The latest articles on DEV Community by jtodic (@jtodic). https://dev.to/jtodic https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3646479%2Fb619f91f-a950-4ddf-a1f1-0e96968fe38b.png https://dev.to/jtodic en jtodic Wed, 31 Dec 2025 08:33:03 +0000 https://dev.to/jtodic/analyzing-docker-images-without-downloading-them-5d3f https://dev.to/jtodic/analyzing-docker-images-without-downloading-them-5d3f <p>I built a tool that analyzes Docker image sizes directly from container registries — without pulling the images.</p> <p>I needed to compare 50 versions of a Docker image to find when it got bloated. Pulling all tags would be slow and use gigabytes of bandwidth. Instead, I got all the data in seconds using registry metadata APIs.</p> <h2> The Key Insight </h2> <p>When you <code>docker pull</code>, the client fetches a manifest, then a config, then downloads all layers. The manifest and config are tiny JSON files (~10KB total). The layers are gigabytes.</p> <p>But the manifest already contains layer sizes:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"layers"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="nl">"size"</span><span class="p">:</span><span class="w"> </span><span class="mi">29536818</span><span class="p">,</span><span class="w"> </span><span class="nl">"digest"</span><span class="p">:</span><span class="w"> </span><span class="s2">"sha256:af6eca94..."</span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="nl">"size"</span><span class="p">:</span><span class="w"> </span><span class="mi">1841029843</span><span class="p">,</span><span class="w"> </span><span class="nl">"digest"</span><span class="p">:</span><span class="w"> </span><span class="s2">"sha256:c46e201c..."</span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>And the config contains the Dockerfile commands that created each layer:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"history"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="nl">"created_by"</span><span class="p">:</span><span class="w"> </span><span class="s2">"apt-get install -y nginx"</span><span class="p">,</span><span class="w"> </span><span class="nl">"empty_layer"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="nl">"created_by"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ENV PATH=/usr/local/bin:$PATH"</span><span class="p">,</span><span class="w"> </span><span class="nl">"empty_layer"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Match them up (skipping <code>empty_layer: true</code> entries like ENV and LABEL), and you get layer sizes with their Dockerfile commands. No layer downloads needed.</p> <h2> Authentication </h2> <p>The tool reads <code>~/.docker/config.json</code> — the same file Docker uses. For systems with credential helpers (macOS Keychain, Windows Credential Manager), it calls <code>docker-credential-&lt;helper&gt; get</code> directly.</p> <p>You still need to run <code>docker login</code> first for private registries.</p> <h2> Multi-Architecture Images </h2> <p>Modern images return a manifest list instead of a manifest:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"manifests"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="nl">"digest"</span><span class="p">:</span><span class="w"> </span><span class="s2">"sha256:abc..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"platform"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="nl">"architecture"</span><span class="p">:</span><span class="w"> </span><span class="s2">"amd64"</span><span class="p">}},</span><span class="w"> </span><span class="p">{</span><span class="nl">"digest"</span><span class="p">:</span><span class="w"> </span><span class="s2">"sha256:def..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"platform"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="nl">"architecture"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arm64"</span><span class="p">}}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>One extra request to fetch the right platform's manifest. Still under 10KB.</p> <h2> Results </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Approach</th> <th>Data transferred</th> </tr> </thead> <tbody> <tr> <td>Pull all images</td> <td>GBs (even with layer caching)</td> </tr> <tr> <td>Metadata only</td> <td>~500 KB (50 tags × ~10KB)</td> </tr> </tbody> </table></div> <h2> Try It </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git clone https://github.com/jtodic/docker-time-machine.git <span class="nb">cd </span>docker-time-machine go mod download make build make <span class="nb">install</span> <span class="c"># Public images</span> ./dtm registry nginx <span class="nt">--last</span> 20 <span class="c"># Private registries (after docker login)</span> ./dtm registry your-registry.com/app <span class="nt">--last</span> 50 <span class="nt">--format</span> chart </code></pre> </div> performance devops docker tooling jtodic Thu, 04 Dec 2025 13:57:29 +0000 https://dev.to/jtodic/i-built-a-tool-to-find-exactly-which-commit-bloated-your-docker-image-2h79 https://dev.to/jtodic/i-built-a-tool-to-find-exactly-which-commit-bloated-your-docker-image-2h79 <p>Ever wondered "why is my Docker image suddenly 500MB bigger?" and had to git bisect through builds manually? I made Docker Time Machine (DTM) - it walks through your git history, builds the image at each commit, and shows you exactly where the bloat happened.</p> <p>Example: <br> dtm analyze --format chart</p> <p>Gives you interactive charts showing size trends, layer-by-layer comparisons, and highlights the exact commit that added the most weight (or optimized it).<br> It's fast too - leverages Docker's layer cache so analyzing 20+ commits takes minutes, not hours.</p> <p>GitHub: <a href="https://github.com/jtodic/docker-time-machine" rel="noopener noreferrer">https://github.com/jtodic/docker-time-machine</a></p> <p>Would love feedback from anyone who's been burned by mystery image bloat before 🔥</p> <p>Examples of reports:<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzcp8hkcnee627ifv0xav.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzcp8hkcnee627ifv0xav.png" alt=" " width="800" height="313"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq6si9esihysd6ioy79p8.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fq6si9esihysd6ioy79p8.png" alt=" " width="800" height="330"></a></p> showdev performance docker tooling