Linux command
container-diff 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Analyze image size
container-diff analyze [image:tag]
Diff two images for apt packages
container-diff diff [image1] [image2] --type=apt
Diff pip packages
container-diff diff [image1] [image2] --type=pip
Diff filesystem changes
container-diff diff [image1] [image2] --type=file
Compare multiple analyzers
container-diff diff [image1] [image2] --type=apt --type=pip --type=node
Output as JSON
container-diff diff [image1] [image2] --type=apt -j
Compare local and remote
container-diff diff daemon://[local:tag] remote://[repo/image:tag]
说明
container-diff is a tool for analyzing and comparing container images at a semantic level. Rather than just showing raw filesystem differences, it understands package managers and can report changes in terms of actual packages (apt, pip, npm), making it easier to understand what changed between image versions. The tool supports multiple image sources including local Docker daemon images, remote registry images, and tarball archives. It can analyze a single image or compare two images, with output available in human-readable or JSON formats for integration with CI/CD pipelines. Developed by Google as part of their Container Tools suite, container-diff helps with debugging image bloat, understanding layer contents, and validating that builds produce expected changes. It's particularly useful for security auditing and optimizing Docker images.
参数
- --type _analyzer_
- Analyzer type: apt, rpm, pip, node, file, size, history.
- -j, --json
- Output as JSON.
- -o, --order
- Sort results by size in descending order.
- -q, --quiet
- Suppress output to stderr.
- -c, --cache _dir_
- Cache directory.
- --filename _path_
- Compare specific file.
FAQ
What is the container-diff command used for?
container-diff is a tool for analyzing and comparing container images at a semantic level. Rather than just showing raw filesystem differences, it understands package managers and can report changes in terms of actual packages (apt, pip, npm), making it easier to understand what changed between image versions. The tool supports multiple image sources including local Docker daemon images, remote registry images, and tarball archives. It can analyze a single image or compare two images, with output available in human-readable or JSON formats for integration with CI/CD pipelines. Developed by Google as part of their Container Tools suite, container-diff helps with debugging image bloat, understanding layer contents, and validating that builds produce expected changes. It's particularly useful for security auditing and optimizing Docker images.
How do I run a basic container-diff example?
Run `container-diff analyze [image:tag]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does --type _analyzer_ do in container-diff?
Analyzer type: apt, rpm, pip, node, file, size, history.