sickcodes/docker-osx

Docker-OSX is a project that lets you run Apple's macOS operating system inside a Docker container on a Linux host. Docker is a tool that normally packages and runs Linux applications in isolated environments called containers, but running macOS, which Apple restricts to Apple hardware, in this way is an unusual feat that Docker-OSX makes possible. Under the hood, it uses KVM (Kernel-based Virtual Machine), which is Linux's built-in hardware virtualization system, and QEMU, an emulator. KVM allows the CPU to run the virtual machine at near-native speed rather than fully emulating every instruction, which is why the project advertises "near-native performance." The macOS graphical interface is forwarded to your Linux screen using a technology called X11 Forwarding, which streams the display output over a network socket. The whole setup is wrapped in a Docker container so it can be started with a single command. Supported macOS versions include Catalina, Big Sur, Monterey, Ventura, Sonoma, Sequoia, and Tahoe, each available as a different Docker image tag. The primary use case highlighted in the README is security research: running macOS in a reproducible, scriptable environment so that researchers on Linux or Windows machines can test macOS-specific vulnerabilities, conduct automated security analysis pipelines, or investigate services like iMessage. It is also used for CI/CD pipelines, automated build and test systems, that need to test macOS software without owning Apple hardware. This is a technically complex tool aimed at developers and security researchers comfortable with the Linux command line and Docker. It requires a Linux host with KVM hardware virtualization support enabled in the BIOS. The tech stack is primarily Shell scripting, Docker, QEMU, and KVM. The project builds on top of the OSX-KVM open-source project.