[Suggestion] publishing results as artifacts and scans

[RolfMoleman]

Hi , First of all, I really like the extension as the tfsec tab on the UI gives a clear view of test severity. from my testing though it seems to publish the bubbles to the ui whether the results be a pass or a fail, but that could be down to my configuration.

Current state

I currently have the task added to a test pipeline as follows:

steps:
- task: tfsec@1
  inputs:
    #version: 'v1.26.0'
    debug: true
    args: '--allow-checks-to-panic --force-all-dirs --format default,json,csv,checkstyle,junit,sarif,gif --include-ignored --include-passed --out /tmp/'
    dir: '$(System.DefaultWorkingDirectory)/.build/terraform'

Currently we cannot declare any additional output formats due to json and junit already being declared in the extension code.
We cannot declare a desired output directory - this makes sense for the test results part. However, due to the output path of the results being randomly generated it is not possible to capture the results to publish them as an artifact.

Suggested improvements

• amending the output file formats to include all of the available tfsec file formats by default
• amend the output path to be a specific path e.g. $(System.DefaultWorkingDirectory)/tfsec_results
• include publishing the sarif results to CodeAnalysisLogs for integration with the scans tab