From 5b510801b75e46616c629f23568d4203aa2df57b Mon Sep 17 00:00:00 2001
From: Oleksandr Sanin <alexaaander.sanin@gmail.com>
Date: Tue, 26 May 2026 09:09:11 +0000
Subject: [PATCH] fix(dockerfile): support custom-prefix Dockerfile names like
 AdtDockerfile

The DOCKERFILE_MASK regex only matched files where "Dockerfile" appeared
at the start or after a dot separator (e.g. Dockerfile, dev.Dockerfile).
Files that use a CamelCase or word prefix without a dot separator, such
as AdtDockerfile or MyServiceDockerfile, were silently skipped, leaving
those images unscanned.

The regex is updated to also match when a non-dot prefix precedes an
uppercase-D "Dockerfile". Lowercase-only prefixes (e.g. ddockerfile)
remain invalid to avoid ambiguity. All existing valid/invalid test cases
continue to pass.

Closes #7541

Signed-off-by: Oleksandr Sanin <alexaaander.sanin@gmail.com>
---
 checkov/common/util/dockerfile.py | 2 +-
 tests/dockerfile/test_utils.py    | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/checkov/common/util/dockerfile.py b/checkov/common/util/dockerfile.py
index 35fa12e471..77e50f41f1 100644
--- a/checkov/common/util/dockerfile.py
+++ b/checkov/common/util/dockerfile.py
@@ -1,6 +1,6 @@
 import re
 
-DOCKERFILE_MASK = re.compile(r"^(?:.+\.)?[Dd]ockerfile(?:\..+)?$(?<!\.[Dd]ockerignore)")
+DOCKERFILE_MASK = re.compile(r"^(?:(?:.+\.)?[Dd]|.+D)ockerfile(?:\..+)?$(?<!\.[Dd]ockerignore)")
 
 
 def is_dockerfile(file: str) -> bool:
diff --git a/tests/dockerfile/test_utils.py b/tests/dockerfile/test_utils.py
index f4989b4b9b..5514442fed 100644
--- a/tests/dockerfile/test_utils.py
+++ b/tests/dockerfile/test_utils.py
@@ -12,6 +12,9 @@
     "Dockerfile.Product1",
     "dev.Dockerfile",
     "team1.product.dockerfile",
+    "AdtDockerfile",
+    "MyServiceDockerfile",
+    "AdtDockerfile.prod",
 ]
 INVALID_DOCKERFILE_NAMES = [
     "package.json",