How to Enforce a Docker Image Size Budget in GitHub Actions
Reading the built image size with docker inspect and comparing it to a budget stops an image from silently bloating.
Build the image, read its size from docker image inspect -f "{{.Size}}", and exit non-zero when it exceeds the budget. The dive tool can break down wasted layers.
Steps
- Build the image with a tag.
- Read the size with
docker image inspect -f "{{.Size}}". - Compare the byte value to a budget and fail when over.
Workflow
.github/workflows/ci.yml
jobs:
image-size:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: docker build -t myapp:ci .
- name: Enforce image size budget
run: |
BYTES=$(docker image inspect -f '{{.Size}}' myapp:ci)
BUDGET=$((250 * 1024 * 1024))
echo "image=$((BYTES/1024/1024))MB budget=250MB"
test "$BYTES" -le "$BUDGET"Gotchas
.Sizeis the uncompressed image size, larger than the compressed registry size.- A multi-stage build and a slim base image are the usual fixes for an over-budget image.
Related guides
How to Enforce a Bundle Size Budget With size-limit in GitHub ActionsFail a GitHub Actions build when a JavaScript bundle exceeds its byte budget using size-limit, which measures…
How to Enforce a Build-Time Budget in GitHub ActionsFail a GitHub Actions job when the build takes longer than a set number of seconds by timing the build comman…