Update to Anchore inline_scan/Engine v0.8.0 (#44)

Signed-off-by: Robert Prince <robert.prince@anchore.com>

dist/index.js

@@ -1083,7 +1083,7 @@ const { exec } = __webpack_require__(986);
 const fs = __webpack_require__(747);
 
 const scanScript = 'inline_scan';
-const defaultAnchoreVersion = '0.7.3';
+const defaultAnchoreVersion = '0.8.0';
 
 // sarif code
 function convert_severity_to_acs_level(input_severity, severity_cutoff_param) {
@@ -1310,10 +1310,10 @@ async function run() {
         var inlineScanImage;
         const SEVERITY_LIST = ['Unknown', 'Negligible', 'Low', 'Medium', 'High', 'Critical'];
 
-        if (!debug) {
-            debug = "false";
-        } else {
+        if (debug.toLowerCase() === "true") {
             debug = "true";
+        } else {
+            debug = "false";
         }
 
         if (failBuild.toLowerCase() === "true") {
@@ -1328,29 +1328,26 @@ async function run() {
             acsReportEnable = false;
         }
 
-        if (!acsSevCutoff) {
-            acsSevCutoff = "Medium"
-        }
-        else if (
+        if (
             !SEVERITY_LIST.some(
               item =>
                 typeof acsSevCutoff === 'string' &&
                 item === acsSevCutoff,
             )
           ) {
             throw new Error ('Invalid acs-report-severity-cutoff value is set - please ensure you are choosing either Unknown, Negligible, Low, Medium, High, or Critical');
-          }
+        }
 
         if (!version) {
             version = `${defaultAnchoreVersion}`;
         }
 
-        if (!includePackages) {
-            includePackages = false;
-            inlineScanImage = `docker.io/anchore/inline-scan-slim:v${version}`;
-        } else {
+        if (includePackages.toLowerCase() === "true") {
             includePackages = true;
             inlineScanImage = `docker.io/anchore/inline-scan:v${version}`;
+        } else {
+            includePackages = false;
+            inlineScanImage = `docker.io/anchore/inline-scan-slim:v${version}`;
         }
 
         if (customPolicyPath) {
@@ -3755,6 +3752,7 @@ class HTTPError extends Error {
 }
 exports.HTTPError = HTTPError;
 const IS_WINDOWS = process.platform === 'win32';
+const IS_MAC = process.platform === 'darwin';
 const userAgent = 'actions/tool-cache';
 /**
  * Download a tool from an url and stream it into a file
@@ -3970,6 +3968,36 @@ function extractTar(file, dest, flags = 'xz') {
     });
 }
 exports.extractTar = extractTar;
+/**
+ * Extract a xar compatible archive
+ *
+ * @param file     path to the archive
+ * @param dest     destination directory. Optional.
+ * @param flags    flags for the xar. Optional.
+ * @returns        path to the destination directory
+ */
+function extractXar(file, dest, flags = []) {
+    return __awaiter(this, void 0, void 0, function* () {
+        assert_1.ok(IS_MAC, 'extractXar() not supported on current OS');
+        assert_1.ok(file, 'parameter "file" is required');
+        dest = yield _createExtractFolder(dest);
+        let args;
+        if (flags instanceof Array) {
+            args = flags;
+        }
+        else {
+            args = [flags];
+        }
+        args.push('-x', '-C', dest, '-f', file);
+        if (core.isDebug()) {
+            args.push('-v');
+        }
+        const xarPath = yield io.which('xar', true);
+        yield exec_1.exec(`"${xarPath}"`, _unique(args));
+        return dest;
+    });
+}
+exports.extractXar = extractXar;
 /**
  * Extract a zip
  *
@@ -4278,6 +4306,13 @@ function _getGlobal(key, defaultValue) {
     /* eslint-enable @typescript-eslint/no-explicit-any */
     return value !== undefined ? value : defaultValue;
 }
+/**
+ * Returns an array of unique values.
+ * @param values Values to make unique.
+ */
+function _unique(values) {
+    return Array.from(new Set(values));
+}
 //# sourceMappingURL=tool-cache.js.map
 
 /***/ }),

index.js

@@ -4,7 +4,7 @@ const { exec } = require('@actions/exec');
 const fs = require('fs');
 
 const scanScript = 'inline_scan';
-const defaultAnchoreVersion = '0.7.3';
+const defaultAnchoreVersion = '0.8.0';
 
 // sarif code
 function convert_severity_to_acs_level(input_severity, severity_cutoff_param) {