update tfsec action

Author: zachrundle

.github/workflows/tfsec.yml

@@ -6,14 +6,25 @@ on:
   pull_request:
 jobs:
   tfsec:
-    name: tfsec
+    name: tfsec sarif report
     runs-on: ubuntu-latest
-
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
     steps:
       - name: Clone repo
-        uses: actions/checkout@master
+        uses: actions/checkout@v2
+        with:
+          persist-credentials: false
+
       - name: tfsec
-        uses: aquasecurity/tfsec-action@v1.0.0
+        uses: aquasecurity/tfsec-sarif-action@v0.1.0
+        with:
+          sarif_file: tfsec.sarif          
+
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@v1
         with:
-          soft_fail: true
-          additional_args: '--gif --sort-severity --run-statistics	--allow-checks-to-panic'
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: tfsec.sarif