tally¶
Fast, modern Dockerfile linter with auto-fixes.
tally keeps Dockerfiles and Containerfiles clean, modern, and consistent — using BuildKit's own parser and checks (the same foundation behind
docker buildx) plus safe auto-fixes.
Quick Start¶
# Install via Homebrew
brew install wharflab/tap/tally
# Or via npm/pip/gem
npm install -g tally-cli
pip install tally-cli
gem install tally-cli
# Lint everything in the repo
tally lint .
# Apply safe fixes automatically
tally lint --fix Dockerfile
Why tally?¶
- BuildKit-native parsing — understands modern syntax like heredocs,
RUN --mount=..., andADD --checksum=... - Fixes, not just findings — applies safe, mechanical fixes automatically (
--fix) - Easy to install anywhere — Homebrew, npm, pip, RubyGems, or Go
- Container ecosystem friendly — supports Dockerfile/Containerfile conventions
- Growing ruleset — BuildKit checks, Hadolint-compatible rules, and tally-specific rules
Supported Rules¶
| Source | Rules | Description |
|---|---|---|
| BuildKit | 22/22 | Docker's official Dockerfile checks |
| tally | 52 | Custom rules including secret detection |
| Hadolint | 37 | Hadolint-compatible rules |
Next Steps¶
- Configuration Guide — config files, environment variables, CLI flags
- Rules Reference — available rules and how to configure them