Packer Templates for macOS 15 and macOS 26 VMs with Tart

calendar Nov 21, 2025 · 5 min read · packer macos automation tart ci-cd  ·
Share on: mastodon linkedin copy

The packer_macOS_26 repository contains Packer templates for building customized macOS virtual machines using Tart, a macOS virtualization tool. These VMs are specifically designed to serve as base images for GitHub Actions self-hosted runners, particularly for the jibb-runners tool used in the BlakePorts repository.

Packer macOS 26

Overview

This repository leverages pre-built vanilla images from the Cirrus Labs macOS Image Templates registry (ghcr.io/cirruslabs). The vanilla images provide a clean starting point with minimal customizations:

  • Auto-login enabled
  • Gatekeeper disabled
  • SSH enabled
  • Passwordless sudo configured

Note: Vanilla images do NOT include Homebrew or other additional software, providing a clean slate for customization.

Templates

The repository includes two main templates:

  • macOS_26.pkr.hcl: Builds macOS 26 (Tahoe) images using ghcr.io/cirruslabs/macos-tahoe-vanilla:latest
  • macOS_15.pkr.hcl: Builds macOS 15 (Sequoia) images using ghcr.io/cirruslabs/macos-sequoia-vanilla:latest

Both templates use Tart as the virtualization provider, which is optimized for macOS VMs on Apple Silicon.

Usage

Quick Start

  1. Initialize Packer plugins:

    1packer init .

  2. Build an image:

    1packer build -var-file=umac.auto.pkrvars.hcl macOS_26.pkr.hcl

Using the Makefile

The repository includes a convenient Makefile for building images:

1make        # Build all images (macOS 15 and 26)
2make 15     # Build macOS 15 (Sequoia) image
3make 26     # Build macOS 26 (Tahoe) image
4make help   # Show all available targets

Development Mode (Skip Updates)

During development, you can skip system updates to save significant build time:

1make 15-noupdate  # Build macOS 15 without updates
2make 26-noupdate  # Build macOS 26 without updates
3make all-noupdate # Build all images without updates

Or use Packer directly:

1packer build -var-file=umac.auto.pkrvars.hcl -var 'enable_updates="false"' macOS_26.pkr.hcl

Build Process

Each template follows a two-stage provisioning process:

  1. Update Stage (scripts/update.sh):

    • Installs system software updates (optional, controlled by enable_updates variable)
    • Handles VM disconnections gracefully during updates

  2. Configure Stage (scripts/configure.sh):

    • Installs SSH public keys for remote access
    • Configures passwordless sudo for admin users
    • Installs Tart Guest Agent for better host integration
    • Installs Xcode Command Line Tools
    • Installs MacPorts (required for CI/CD workflows)
    • Sets hostname based on macOS codename
    • Configures automation mode for UI automation tools

The configure script is idempotent, meaning it can be run multiple times safely without duplicating configuration.

Integration with BlakePorts and jibb-runners

These Packer-built VMs are specifically designed to work with the jibb-runners tool, which manages self-hosted GitHub Actions runners. The VMs built by this repository serve as the base images for runners used in the BlakePorts CI/CD workflows.

Workflow:

  1. Build VMs using this Packer template → macOS_15 and macOS_26 Tart VMs
  2. Use jibb-runners to create GitHub Actions runners from these VMs
  3. BlakePorts workflows run on these runners to test ports across macOS versions

This creates a complete automation pipeline:

  • packer_macOS_26 → Builds the VM images
  • jibb-runners → Manages GitHub Actions runners from those VMs
  • BlakePorts → Uses the runners for automated port testing

Key Features

Tart Guest Agent

The templates automatically install the Tart Guest Agent, which provides:

  • Better integration between the VM and Tart host
  • Improved performance and responsiveness
  • Enhanced networking capabilities

MacPorts Pre-installed

Each VM comes with MacPorts pre-installed and configured, making them ready for CI/CD workflows that need to build and test MacPorts ports. This eliminates the need to install MacPorts during workflow execution, speeding up builds.

Version-Specific Configuration

The configure script includes version-aware logic:

  • Common configuration: Runs on all macOS versions (SSH, sudo, MacPorts, etc.)
  • Version-specific sections: Can target specific macOS versions for customizations
  • Idempotent markers: Prevents duplicate configuration runs

Clean Base Images

By starting with vanilla images, you get:

  • No unnecessary software pre-installed
  • Minimal attack surface
  • Predictable starting state
  • Fast build times

Variables

ssh_public_key (required)

SSH public key to install in the VM for remote access. This is essential for connecting to the VM after it’s built.

Example:

1ssh_public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAB..."

enable_updates (default: "true")

Controls whether system software updates are installed during the build process. Set to "false" to skip updates during development (saves significant time).

Example:

1enable_updates = "false"

headless (default: based on enable_updates)

Controls whether the VM runs in headless mode. By default, it’s the opposite of enable_updates (headless when updates are enabled, visible when disabled for development).

Building for CI/CD

When building VMs for use with jibb-runners and BlakePorts:

  1. Build both images:

    1make all

  2. Verify the VMs exist:

    1tart list

    You should see macOS_15 and macOS_26 in the list.

  3. Use with jibb-runners:

    1cd ../jibb-runners
2./ghrunner.sh -tart macOS_15
3./ghrunner.sh -tart macOS_26

The runners will use these VMs as their base, providing isolated environments for GitHub Actions workflows.

Advantages Over Previous Approaches

This repository represents an evolution from earlier Packer templates (like the macOS 11+ VMware Fusion template):

  • Tart instead of VMware: Native macOS virtualization optimized for Apple Silicon
  • Vanilla base images: Clean starting point from Cirrus Labs registry
  • Simplified configuration: Less custom scripting, more standard tooling
  • CI/CD focused: Designed specifically for automated workflows
  • Multi-version support: Easy to add new macOS versions

Repository Structure

  • macOS_15.pkr.hcl - Packer template for macOS 15 (Sequoia)
  • macOS_26.pkr.hcl - Packer template for macOS 26 (Tahoe)
  • variables.pkr.hcl - Variable definitions
  • plugins.pkr.hcl - Packer plugin configuration
  • umac.auto.pkrvars.hcl - Variable values (gitignored, create your own)
  • scripts/configure.sh - Main configuration script
  • scripts/update.sh - System update script
  • Makefile - Convenient build targets

Future Enhancements

Potential improvements for the repository:

  • Support for additional macOS versions as they’re released
  • Customization options for different use cases
  • Integration with other CI/CD platforms
  • Automated testing of built VMs

For more details, check out the packer_macOS_26 repository.