UNCLASSIFIED - NO CUI

Skip to content

Feature Request: Support Containerfile

BLUF: Iron Bank should support Containerfile in addition to Dockerfile. This removes vendor lock-in and requires minimal changes since the pipeline already uses Buildah.

The DoD Software Modernization Implementation Plan for FY25-26 encourages reducing barriers to new practices and making development tools more accessible. Iron Bank's Dockerfile-only approach forces teams to use Docker-specific naming even when they prefer the vendor-neutral Containerfile convention used in OpenShift and other container platforms.

This change is low-risk because Containerfile and Dockerfile have identical syntax, Iron Bank already uses Buildah to build images, Buildah's --file flag works with either filename, and the existing validation and build code already handles different file paths.

The fix is simple: update the file discovery logic to look for Containerfile first, then fall back to Dockerfile. If both files exist, build the first one found and log a warning. Teams should pick one filename to avoid confusion.

This change won't affect existing projects using Dockerfile but will help teams that prefer Containerfile. It reduces vendor lock-in while keeping Iron Bank's security and compliance features.

References

[1] Department of Defense, Software Modernization Implementation Plan FY25-26, Task 3.1, p. 13, Aug. 2024. [Online]. Available: https://dodcio.defense.gov/Portals/0/Documents/Library/SW-Mod-I-Plan25-26.pdf

[2] Podman/Buildah documentation, "podman build — file parameter," Accessed: Jun. 7, 2025. [Online]. Available: https://docs.podman.io/en/latest/markdown/podman-build.1.html

[3] containers/common, "Containerfile specification," GitHub, Accessed: Jun. 7, 2025. [Online]. Available: https://github.com/containers/common/blob/main/docs/Containerfile.5.md

[4] ironbank-pipeline, lint_jobs.py, lines 95–100, Accessed: Jun. 7, 2025. [Online]. Available: https://repo1.dso.mil/ironbank-tools/ironbank-pipeline/-/blob/master/pipeline1/0-setup/lint_jobs.py#L95-L100

[5] ironbank-pipeline, semgrep_scan.py, lines 36–37, Accessed: Jun. 7, 2025. [Online]. Available: https://repo1.dso.mil/ironbank-tools/ironbank-pipeline/-/blob/master/pipeline1/0-setup/semgrep_scan.py#L36-L37

[6] ironbank-pipeline, build.py, line 375, Accessed: Jun. 7, 2025. [Online]. Available: https://repo1.dso.mil/ironbank-tools/ironbank-pipeline/-/blob/master/pipeline1/2-build/build.py#L375

UNCLASSIFIED - NO CUI