Add environment variable GDN_TRIVY_SCANNERS to documentation

[tijnvdheuvel]

After searching for a while, looking why trivy was not reporting on some test-insecure terraform files. I realized that it was not reporting them since they were misconfigurations and not vulnerabilities (the default value). A few rabit holes and blatant guessing later and I found that I apparently could use the environment variable 'GDN_TRIVY_SCANNERS'.

Please add this to the documentation to avoid others also having to pass this ordeal.

Acceptable values for the variable are: vuln, misconfig and secret. E.g. below:
GDN_TRIVY_SCANNERS: 'vuln,misconfig,secret'

Thank you in advance.

[richardtucker]

Thank you for you feedback we will review an update our documentation

[jbrotsos]

Hello @tijnvdheuvel , I'm the Product Manager for this GH Action. I'm hoping you can help me gather some feedback on your experience using this action. If you don't mind taking this 3 minute anonymous survey, it would be greatly appreciated!

https://forms.microsoft.com/r/tciV74znSh

James Brotsos - jamesbrotsos@microsoft.com