/stderr retention"]

Loading

Reviewer notes

• Reuses core ProcessHandle output retention/truncation logic instead of adding a new command-runner abstraction.
• Reconnects only to containers with Mastra ownership labels for the sandbox ID, so same-name non-Mastra containers are not started/stopped/deleted.
• Adds a Mastra config-hash label for immutable runtime options and refuses reconnect when an existing container no longer matches the requested config.
• Runs command timeouts inside the container with a host CLI grace timeout; integration tests verify a timed-out sleep is not left running.
• Keeps containerBinary as a trusted constructor option only; it is excluded from the serializable Studio provider schema.
• Uses the CLI rather than Apple's Swift packages because there is no stable Node/TypeScript SDK surface yet. The runner is injectable so a future SDK backend can replace the CLI without changing the public sandbox API.

Follow-up scope

• SandboxProcessManager support is intentionally left for a follow-up. Apple container exec --detach exists, but in CLI 1.0.0 it does not expose the process-list/get/kill/stdin/output semantics that Mastra's process manager contract expects. This PR therefore supports foreground executeCommand() only; background process tools and LSP remain out of scope and are documented as limitations.

Test Plan

• pnpm --filter @mastra/apple-container test
• pnpm --filter @mastra/apple-container lint
• pnpm --filter @mastra/apple-container exec tsc -p tsconfig.build.json
• MASTRA_APPLE_CONTAINER_INTEGRATION=1 pnpm --filter @mastra/apple-container test:integration

Checklist

• I have linked the related issue(s) in the description above
• I have made corresponding changes to the documentation (if applicable)
• I have added tests that prove my fix is effective or that my feature works
• I have addressed all CodeRabbit comments on this PR

[vercel]

Someone is attempting to deploy a commit to the Mastra Team on Vercel.

A member of the Team first needs to authorize it.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Adds a new @mastra/apple-container workspace package implementing AppleContainerSandbox, a WorkspaceSandbox backed by Apple’s container CLI, plus provider wiring, tests, tooling, and documentation.

Changes

AppleContainerSandbox workspace provider

Layer / File(s)	Summary
Package scaffolding and build tooling workspaces/apple-container/package.json, tsconfig*.json, tsup.config.ts, vitest.config.ts, eslint.config.js, lint-staged.config.js, CHANGELOG.md, src/index.ts, test/core-workspace.ts	Sets up package metadata, export wiring, build/test configs, lint configs, changelog header, and the public barrel re-exports.
AppleContainerSandbox lifecycle and CLI execution workspaces/apple-container/src/sandbox/index.ts	Defines the sandbox and runner types, implements lifecycle, command execution, inspect/run handling, info and instructions rendering, CLI spawning, output truncation, and helper utilities.
SandboxProvider factory and config schema workspaces/apple-container/src/provider.ts	Defines the provider config shape and exports the provider object with metadata, schema, and sandbox creation wiring.
Unit and integration tests workspaces/apple-container/src/sandbox/index.test.ts, workspaces/apple-container/src/sandbox/index.integration.test.ts	Adds unit tests for lifecycle, execution, destroy and error paths, runner output handling, and a conditional integration test against a real container CLI.
Reference docs, README, sidebar, and changeset docs/src/content/en/reference/workspace/apple-container-sandbox.mdx, workspaces/apple-container/README.md, docs/src/content/en/reference/sidebars.js, docs/src/content/en/docs/workspace/sandbox.mdx, .changeset/apple-container-sandbox.md	Adds the workspace reference page, README, sidebar entry, docs navigation links, and changeset entry for the new package.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Suggested labels

tests: green ✅, complexity: critical

Suggested reviewers

• wardpeet
• abhiaiyer91

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely describes the main change: adding an Apple container workspace sandbox.
Linked Issues check	✅ Passed	The PR implements the Apple container sandbox provider, lifecycle and command-execution features, editor registration, docs, and gated integration tests.
Out of Scope Changes check	✅ Passed	The additional config, build, and test files are supporting changes for the new package and appear in scope.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[changeset-bot]

🦋 Changeset detected

Latest commit: 9bd98b2

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
@mastra/apple-container	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[socket-security]

Dependency limit exceeded — report not shown.

This pull request scan exceeded the 10,000-dependency limit applied to this scan, so the results are incomplete and may be inaccurate. To avoid reporting false positives, Socket has not posted a report.

Upgrade your plan to raise the dependency limit and get complete reports, or view the partial scan in the dashboard.

Socket is always free for open source. If this is a non-commercial open source project, contact us to request a free Team account.

[dane-ai-mastra]

PR triage

Linked issue check passed (#18645).

Mastra uses CodeRabbit for automated code reviews. Please address all feedback from CodeRabbit by either making changes to your PR or leaving a comment explaining why you disagree with the feedback. Since CodeRabbit is an AI, it may occasionally provide incorrect feedback.

---

PR complexity score

Factor	Value	Score impact
Files changed	20	+40
Lines changed	2849	+60
Author merged PRs	0	-0
Test files changed	Yes	-10
Final score		90

Applied label: complexity: critical

---

Changed test gate

Changed Test Gate is pending. The Changed Test Gate / changed-tests check will update the test label when it completes.

[coderabbitai]

Actionable comments posted: 10

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.changeset/apple-container-sandbox.md:
- Line 5: Add a short public API usage example to the new-feature changeset so
the release note is actionable; update the Apple container sandbox note to
include a brief snippet using the public `@mastra/apple-container` API, and make
sure the example clearly reflects the new provider/workspace sandbox feature
described in the changeset.

In `@docs/src/content/en/reference/workspace/apple-container-sandbox.mdx`:
- Around line 366-372: The reconnection example is using the non-public
AppleContainerSandbox lifecycle method instead of the documented public API.
Update the snippet that creates sandbox and sandbox2 to call start() rather than
_start(), keeping the example aligned with the class’s supported interface and
the rest of the AppleContainerSandbox documentation.

In `@workspaces/apple-container/package.json`:
- Around line 25-28: The package test entrypoint is currently pointed at only
the integration suite, so the default `pnpm test` path skips the unit tests.
Update the `package.json` scripts so `test` uses the standard unit test command
in `test:unit` (or otherwise includes the unit suite by default), and keep the
integration-only command separate if needed. Make sure the change is applied in
the `test`, `test:unit`, and `test:cloud` script definitions so workspace test
runs pick up the unit coverage added in this PR.

In `@workspaces/apple-container/README.md`:
- Around line 42-66: The README options table for AppleContainerSandboxOptions
is incomplete and currently implies it lists every supported constructor field.
Update the table in the Apple container README to include the missing public
options such as publishedSockets, os, init, virtualization, capAdd, capDrop,
tmpfs, dns, dnsSearch, noDns, labels, and workingDir, or rename the section to
something narrower like “Common options” so it matches the actual scope of the
documented fields.
- Around line 71-76: The README example is incomplete because it uses
MastraEditor without importing it. Update the snippet near
appleContainerSandboxProvider to include the missing MastraEditor import
alongside the existing import so the copy-paste example works as shown.

In `@workspaces/apple-container/src/sandbox/index.integration.test.ts`:
- Around line 6-10: The AppleContainerSandbox integration suite is being
silently skipped when MASTRA_APPLE_CONTAINER_INTEGRATION=1 but the container CLI
is missing or broken. Update the test gating around shouldRunIntegration,
hasAppleContainerCli, and describe.skipIf so that local opt-out still skips, but
an explicit integration opt-in fails fast with a clear error when
spawnSync('container', ['--version']) does not succeed. Ensure the logic in
index.integration.test.ts distinguishes “not opted in” from “opted in but CLI
unavailable” instead of treating both as a skip.

In `@workspaces/apple-container/src/sandbox/index.test.ts`:
- Around line 17-20: The mocked runner in the sandbox test helper currently
returns a default successful result when the responses queue is empty, which can
hide unexpected extra runner.run() calls. Update the vi.fn implementation in the
test setup to fail fast by throwing an error when queue.shift() yields no
response, while still preserving the existing behavior of resolving queued
functions or values through cliResult for expected calls. This change should be
made in the mocked run helper used by the sandbox tests so each test must
explicitly define the full command sequence it expects.
- Around line 296-299: The AppleContainerCliResult type is missing the
truncation metadata that runAppleContainerCli already returns. Update the
AppleContainerCliResult interface to include stdoutTruncated, stderrTruncated,
stdoutDroppedBytes, and stderrDroppedBytes so the existing assertions in the
AppleContainerCliResult test can type-check without casts.

In `@workspaces/apple-container/src/sandbox/index.ts`:
- Around line 29-37: Add the missing truncation metadata to the public
AppleContainerCliResult type so it matches the object returned by
runAppleContainerCli(). Update the AppleContainerCliResult interface to include
optional stdoutTruncated, stderrTruncated, stdoutDroppedBytes, and
stderrDroppedBytes fields, keeping them optional to reflect that they only
appear when output is clipped.
- Line 146: `MastraSandbox` is not updating `status` when its plain lifecycle
methods are invoked, so `getInfo()` can stay `pending` after the sandbox starts
or stops. Update the overridden `start`, `stop`, and `destroy` methods in
`MastraSandbox` to set the `status` consistently with the existing
`_start/_stop/_destroy` flow, or route them through the same lifecycle helpers
so `callLifecycle(this._sandbox, ...)` always leaves `status` in sync.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: ce47d3f6-c90b-4cb7-825d-ebdb336e6944

📥 Commits

Reviewing files that changed from the base of the PR and between 07bf909 and b275a91.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (19)

• .changeset/apple-container-sandbox.md
• docs/src/content/en/docs/workspace/sandbox.mdx
• docs/src/content/en/reference/sidebars.js
• docs/src/content/en/reference/workspace/apple-container-sandbox.mdx
• workspaces/apple-container/CHANGELOG.md
• workspaces/apple-container/README.md
• workspaces/apple-container/eslint.config.js
• workspaces/apple-container/lint-staged.config.js
• workspaces/apple-container/package.json
• workspaces/apple-container/src/index.ts
• workspaces/apple-container/src/provider.ts
• workspaces/apple-container/src/sandbox/index.integration.test.ts
• workspaces/apple-container/src/sandbox/index.test.ts
• workspaces/apple-container/src/sandbox/index.ts
• workspaces/apple-container/test/core-workspace.ts
• workspaces/apple-container/tsconfig.build.json
• workspaces/apple-container/tsconfig.json
• workspaces/apple-container/tsup.config.ts
• workspaces/apple-container/vitest.config.ts