Allow config file specification

Author: MrFired

action.yml

@@ -32,6 +32,10 @@ inputs:
     description: 'path to a .bandit file that supplies command line arguments'
     required: false
     default: 'DEFAULT'
+  config_path:
+    description: 'path to a YAML or TOML file that supplies command line arguments'
+    required: false
+    default: 'DEFAULT'
   GITHUB_TOKEN:
     description: 'Github token of the repository (automatically created by Github)'
     required: true
@@ -102,15 +106,22 @@ runs:
         else
             INI_PATH="--ini $INPUT_INI_PATH"
         fi
-        bandit -f sarif -o results.sarif -r $INPUT_PATH $LEVEL $CONFIDENCE $EXCLUDED_PATHS $EXIT_ZERO $SKIPS $INI_PATH
+
+        if [ "$INPUT_CONFIG_PATH" == "DEFAULT" ]; then
+            CONFIG_PATH=""
+        else
+            CONFIG_PATH="-c $INPUT_CONFIG_PATH"
+        fi
+        bandit -f sarif -o results.sarif -r $INPUT_PATH $LEVEL $CONFIDENCE $EXCLUDED_PATHS $EXIT_ZERO $SKIPS $INI_PATH $CONFIG_PATH
       env:
         INPUT_PATH: ${{ inputs.path }}
         INPUT_LEVEL: ${{ inputs.level }}
         INPUT_CONFIDENCE: ${{ inputs.confidence }}
         INPUT_EXCLUDED_PATHS: ${{ inputs.excluded_paths }}
         INPUT_EXIT_ZERO: ${{ inputs.exit_zero }}
         INPUT_SKIPS: ${{ inputs.skips }}
-        INPUT_INI_PATH: ${{ inputs.ini_path }}        
+        INPUT_INI_PATH: ${{ inputs.ini_path }}
+        INPUT_CONFIG_PATH: ${{ inputs.config_path }}
 
     - name: Upload artifact
       uses: actions/upload-artifact@v4