I have done this in the past, but don't have the details to hand. Don't use
--deep for starters and I know I used different entitlements for the frameworks/dylibs than for the apps. I remember that I also had to hack the rpath of the web engine framework in order for it to be found in the container app.