Documentation
¶
Index ¶
Constants ¶
const CUDAVersionMismatchRuleCode = rules.TallyRulePrefix + "gpu/cuda-version-mismatch"
CUDAVersionMismatchRuleCode is the full rule code.
const NoBuildtimeGPUQueriesRuleCode = rules.TallyRulePrefix + "gpu/no-buildtime-gpu-queries"
NoBuildtimeGPUQueriesRuleCode is the full rule code.
const NoContainerRuntimeInImageRuleCode = rules.TallyRulePrefix + "gpu/no-container-runtime-in-image"
NoContainerRuntimeInImageRuleCode is the full rule code.
const NoHardcodedVisibleDevicesRuleCode = rules.TallyRulePrefix + "gpu/no-hardcoded-visible-devices"
NoHardcodedVisibleDevicesRuleCode is the full rule code.
const NoRedundantCUDAInstallRuleCode = rules.TallyRulePrefix + "gpu/no-redundant-cuda-install"
NoRedundantCUDAInstallRuleCode is the full rule code.
const PreferMinimalDriverCapabilitiesRuleCode = rules.TallyRulePrefix + "gpu/prefer-minimal-driver-capabilities"
PreferMinimalDriverCapabilitiesRuleCode is the full rule code.
const PreferRuntimeFinalStageRuleCode = rules.TallyRulePrefix + "gpu/prefer-runtime-final-stage"
PreferRuntimeFinalStageRuleCode is the full rule code.
const PreferUVOverCondaRuleCode = rules.TallyRulePrefix + "gpu/prefer-uv-over-conda"
PreferUVOverCondaRuleCode is the full rule code for the prefer-uv-over-conda rule.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CUDAVersionMismatchRule ¶ added in v0.33.0
type CUDAVersionMismatchRule struct{}
CUDAVersionMismatchRule flags pip/uv/conda install commands whose CUDA version suffix does not match the base image's CUDA toolkit version. Mismatched CUDA versions can cause silent CPU fallback, build failures, or runtime errors.
func NewCUDAVersionMismatchRule ¶ added in v0.33.0
func NewCUDAVersionMismatchRule() *CUDAVersionMismatchRule
NewCUDAVersionMismatchRule creates a new rule instance.
func (*CUDAVersionMismatchRule) Check ¶ added in v0.33.0
func (r *CUDAVersionMismatchRule) Check(input rules.LintInput) []rules.Violation
Check runs the rule against the given input.
func (*CUDAVersionMismatchRule) Metadata ¶ added in v0.33.0
func (r *CUDAVersionMismatchRule) Metadata() rules.RuleMetadata
Metadata returns the rule metadata.
type NoBuildtimeGPUQueriesRule ¶
type NoBuildtimeGPUQueriesRule struct{}
NoBuildtimeGPUQueriesRule flags RUN instructions that query GPU hardware at build time. GPU devices are not available during docker build, so commands like nvidia-smi or torch.cuda.is_available() will fail or return misleading results.
func NewNoBuildtimeGPUQueriesRule ¶
func NewNoBuildtimeGPUQueriesRule() *NoBuildtimeGPUQueriesRule
NewNoBuildtimeGPUQueriesRule creates a new rule instance.
func (*NoBuildtimeGPUQueriesRule) Check ¶
func (r *NoBuildtimeGPUQueriesRule) Check(input rules.LintInput) []rules.Violation
Check runs the rule against the given input.
func (*NoBuildtimeGPUQueriesRule) Metadata ¶
func (r *NoBuildtimeGPUQueriesRule) Metadata() rules.RuleMetadata
Metadata returns the rule metadata.
type NoContainerRuntimeInImageRule ¶
type NoContainerRuntimeInImageRule struct{}
NoContainerRuntimeInImageRule flags installation of NVIDIA Container Toolkit packages inside the image. These packages belong to the host-side runtime setup and do not make the image GPU-enabled by themselves.
func NewNoContainerRuntimeInImageRule ¶
func NewNoContainerRuntimeInImageRule() *NoContainerRuntimeInImageRule
NewNoContainerRuntimeInImageRule creates a new rule instance.
func (*NoContainerRuntimeInImageRule) Check ¶
func (r *NoContainerRuntimeInImageRule) Check(input rules.LintInput) []rules.Violation
Check runs the rule against the given input.
func (*NoContainerRuntimeInImageRule) Metadata ¶
func (r *NoContainerRuntimeInImageRule) Metadata() rules.RuleMetadata
Metadata returns the rule metadata.
type NoHardcodedVisibleDevicesRule ¶
type NoHardcodedVisibleDevicesRule struct{}
NoHardcodedVisibleDevicesRule flags ENV instructions that hardcode GPU device visibility (NVIDIA_VISIBLE_DEVICES, CUDA_VISIBLE_DEVICES). GPU visibility is deployment policy that should be set at runtime, not baked into the image.
func NewNoHardcodedVisibleDevicesRule ¶
func NewNoHardcodedVisibleDevicesRule() *NoHardcodedVisibleDevicesRule
NewNoHardcodedVisibleDevicesRule creates a new rule instance.
func (*NoHardcodedVisibleDevicesRule) Check ¶
func (r *NoHardcodedVisibleDevicesRule) Check(input rules.LintInput) []rules.Violation
Check runs the rule against the given input.
func (*NoHardcodedVisibleDevicesRule) Metadata ¶
func (r *NoHardcodedVisibleDevicesRule) Metadata() rules.RuleMetadata
Metadata returns the rule metadata.
type NoRedundantCUDAInstallRule ¶
type NoRedundantCUDAInstallRule struct{}
NoRedundantCUDAInstallRule flags installation of CUDA userspace packages via a package manager in stages that already inherit from nvidia/cuda:*. The rule is flavor-aware: it only flags packages that are already provided by the specific image variant (base, runtime, or devel) and cuDNN tag.
func NewNoRedundantCUDAInstallRule ¶
func NewNoRedundantCUDAInstallRule() *NoRedundantCUDAInstallRule
NewNoRedundantCUDAInstallRule creates a new rule instance.
func (*NoRedundantCUDAInstallRule) Check ¶
func (r *NoRedundantCUDAInstallRule) Check(input rules.LintInput) []rules.Violation
Check runs the rule against the given input.
func (*NoRedundantCUDAInstallRule) Metadata ¶
func (r *NoRedundantCUDAInstallRule) Metadata() rules.RuleMetadata
Metadata returns the rule metadata.
type PreferMinimalDriverCapabilitiesRule ¶
type PreferMinimalDriverCapabilitiesRule struct{}
PreferMinimalDriverCapabilitiesRule flags ENV instructions that set NVIDIA_DRIVER_CAPABILITIES=all. The "all" capability set mounts every NVIDIA driver library and binary, but most ML/CUDA workloads only need compute,utility. A smaller set follows the principle of least privilege.
func NewPreferMinimalDriverCapabilitiesRule ¶
func NewPreferMinimalDriverCapabilitiesRule() *PreferMinimalDriverCapabilitiesRule
NewPreferMinimalDriverCapabilitiesRule creates a new rule instance.
func (*PreferMinimalDriverCapabilitiesRule) Check ¶
func (r *PreferMinimalDriverCapabilitiesRule) Check(input rules.LintInput) []rules.Violation
Check runs the rule against the given input.
func (*PreferMinimalDriverCapabilitiesRule) Metadata ¶
func (r *PreferMinimalDriverCapabilitiesRule) Metadata() rules.RuleMetadata
Metadata returns the rule metadata.
type PreferRuntimeFinalStageRule ¶ added in v0.31.0
type PreferRuntimeFinalStageRule struct{}
PreferRuntimeFinalStageRule flags final stages that use an nvidia/cuda devel image without obvious build-time needs, suggesting a runtime or base variant.
func NewPreferRuntimeFinalStageRule ¶ added in v0.31.0
func NewPreferRuntimeFinalStageRule() *PreferRuntimeFinalStageRule
NewPreferRuntimeFinalStageRule creates a new rule instance.
func (*PreferRuntimeFinalStageRule) Check ¶ added in v0.31.0
func (r *PreferRuntimeFinalStageRule) Check(input rules.LintInput) []rules.Violation
Check runs the rule against the given input.
func (*PreferRuntimeFinalStageRule) Metadata ¶ added in v0.31.0
func (r *PreferRuntimeFinalStageRule) Metadata() rules.RuleMetadata
Metadata returns the rule metadata.
type PreferUVOverCondaRule ¶ added in v0.35.0
type PreferUVOverCondaRule struct{}
PreferUVOverCondaRule suggests migrating narrow, GPU/PyTorch-oriented Dockerfiles from conda/mamba/micromamba to uv.
func NewPreferUVOverCondaRule ¶ added in v0.35.0
func NewPreferUVOverCondaRule() *PreferUVOverCondaRule
NewPreferUVOverCondaRule creates a new rule instance.
func (*PreferUVOverCondaRule) Check ¶ added in v0.35.0
func (r *PreferUVOverCondaRule) Check(input rules.LintInput) []rules.Violation
Check runs the rule against the given input.
Cross-rule interaction: this rule attaches a FixUnsafe async resolver fix whose edit is a whole-file replacement (see SuggestedFix in checkStage). `tally/prefer-multi-stage-build` produces the same kind of whole-file AI rewrite via the shared `ai-autofix` resolver, so the two cannot compose in a single `--fix` pass — the fixer drops overlapping edits. Both rules use FixPriority=150 so the deterministic ordering means only one AI rewrite lands per run; users targeting both must run `--fix` twice with `--fix-rule` scoping. Keep this constraint in mind when adding more whole-file AI objectives.
func (*PreferUVOverCondaRule) Metadata ¶ added in v0.35.0
func (r *PreferUVOverCondaRule) Metadata() rules.RuleMetadata
Metadata returns the rule metadata.
Source Files