Draft: Allow passing additional config from ENV vars

Note: Although I originally intended to modify this code for my personal usage, I mistakenly left the target as the default upstream repo when opening this MR. But well, since it's here, I'll let you decide if it is relevant to be shared as well.

What does this MR do?

• Allows the following configuration CLI options to be provided in ENV vars:
  • SAST_SOBELOW_IGNORE as the argument for --ignore (defaults to Config,Vuln)
  • SAST_SOBELOW_IGNORE_FILES as the argument for --ignore-files (no files ignored by default)
  • SAST_SOBELOW_THRESHOLD as the argument for --threshold (defaults to low)
  • SAST_SOBELOW_ROUTER as the argument for --router (not necessary if router location is standard)
• Re-enables vulnerabilities in Config module, previously disabled because it was not stable enough in earlier versions of sobelow.

See CHANGELOG and README.

What are the relevant issue numbers?

I haven't created any issue for this as I originally intended the change for personal usage.

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/10527
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer