feat(misconf): add ability to disable checks by ID

[nikpivkin]

Description

This PR adds the ability to disable Rego checks by their IDs as discussed here. This is not available to users, only within Trivy.

Related PRs

• refactor(misconf): pass options to Rego scanner as is #7529

Checklist

• I've read the guidelines for contributing to this repository.
• I've followed the conventions in the PR title.
• I've added tests that prove my fix is effective or that my feature works.
• I've updated the documentation with the relevant information (if needed).
• I've added usage information (if the PR introduces new options)
• I've included a "before" and "after" example to the description (if the PR is a user interface change).

[nikpivkin]

@simar7 Should we consider the namespace when ignoring if the user will have their own custom check with the same ID as our disabled check?

[simar7]

@simar7 Should we consider the namespace when ignoring if the user will have their own custom check with the same ID as our disabled check?

I see your point but I don't think that's needed knowing they shouldn't be using an ID that a builtin check uses. Speaking of that:

1. What happens if they use regardless? I would assume their check would run regardless, right?
2. We should document that custom checks should use an ID that is not taken up by an existing check. Which we do here https://aquasecurity.github.io/trivy/v0.55/docs/scanner/misconfiguration/custom/#customavd_id-and-customid

[nikpivkin]

Correct, id uniqueness is not checked.

[simar7]

Correct, id uniqueness is not checked.

I added the check for namespace 74c9297

[nikpivkin]

This condition will always be true. You can default to passing the option with a user-defined namespace, it will have no effect if there is no user check.

[simar7]

ah doh! thanks for the catch.

[nikpivkin]

Fixed 7246de4