Slim down your Docker images with the power of AI.
Container Diet is a futuristic, AI-powered CLI tool that analyzes your Docker images and Dockerfiles to provide actionable, "sassy but helpful" optimization advice. It helps you reduce image size, improve security, and follow best practices.
- ๐ง AI-Driven Analysis: Uses OpenAI (GPT-4o) to provide human-level, context-aware optimization tips.
- ๐ณ Docker-Themed UI: Beautiful CLI output with Docker-brand colors and nautical icons.
- ๐ Local First: Checks your local Docker daemon first to avoid unnecessary remote pulls.
- ๐ก๏ธ Security Focused: Detects root user violations, exposed secrets, and unnecessary packages.
- ๐ญ "Container Dietician" Persona: Enjoy entertaining, roast-style feedback that keeps optimization fun.
- Go 1.21+
- Docker or Podman running locally
- OpenAI API Key
go install github.com/k1lgor/container-diet/cmd/cli@latestgit clone https://github.com/k1lgor/container-diet.git
cd container-diet
go mod tidy
go build -o container-diet cmd/cli/main.goYou must set your OpenAI API key before running the tool:
Linux/macOS:
export OPENAI_API_KEY="sk-..."Windows (PowerShell):
$env:OPENAI_API_KEY="sk-..."container-diet analyze my-app:latestProviding the Dockerfile gives the AI more context for better suggestions.
./container-diet analyze my-app:latest --dockerfile DockerfileBy default, the tool only looks locally. Use --remote to pull from a registry.
./container-diet analyze python:3.9-slim --remote./container-diet analyze --helpHere is what happens when you feed the "Nightmare Monolith" Dockerfile to the Container Dietician:
Command:
./container-diet analyze --dockerfile samples/Dockerfile.nightmareOutput:
Reading Dockerfile: samples/Dockerfile.nightmare...
๐ณ [AI ANALYSIS COMPLETE]
Asking the Container Dietician for insights... ๐ข
Oh, honey, what do we have here? A "Monolith Monster" Dockerfile that's about to sink your ship
with its fatty layers and spicy security risks! Letโs roll up our sleeves and clean this galactic
mess. ๐
---
โ WARNING: Version Drift Alert!
You've got a "fluffy" problem right at the start, darling! Using `ubuntu:latest` means you're
playing roulette with your build environment. ๐ฐ
โ SUGGESTION: Pin your base image to a specific version like `ubuntu:22.04` to keep things
predictable.
---
โ WARNING: Apt-get Avalanche!
Installing just about everything but the kitchen sink, are we? This is the definition of bloat,
my dear. ๐
โ SUGGESTION: Install only what's necessary for your app. Consider slimming it down by ditching
`openjdk-11-jdk`, `build-essential`, `cmake`, and `gdb` unless you truly need them. Otherwise,
you're just hoarding bytes.
---
โ WARNING: Hazardous Permissions Play!
777 permissions? I hope youโre wearing a hard hat! This is a security risk as wide as a black
hole. ๐
โ SUGGESTION: Use more restrictive permissions. Typically, `chmod -R 755` or `chmod -R 644`,
depending on whatโs needed for executing.
---
โ WARNING: Root Cabal Alert!
Running SSH as root with root login permitted? You might as well hand over the keys to the
universe. ๐
โ SUGGESTION: Disable root login and use a non-root user. Also, ask yourselfโdo you really need
SSH in a container? Usually, it's a sign you need to rethink your strategy.
---
Oh, darling, letโs trim down that bloated ship before it swallows a sun. Your future workloads
will thank you for the speed and safety tunes! Now, get to work, ๐ ๏ธ and remember: less is always
more. ๐ณโจ
cmd/cli: Main entry point for the CLI.internal/cli: CLI command definitions and logic.internal/ai: OpenAI client integration.internal/analyzer: Core image analysis logic (layers, size, config).samples/: Collection of Dockerfiles for testing (Light to Nightmare). See demo outputs.