Add support for tfsec Terraform linter (#4323)

test/handler/test_tfsec_handler.vader

@@ -0,0 +1,52 @@
+Before:
+  runtime ale_linters/terraform/tfsec.vim
+
+After:
+  call ale#linter#Reset()
+
+Execute(The tfsec handler should handle empty outout):
+  AssertEqual
+  \ [],
+  \ ale_linters#terraform#tfsec#Handle(bufnr(''), ['{"results": null}'])
+
+Execute(The tfsec handler should parse results correctly):
+  AssertEqual
+  \ [
+  \   {
+  \     'filename': '/test/main.tf',
+  \     'lnum': 10,
+  \     'end_lnum': 12,
+  \     'text': "IAM policy document uses sensitive action 'iam:PassRole' on wildcarded resource '*'",
+  \     'code': 'aws-iam-no-policy-wildcards',
+  \     'type': 'W',
+  \   },
+  \],
+  \ ale_linters#terraform#tfsec#Handle(bufnr(''), json_encode(
+  \ {
+  \   "results": [
+  \     {
+  \       "rule_id": "AVD-AWS-0057",
+  \       "long_id": "aws-iam-no-policy-wildcards",
+  \       "rule_description": "IAM policy should avoid use of wildcards and instead apply the principle of least privilege",
+  \       "rule_provider": "aws",
+  \       "rule_service": "iam",
+  \       "impact": "Overly permissive policies may grant access to sensitive resources",
+  \       "resolution": "Specify the exact permissions required, and to which resources they should apply instead of using wildcards.",
+  \       "links": [
+  \         "https://aquasecurity.github.io/tfsec/v1.28.0/checks/aws/iam/no-policy-wildcards/",
+  \         "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document"
+  \       ],
+  \       "description": "IAM policy document uses sensitive action 'iam:PassRole' on wildcarded resource '*'",
+  \       "severity": "HIGH",
+  \       "warning": v:false,
+  \       "status": 0,
+  \       "resource": "data.aws_iam_policy_document.default",
+  \       "location": {
+  \          "filename": "/test/main.tf",
+  \          "start_line": 10,
+  \          "end_line": 12
+  \       }
+  \     }
+  \   ]
+  \ }
+  \))

test/linter/test_terraform_tfsec.vader

@@ -0,0 +1,38 @@
+Before:
+  call ale#assert#SetUpLinterTest('terraform', 'tfsec')
+
+After:
+  call ale#assert#TearDownLinterTest()
+
+Execute(The default command should be correct):
+  AssertLinter 'tfsec', ale#Escape('tfsec') . ' --format json'
+
+Execute(The default executable should be configurable):
+  let b:ale_terraform_tfsec_executable = '/usr/bin/tfsec'
+
+  AssertLinter '/usr/bin/tfsec', ale#Escape('/usr/bin/tfsec') . ' --format json'
+
+Execute(Overriding options should work):
+  let g:ale_terraform_tfsec_executable = '/usr/local/bin/tfsec'
+  let g:ale_terraform_tfsec_options = '--minimum-severity MEDIUM'
+
+  AssertLinter '/usr/local/bin/tfsec',
+  \ ale#Escape('/usr/local/bin/tfsec') . ' --minimum-severity MEDIUM --format json'
+
+Execute(Configuration yml file should be found):
+  call ale#test#SetFilename('../test-files/tfsec/yml/main.tf')
+
+  AssertLinter 'tfsec',
+  \ ale#Escape('tfsec')
+  \   . ' --config-file '
+  \   . ale#Escape(ale#path#Simplify(g:dir . '/../test-files/tfsec/yml/.tfsec/config.yml'))
+  \   . ' --format json'
+
+Execute(Configuration json file should be found):
+  call ale#test#SetFilename('../test-files/tfsec/json/main.tf')
+
+  AssertLinter 'tfsec',
+  \ ale#Escape('tfsec')
+  \   . ' --config-file '
+  \   . ale#Escape(ale#path#Simplify(g:dir . '/../test-files/tfsec/json/.tfsec/config.json'))
+  \   . ' --format json'