Add skip if no Dockerfiles are in directories

.github/workflows/ci.yml

@@ -125,7 +125,6 @@ jobs:
         # especially if git change deletes Dockerfile
         uses: testdata/test_empty_dir
         with:
-          dockerfile: ""
           failure-threshold: error
           recursive: true
 

hadolint.sh

@@ -3,9 +3,18 @@
 # checkout (outside the Docker container running hadolint). We copy
 # problem-matcher.json to the home folder.
 
+# idable cheks for undefined env vars, in here mostly githu env vars
+# shellcheck disable=SC2154
+
+# do not run if no Dockerfiles fund (non-existent or git delete)
+
+git diff --diff-filter=ACMRT \
+  | grep Dockerfile \
+  || { echo "No new/changed Dockerfiles detected, skipping processing" && exit 0; }
+
 PROBLEM_MATCHER_FILE="/problem-matcher.json"
-if [ -f "$PROBLEM_MATCHER_FILE" ]; then
-  cp "$PROBLEM_MATCHER_FILE" "$HOME/"
+if [[ -f "${PROBLEM_MATCHER_FILE}" ]]; then
+  cp "${PROBLEM_MATCHER_FILE}" "${HOME}/"
 fi
 # After the run has finished we remove the problem-matcher.json from
 # the repository so we don't leave the checkout dirty. We also remove
@@ -16,52 +25,53 @@ cleanup() {
 }
 trap cleanup EXIT
 
-echo "::add-matcher::$HOME/problem-matcher.json"
+echo "::add-matcher::${HOME}/problem-matcher.json"
 
-if [ -n "$HADOLINT_CONFIG" ]; then
+if [[ -n "${HADOLINT_CONFIG}" ]]; then
   HADOLINT_CONFIG="-c ${HADOLINT_CONFIG}"
 fi
 
-if [ -z "$HADOLINT_TRUSTED_REGISTRIES" ]; then
+if [[ -z "${HADOLINT_TRUSTED_REGISTRIES}" ]]; then
   unset HADOLINT_TRUSTED_REGISTRIES
 fi
 
-COMMAND="hadolint $HADOLINT_CONFIG"
+COMMAND="hadolint ${HADOLINT_CONFIG}"
 
-if [ "$HADOLINT_RECURSIVE" = "true" ]; then
+if [[ "${HADOLINT_RECURSIVE}" = "true" ]]; then
   shopt -s globstar
 
   filename="${!#}"
   flags="${*:1:$#-1}"
 
-  RESULTS=$(eval "$COMMAND $flags" -- **/"$filename")
+  RESULTS=$(eval "${COMMAND} ${flags}" -- **/"${filename}")
 else
   flags=$*
-  RESULTS=$(eval "$COMMAND" "$flags")
+  RESULTS=$(eval "${COMMAND}" "${flags}")
 fi
 FAILED=$?
 
-if [ -n "$HADOLINT_OUTPUT" ]; then
-  if [ -f "$HADOLINT_OUTPUT" ]; then
-    HADOLINT_OUTPUT="$TMP_FOLDER/$HADOLINT_OUTPUT"
+if [[ -n "${HADOLINT_OUTPUT}" ]]; then
+  if [[ -f "${HADOLINT_OUTPUT}" ]]; then
+    HADOLINT_OUTPUT="${TMP_FOLDER}/${HADOLINT_OUTPUT}"
   fi
-  echo "$RESULTS" >"$HADOLINT_OUTPUT"
+  echo "${RESULTS}" >"${HADOLINT_OUTPUT}"
 fi
 
 RESULTS="${RESULTS//$'\\n'/''}"
 
 {
   echo "results<<EOF"
-  echo "$RESULTS"
+  echo "${RESULTS}"
   echo "EOF"
-} >>"$GITHUB_OUTPUT"
+} >>"${GITHUB_OUTPUT}"
 
 {
   echo "HADOLINT_RESULTS<<EOF"
-  echo "$RESULTS"
+  echo "${RESULTS}"
   echo "EOF"
-} >>"$GITHUB_ENV"
+} >>"${GITHUB_ENV}"
 
-[ -z "$HADOLINT_OUTPUT" ] || echo "Hadolint output saved to: $HADOLINT_OUTPUT"
+[[ -z "${HADOLINT_OUTPUT}" ]] || echo "Hadolint output saved to: ${HADOLINT_OUTPUT}"
 
-exit $FAILED
+# shellcheck disable=SC2248
+exit ${FAILED}

testdata/test_empty_dir/README.md

@@ -0,0 +1,4 @@
+This directory is intentionally empty.
+
+It is used by the test suite to verify that hadolint action is not executed
+if processed directory does not contain any Dockerfile.