dive: Analyze Image Layers and Wasted Space
dive explores a container image layer by layer, showing what each layer adds and how much space is wasted.
Bloated images slow every pull and push. dive shows the contents of each layer and flags files duplicated or deleted across layers, which is where most waste hides.
What it does
dive analyzes an image and presents, per layer, the files added or changed and an efficiency score plus an estimate of wasted bytes (files added in one layer and removed or overwritten in another). It reads from the Docker daemon by default, or from other sources via an explicit engine.
Common usage
dive myorg/app:ci
# read an image without a Docker daemon
dive podman://myorg/app:ci
dive docker-archive://app.tarOptions
| Source / flag | What it does |
|---|---|
| dive <image> | Analyze an image from the Docker daemon |
| dive podman://<image> | Use podman as the image source |
| dive docker-archive://<tar> | Analyze a docker save tarball |
| --source <engine> | Select the container engine explicitly |
| CI=true | Run headless and apply efficiency rules |
In CI
In an interactive shell dive opens a TUI; in CI set CI=true so it runs headless, prints the analysis, and evaluates pass/fail rules (see dive-ci-rules). Feed it a docker-archive:// tarball or podman:// source on runners without a Docker daemon.
Common errors in CI
"cannot connect to the Docker daemon" means no daemon on the runner; use docker-archive:// or podman://. The TUI hanging a job means CI=true was not set. "unable to determine image source" means the source prefix is wrong or the engine is unavailable.