Add support for gosec config file

What does this MR do?

With this change, if SAST_GOSEC_CONFIG points to a file, that file will be passed to gosec with the -conf flag. This will allow CI users to easily configure SAST for Go projects.

I have enabled SAST for some of my projects, and I am getting spurious G104 issues for APIs that are known to never return errors. Gosec supports suppressing these errors categorically via configuration, so this change adds the ability to pass configuration to Gosec.

What are the relevant issue numbers?

Given that this is a simple change, I created this MR instead of an issue.

Does this MR meet the acceptance criteria?

• Changelog entry added
  • The changelog has version numbers, so I'm not sure how to add this.
• Documentation created/updated for GitLab EE, if necessary
  • gitlab-org/security-products/sast!158 (closed)
• Documentation created/updated for this project, if necessary gitlab-org/gitlab!18050 (closed)
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• [-] Job definition updated, if necessary
  • [-] Auto-DevOps template
  • [-] Job definition example
  • [-] CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer