Ci/check macos virtualization#165
Merged
simongdavies merged 3 commits intoMay 20, 2026
Merged
Conversation
Adds a workflow_dispatch-only job that runs on an Apple Silicon (arm64) GitHub-hosted macOS runner and reports whether the Virtualization framework is available. Probes layer from cheapest to most authoritative: runner identity dump, arm64 assertion, kern.hv_support sysctl, framework bundle presence, and finally VZVirtualMachine.isSupported via an inline Swift program. Writes a result table to the job step summary.
On Apple Silicon kern.hv_support does not exist, so the previous hard-fail was wrong. Demote sysctl inspection to diagnostic-only (now also captures kern.hv_vmm_present and CPU brand), let the Swift VZVirtualMachine.isSupported probe be the sole pass/fail signal, and record each step's findings to GITHUB_OUTPUT so the always()-summary renders an accurate table even when later steps fail.
Signed-off-by: Simon Davies <simongdavies@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a manually-triggered GitHub Actions workflow to probe whether a macOS ARM64 runner supports Apple’s Virtualization.framework (via a Swift check of VZVirtualMachine.isSupported), intended to validate feasibility of running Hyperlight-backed micro-VMs on macOS runners.
Changes:
- Introduces a new
workflow_dispatchworkflow to collect runner identity + hypervisor-related sysctl diagnostics. - Validates
Virtualization.frameworkpresence on disk and performs an authoritative Swift runtime probe. - Writes a Markdown summary of the collected results to the workflow run summary.
Comments suppressed due to low confidence (1)
.github/workflows/check-macos-virtualization.yml:191
- The step summary hard-codes the runner label as
macos-latest, but this workflow runs on a self-hosted runner. This can mislead triage when comparing runs across runner pools; consider outputting the actual runner identity (e.g.runner.nameand/or the configuredruns-onlabels) instead of a hard-coded value.
echo "| Property | Value |"
echo "| --- | --- |"
echo "| Runner label | macos-latest |"
echo "| OS | ${{ steps.identity.outputs.os_name }} ${{ steps.identity.outputs.os_version }} (build ${{ steps.identity.outputs.os_build }}) |"
echo "| Architecture | ${{ steps.identity.outputs.arch }} |"
Comment on lines
+3
to
+16
| # Manual probe: confirm the Virtualization.framework is available on a | ||
| # GitHub-hosted Apple Silicon (ARM64) macOS runner. | ||
| # | ||
| # Apple's Virtualization.framework is the macOS analogue of KVM/WHP that | ||
| # hyperlight needs for micro-VMs. This job inspects the runner so we can | ||
| # verify before betting on macOS hosting (see /memories/azure-hosting-kvm.md | ||
| # for why "just use platform X" warrants a real check first). | ||
| # | ||
| # Authoritative pass/fail: VZVirtualMachine.isSupported (Apple's own runtime | ||
| # verdict). The sysctl dump is diagnostic only — on Apple Silicon some keys | ||
| # (notably kern.hv_support) simply do not exist; treating their absence as a | ||
| # failure is wrong. We also capture kern.hv_vmm_present which tells us whether | ||
| # this kernel itself is running inside a hypervisor (true for GitHub-hosted | ||
| # macOS runners) — relevant because nested-virt support is silicon/OS |
Comment on lines
+8
to
+9
| # verify before betting on macOS hosting (see /memories/azure-hosting-kvm.md | ||
| # for why "just use platform X" warrants a real check first). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
test macOS self hosted runner