diff --git a/.github/workflows/build-container.yaml b/.github/workflows/build-container.yaml
new file mode 100644
index 00000000..2d3a2a71
--- /dev/null
+++ b/.github/workflows/build-container.yaml
@@ -0,0 +1,47 @@
+name: Container Build
+# Identical to build-push.yaml; but executed on pull requests
+# where the quay secret is not available, to test that we can
+# build the containers using the `redhat-actions/buildah-build`
+# action.
+on:
+  pull_request:
+
+jobs:
+  build:
+    name: Build container images
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        # Fetch enough commit info to feed version generator
+        fetch-depth: 10
+    - uses: actions/setup-python@v4
+      with:
+        python-version: "3.12"
+    - uses: Gr1N/setup-poetry@v9
+    - name: Install dependencies
+      run: |
+        cd backend
+        poetry install
+
+    - name: Build Frontend Image
+      id: build-front
+      uses: redhat-actions/buildah-build@v2
+      with:
+        image: frontend
+        context: frontend
+        tags: latest ${{ github.sha }}
+        containerfiles: |
+          ./frontend/frontend.containerfile
+
+    - name: Generate version file
+      run: |
+        cd backend
+        poetry run scripts/version.py
+
+    - name: Build Backend Image
+      id: build-back
+      run: |
+        cd backend
+        podman build -t backend:${{ github.sha }} -t backend:latest -f backend.containerfile .
diff --git a/.github/workflows/build-push.yaml b/.github/workflows/build-push.yaml
index a421561d..b74af07d 100644
--- a/.github/workflows/build-push.yaml
+++ b/.github/workflows/build-push.yaml
@@ -50,14 +50,9 @@ jobs:
 
     - name: Build Backend Image
       id: build-back
-      uses: redhat-actions/buildah-build@v2
-      with:
-        image: backend
-        context: backend
-        tags: latest ${{ github.sha }}
-        containerfiles: |
-          ./backend/backend.containerfile
-
+      run: |
+        cd backend
+        podman build -t backend:${{ github.sha }} -t backend:latest -f backend.containerfile .  
     - name: Push backend image to quay.io
       id: push-back-to-quay
       uses: redhat-actions/push-to-registry@v2
diff --git a/.github/workflows/release-build-push.yaml b/.github/workflows/release-build-push.yaml
index 88f50907..19d0f1bc 100644
--- a/.github/workflows/release-build-push.yaml
+++ b/.github/workflows/release-build-push.yaml
@@ -51,13 +51,9 @@ jobs:
 
     - name: Build Backend Image
       id: build-back
-      uses: redhat-actions/buildah-build@v2
-      with:
-        image: backend
-        context: backend
-        tags: prod ${{ github.sha }}
-        containerfiles: |
-          ./backend/backend.containerfile
+      run: |
+        cd backend
+        podman build -t backend:${{ github.sha }} -t backend:prod -f backend.containerfile .
 
     - name: Push backend image to quay.io
       id: push-back-to-quay
diff --git a/backend/backend.containerfile b/backend/backend.containerfile
index 22c703c8..609ee189 100644
--- a/backend/backend.containerfile
+++ b/backend/backend.containerfile
@@ -1,4 +1,4 @@
-FROM quay.io/centos/centos:stream10
+FROM quay.io/centos/centos:stream9
 
 # 0) Configure Poetry and environment for OpenShift non-root execution
 ENV POETRY_VIRTUALENVS_CREATE=false \
@@ -6,11 +6,18 @@ ENV POETRY_VIRTUALENVS_CREATE=false \
     XDG_CONFIG_HOME=/backend/.config \
     XDG_CACHE_HOME=/backend/.cache
 
+RUN dnf update -y
+RUN dnf install -y 'dnf-command(config-manager)'
+RUN dnf config-manager --set-enabled crb
+RUN dnf install -y epel-release epel-next-release
+RUN dnf install -y python3.12 python3.12-devel python3.12-pip gcc gcc-c++
+
+RUN ln -sf /usr/bin/python3.12 /usr/bin/python3 && ln -sf /usr/bin/pip3.12 /usr/bin/pip3
+
 # 1) Install system deps + Poetry globally (root)
 #    Installing Poetry globally ensures the binary is on /usr/local/bin
 #    and therefore available in both OpenShift (random UID) and Podman (root) environments
-RUN dnf install -y python3-pip gcc python3-devel gcc-c++ && \
-    pip3 install --no-cache-dir poetry && \
+RUN pip3 install --no-cache-dir poetry && \
     dnf clean all
 
 # 2) Prepare writable dirs
diff --git a/testing/functional.containerfile b/testing/functional.containerfile
index c23a1661..f5afd836 100644
--- a/testing/functional.containerfile
+++ b/testing/functional.containerfile
@@ -1,4 +1,4 @@
-FROM quay.io/centos/centos:stream10
+FROM quay.io/centos/centos:stream9
 
 ENV PATH=/root/.local/bin:$PATH \
     LANG=C.UTF-8 \
@@ -16,9 +16,15 @@ WORKDIR /backend
 RUN mkdir -p ${HOME} ${HOME}/.config/pypoetry ${HOME}/.cache/pypoetry && \
     chmod -R g+rwX ${HOME}
 
-RUN dnf install -y pip gcc python3-devel gcc-c++
+RUN dnf update -y
+RUN dnf install -y 'dnf-command(config-manager)'
+RUN dnf config-manager --set-enabled crb
+RUN dnf install -y epel-release epel-next-release
+RUN dnf install -y python3.12 python3.12-devel python3.12-pip gcc gcc-c++
 
-RUN pip install --user poetry
+RUN ln -sf /usr/bin/python3.12 /usr/bin/python3 && ln -sf /usr/bin/pip3.12 /usr/bin/pip3
+
+RUN pip3 install --user poetry
 
 # 3) Copy manifest files & install Python deps via export
 COPY backend/pyproject.toml backend/poetry.lock backend/version.json ./