Description
I am facing the problem that Checkov is silently ignoring some of our Dockerfiles though they are present and valid. Some digging into Checkov's code brought up this pattern found here:
|
DOCKERFILE_MASK = re.compile(r"^(?:.+\.)?[Dd]ockerfile(?:\..+)?$(?<!\.[Dd]ockerignore)") |
Now we have some files not named "Dockerfile" or "dockerfile" but instead something like "AdtDockerfile" which will not be matched by the pattern.
Now the question I'd like to ask is if there is any special reason why Checkov only accepts these base dockerfile names? Are there any plans on enhancing this pattern? If not, would you accept a PR on this issue?
Version:
Thanks! Bernd
Description
I am facing the problem that Checkov is silently ignoring some of our Dockerfiles though they are present and valid. Some digging into Checkov's code brought up this pattern found here:
checkov/checkov/common/util/dockerfile.py
Line 3 in da500c3
Now we have some files not named "Dockerfile" or "dockerfile" but instead something like "AdtDockerfile" which will not be matched by the pattern.
Now the question I'd like to ask is if there is any special reason why Checkov only accepts these base dockerfile names? Are there any plans on enhancing this pattern? If not, would you accept a PR on this issue?
Version:
Thanks! Bernd