Added support for optional config file

[celliott]

This changes adds the ability to pass a config file for the tfsec scans. See tfsec config-file docs.

We are using tfsec with cdktf generated tf.json files. tfsec scan does work well but we don't have the ability to add tfsec:ignore:<rule> to the cdktf def or the generated tf.json. We also use a common github actions and don't want to specify overrides using tfsec_exclude. Adding support for a config file gives us the option to pass a config file that lives in the cdktf repo and does allow us to exclude checks. This is an ideal integration for cdktf and tfsec b/c we would prefer not to globally ignore checks and instead use tfsec ignore on specific resources blocks.

[triat]

Hi @celliott, Thanks for the PR, it is always appreciated.

I've left you a comment that might require some rework. I can also see that the CI has shown a few things that could be improved if you don't mind changing them.

[celliott]

Hi @celliott, Thanks for the PR, it is always appreciated.

I've left you a comment that might require some rework. I can also see that the CI has shown a few things that could be improved if you don't mind changing them.

Thx for looking. I made a change that should resolve the CI issue. I also added a note about your other comment. Let me know what you think. thx!

[triat]

Hi @celliott, Thanks for the PR, it is always appreciated. I've left you a comment that might require some rework. I can also see that the CI has shown a few things that could be improved if you don't mind changing them.

Thx for looking. I made a change that should resolve the CI issue. I also added a note about your other comment. Let me know what you think. thx!

Replied to you in the comments. Don't worry about the late answer, we're all living our lives and this take time :)