Comment by js2

This. I've been managing a CI/CD system of around 50 macOS build machines for a few years now, previously our own hardware in a data center, currently EC2 Mac instances.

All the things Apple puts in place to make macOS more secure and consumer friendly make it really hard to manage as a server, especially if you don't want to use MDM. For example with the current version of macOS, the macOS AMI that Amazon provides requires manually logging in over screen sharing to enable local networking. So I haven't updated to Sequoia yet. As it is, my AMI build process is fully automated but still takes almost 2 hours and involves first mounting the Amazon AMI to a Linux instance to modify parts of the image that are read-only when it's booted from.

Our current CI/CD process is to create a unique build user per build, then tear it down afterwards. EC2 has something called root volume replacement to allow you to reset a machine to its AMI, but that still takes too long (~ 10 minutes) to do between every build.

(At least with EC2 Macs I no longer need to open a ticket with DC ops when there's a hardware issue.)

Using macOS VMs that can be quickly reset makes this all a lot easier, more flexible, secure, and cleaner. The only currently viable options I'm aware of are tart and anka. I'm glad to see some open source competition in this space.