Skip to content

aryans1319/devdoctor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
ai
ai
 
 
analyzer
analyzer
 
 
cmd
cmd
 
 
config
config
 
 
formatter
formatter
 
 
github
github
 
 
models
models
 
 
server
server
 
 
web
web
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
server.go
server.go
 
 
vercel.json
vercel.json
 
 

Repository files navigation

🩺 DevDoctor

AI-powered DevOps health checker for your project infrastructure.

DevDoctor scans your project folder, finds issues in your Dockerfile and docker-compose.yml, and uses Gemini AI to suggest specific fixes — all from a single terminal command.

devdoctor scan .

Demo

🔍 DevDoctor scanning /your/project ...

╔══════════════════════════════════════╗
║         🩺 DevDoctor Report           ║
╚══════════════════════════════════════╝

📄 Dockerfile  (Dockerfile)
  Score: 60/100
──────────────────────────────────────────────────

  ❌ ERROR
     Rule    : HARDCODED_SECRET
     Issue   : Possible secret hardcoded in ENV — use runtime env vars
     Fix     : Remove API_KEY from Dockerfile. Pass it at runtime using -e API_KEY=your_key

  ⚠️  WARNING
     Rule    : NO_USER
     Issue   : No USER instruction found — container will run as root
     Fix     : Add RUN useradd -r appuser && USER appuser before CMD

  ⚠️  WARNING
     Rule    : NO_DOCKERIGNORE
     Issue   : No .dockerignore file found — build context may include sensitive files
     Fix     : Create .dockerignore and exclude .env, target/, .git, .idea/

  ℹ️  INFO
     Rule    : PARTIAL_VERSION_PIN
     Issue   : Image uses a partial version tag — pin to full digest for reproducibility
     Fix     : Use image@sha256:DIGEST for guaranteed reproducibility

  🤖 AI Summary: Critical security issues found. Hardcoded secrets and running
  as root are the highest risk items. Fix these before deploying to production.

══════════════════════════════════════════════════
📊 Overall Summary
══════════════════════════════════════════════════
  Files scanned : 2
  Total issues  : 5
  Overall score : 60/100

  ⚠️  Some issues need attention.

Features

  • Dockerfile Analyzer — detects 8 common issues including hardcoded secrets, latest tags, missing USER, no HEALTHCHECK, COPY abuse, and layer bloat
  • docker-compose Analyzer — detects unpinned images, missing healthchecks, hardcoded secrets in environment, and open port bindings
  • AI-powered fixes — every issue comes with a specific, actionable fix generated by Gemini 2.5 Flash
  • Health score — every file gets a score out of 100, plus an overall project score
  • Auto file detection — drop it in any project folder, DevDoctor finds the right files automatically
  • Color-coded output — red for errors, yellow for warnings, cyan for info

Rules Checked

Dockerfile

Rule Severity Description
NO_LATEST_TAG ❌ Error Base image uses :latest — not reproducible
HARDCODED_SECRET ❌ Error Password or API key in ENV/ARG
UNPINNED_BASE_IMAGE ⚠️ Warning No version tag on base image
COPY_ALL ⚠️ Warning COPY . . copies sensitive files
MULTIPLE_RUN_COMMANDS ⚠️ Warning Too many RUN layers — bloats image
NO_USER ⚠️ Warning Container runs as root
NO_DOCKERIGNORE ⚠️ Warning No .dockerignore file found
NO_HEALTHCHECK ℹ️ Info Docker can't detect unhealthy container
PARTIAL_VERSION_PIN ℹ️ Info Version tag not fully pinned

docker-compose

Rule Severity Description
LATEST_TAG ❌ Error Service image uses :latest
HARDCODED_SECRET ❌ Error Secret in environment variables
UNPINNED_IMAGE ⚠️ Warning No version tag on service image
NO_HEALTHCHECK ⚠️ Warning Service has no healthcheck
OPEN_PORT_BINDING ⚠️ Warning Port bound to 0.0.0.0

Installation

Prerequisites

Build from source

git clone https://github.com/aryans1319/devdoctor.git
cd devdoctor
go mod tidy
go build -o devdoctor .

Set up your API key

echo "GEMINI_API_KEY=your_key_here" > .env

Usage

# Scan current directory
./devdoctor scan .

# Scan a specific project
./devdoctor scan /path/to/your/project

# Get help
./devdoctor --help

Tech Stack

  • Language — Go 1.23
  • CLI frameworkCobra
  • AI — Gemini 2.5 Flash API
  • YAML parsing — gopkg.in/yaml.v3
  • Terminal colorsfatih/color

Project Structure

devdoctor/
├── cmd/
│   ├── root.go          → CLI root command
│   └── scan.go          → scan command handler
├── analyzer/
│   ├── dockerfile.go    → Dockerfile rules engine
│   ├── compose.go       → docker-compose rules engine
│   ├── gemini.go        → Gemini AI integration
│   └── scanner.go       → project folder walker
├── formatter/
│   └── output.go        → colored terminal output
├── models/
│   └── types.go         → shared data structs
└── main.go

Roadmap

  • Dockerfile analyzer
  • docker-compose analyzer
  • Gemini AI fix suggestions
  • Health score per file + overall
  • Kubernetes YAML checker
  • GitHub Actions workflow checker
  • --report flag — export HTML report
  • --ci flag — exit code 1 for CI/CD pipeline integration
  • Web interface — upload and analyze via browser
  • README badge generator

Author

Aryan Shaw — Backend Engineer
LinkedIn · GitHub · X

License

MIT

About

Devdoctor - A CLI tool a developer runs inside any project folder. It scans your infrastructure files, finds problems, and uses AI to suggest fixes. Like a doctor for your DevOps setup.

devdoctor-io.vercel.app/

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages