Removing hardcoded options in GHA docker run and providing output configuration

[kellydunn]

Description:

When using the trufflesecurity/trufflehog Github Action, there's currently no way to configure --fail, in the Github action itself, as it is hardcoded in action.yml here.

Additionally, it's helpful to be able to take the very useful output of trufflehog and process it in our own actions so we can aggregate the data to our observability tools. To enable this, this PR also provides an output block that enables developers to reference Trufflehog output in their actions via ${{ steps.trufflehog.outputs.results }}

This way, developers can run the github action like so:

      - name: Run Trufflehog
        id: trufflehog
        uses: trufflesecurity/trufflehog@main
        with:
          base: <base>
          head: <head>
          no_fail: "true"
          extra_args: "--json --results=verified,unknown"
          
      - name: Use Output
        id: use-output
        run: |
          echo ${{ steps.trufflehog.outputs.results }} | jq -s | ./bin/script

Update: This PR now also includes a more explicit mounting of ${{ github.workspace }} to the docker container, as before the relative path being mounted to /tmp wouldn't pick up any changes when providing commit ranges to the scan.

Checklist:

• Tests passing (make test-community)?
• Lint passing (make lint this requires golangci-lint)?

[CLAassistant]

All committers have signed the CLA.

[kashifkhan0771]

Hi @kellydunn Thanks for submitting the PR. Can you please sign the CLA.