Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Currently, Checkov only scans Dockerfiles. With Podman and Buildah favoring Containerfiles for builds over Dockerfiles, supporting Containerfile scanning in Checkov ensures alignment with evolving containerization practices. So request that support for scanning Containerfile be added to Checkov.
Since Containerfiles are similar to Dockerfiles, I believe this addition should be straightforward as the existing Dockerfile scanning code should work for Containerfiles also.
Currently, Checkov only scans Dockerfiles. With Podman and Buildah favoring Containerfiles for builds over Dockerfiles, supporting Containerfile scanning in Checkov ensures alignment with evolving containerization practices. So request that support for scanning Containerfile be added to Checkov.
Since Containerfiles are similar to Dockerfiles, I believe this addition should be straightforward as the existing Dockerfile scanning code should work for Containerfiles also.
Rationale: https://github.com/containers/buildah/discussions/3170