New 'python' samples to test for edge case 'from' statements on files without extension or within docker folder, adjusted readPossibleDockerfile to an improved regex based logic, adjusted file.Dockerfile to test for whitespaces before a from statement

Author: cx-andre-pereira

pkg/utils/get_extension.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"os"
 	"path/filepath"
+	"regexp"
 	"strings"
 
 	"github.com/Checkmarx/kics/v2/internal/constants"
@@ -85,7 +86,8 @@ func readPossibleDockerFile(path string) bool {
 		if strings.HasPrefix(scanner.Text(), "#") || strings.HasPrefix(strings.ToLower(scanner.Text()), "arg") || scanner.Text() == "" {
 			continue
 		} else {
-			return strings.HasPrefix(strings.ToLower(scanner.Text()), "from ")
+			matched, _ := regexp.MatchString(`(?i)FROM\s+\S+(\s*$|\s+AS\s+\S+\s*$)`, scanner.Text())
+			return matched
 		}
 	}
 	return false

test/fixtures/dockerfile/case_insensitive_tests/file.Dockerfile

@@ -3,7 +3,7 @@ arg BASE_IMAGE=ubuntu:22.04
 
 # Comments after arg
 
-from alpine:3.19 as builder
+  from alpine:3.19 as builder
 
 copy . .
 

test/fixtures/dockerfile/dockerfiles/python_sample.py

@@ -0,0 +1,4 @@
+from urllib import request
+
+def main():
+    print("coiso")

test/fixtures/dockerfile/python_sample

@@ -0,0 +1,7 @@
+from urllib import request
+
+def main():
+    print("coiso")
+    # I love the RUN docker funtion and the FROM too
+
+