diff --git a/.github/workflows/container-build.yml b/.github/workflows/container-build.yml
new file mode 100644
index 000000000..56db8eaa0
--- /dev/null
+++ b/.github/workflows/container-build.yml
@@ -0,0 +1,29 @@
+name: Build and test on containers
+
+on: 
+   [push, pull_request, workflow_dispatch]
+
+jobs:
+  build_and_test:
+    strategy:
+      matrix:
+        os: [ubuntu-22.04, ubuntu-latest]
+        builder: ["podman"]
+      fail-fast: false
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Update podman
+        run: |
+          # from https://askubuntu.com/questions/1414446/whats-the-recommended-way-of-installing-podman-4-in-ubuntu-22-04
+          ubuntu_version='22.04'
+          key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key"
+          sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}"
+          echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel-kubic-libcontainers-unstable.list
+          curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null
+          sudo apt update
+          sudo apt install -y podman
+        if: ${{ matrix.os == 'ubuntu-22.04' }}
+      - uses: actions/checkout@v4
+      - name: Make on Unix
+        run: ./container-build.py make -d fast
+
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 000000000..a7404c6a2
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,20 @@
+FROM docker.io/ubuntu:20.04
+RUN apt-get -qq update && \
+    DEBIAN_FRONTEND=noninteractive apt-get -qq install -y build-essential libcap-dev xz-utils zip \
+    unzip strace curl discount git python3 zlib1g-dev \
+    cmake flex bison locales clang && \
+    rm -rf /var/lib/apt/lists/*
+COPY --from=docker.io/golang:1.21 /usr/local/go /usr/local/go
+ENV PATH "$PATH:/usr/local/go/bin"
+RUN groupadd -g 1000 file-builder
+RUN useradd -m -g 1000 -u 1000 file-builder
+RUN chown -R  file-builder:file-builder /usr/local
+USER file-builder
+RUN curl https://install.meteor.com/?release=2.3.5 | sh
+USER root
+RUN chown -R  root:root /usr/local
+USER file-builder
+ENV PATH $PATH:/home/file-builder/.meteor
+ENV METEOR_WAREHOUSE_DIR /home/file-builder/.meteor
+ENV USER file-builder
+WORKDIR /sandstorm
\ No newline at end of file
diff --git a/container-build.py b/container-build.py
new file mode 100755
index 000000000..66ddafd28
--- /dev/null
+++ b/container-build.py
@@ -0,0 +1,67 @@
+#!/bin/python
+import argparse, shlex, subprocess, os, getpass
+
+# from https://stackoverflow.com/a/4760274/259046
+def runProcess(exe):
+    p = subprocess.run(shlex.split(exe), stderr=subprocess.STDOUT)
+    while(True):
+        if not isinstance(p, subprocess.CompletedProcess):
+            retcode = p.poll()
+        else:
+            retcode = p.returncode
+        
+        stdout = p.stdout
+        print(stdout)
+        if retcode is not None:
+            if retcode != 0:
+                exit(retcode)
+            else:
+                break
+
+
+
+
+parser = argparse.ArgumentParser(description='Setup and use a Sandstorm Docker/OCI build container.')
+parser.add_argument("action", choices=["make", "prepare", "shell"], default="make", nargs="?", help='')
+parser.add_argument('--container-builder', dest="container_builder", default='podman', help='Command you run for building container from command line (Default: %(default))')
+parser.add_argument('--container-runner', dest="container_runner", default='podman', help='Command you run for running container from command line  (Default: %(default))')
+parser.add_argument('args', nargs=argparse.REMAINDER)
+
+args = parser.parse_args()
+
+def prepare():
+    script ="{builder_cmd} build .  -t sandstorm-build".format(builder_cmd=args.container_builder)
+    print(script)
+    runProcess(script)
+
+def format_cmd(command):
+    return "{runner_cmd} run --rm -ti \
+        -v {pwd}:/sandstorm \
+        -v {pwd}/scripts/podman-entrypoint.sh:/podman-entrypoint.sh \
+        --userns=keep-id:uid=1000,gid=1000 \
+        --entrypoint=/podman-entrypoint.sh \
+        --cap-add=SYS_PTRACE  sandstorm-build {command} {args}".format(
+            runner_cmd=args.container_runner, 
+            pwd=os.getcwd(),
+            command=command,
+            args=' '.join(args.args)
+        )
+
+def make():
+    script = format_cmd("make")
+    print(script)
+    runProcess(script)
+
+def shell():
+    script = format_cmd("bash")
+    print(script)
+    runProcess(script)
+
+prepare()
+
+if (args.action == "make"):
+    make()
+
+if (args.action == "shell"):
+    shell()
+
diff --git a/find-meteor-dev-bundle.sh b/find-meteor-dev-bundle.sh
index bd8ffc5ad..d569017d2 100755
--- a/find-meteor-dev-bundle.sh
+++ b/find-meteor-dev-bundle.sh
@@ -59,5 +59,7 @@ TOOLDIR=$(echo $TOOL_VERSION | tr @ /)
 
 echo " $TOOL_VERSION" >&2
 
-readlink -f $METEOR_WAREHOUSE_DIR/packages/$TOOLDIR/mt-os.linux.x86_64/dev_bundle > "$CACHE_FILE"
+echo -n "$TOOLDIR" >&2
+echo -n "$METEOR_WAREHOUSE_DIR/packages/$TOOLDIR/mt-os.linux.x86_64/dev_bundle" >&2
+echo "$METEOR_WAREHOUSE_DIR/packages/$TOOLDIR/mt-os.linux.x86_64/dev_bundle" > "$CACHE_FILE"
 cat "$CACHE_FILE"
diff --git a/scripts/podman-entrypoint.sh b/scripts/podman-entrypoint.sh
new file mode 100755
index 000000000..6e8728d2e
--- /dev/null
+++ b/scripts/podman-entrypoint.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+set -e
+
+"$@"
\ No newline at end of file