feat(HACBS-1637): add CodeQL workflow to detect security flaws in code

[dheerajodha]

This CodeQL workflow can detect security flaws in our code by running scans.

We can view the results and fix issues before merging the code changes.

Signed-off-by: Dheeraj Singh Jodha djodha@redhat.com

[codecov]

Codecov Report

Base: 67.76% // Head: 71.40% // Increases project coverage by +3.63% 🎉

Coverage data is based on head (8f8eac0) compared to base (456ee68).
Patch has no changes to coverable lines.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #116      +/-   ##
==========================================
+ Coverage   67.76%   71.40%   +3.63%     
==========================================
  Files          24       25       +1     
  Lines        2147     2238      +91     
==========================================
+ Hits         1455     1598     +143     
+ Misses        553      491      -62     
- Partials      139      149      +10     

Impacted Files	Coverage Δ
tekton/integration_pipeline.go	97.33% <0.00%> (-2.67%)	⬇️
gitops/snapshot.go	78.76% <0.00%> (-1.94%)	⬇️
metrics/integration.go	85.71% <0.00%> (ø)
controllers/snapshot/snapshot_adapter.go	54.42% <0.00%> (+1.44%)	⬆️
controllers/pipeline/pipeline_controller.go	65.78% <0.00%> (+6.15%)	⬆️
controllers/pipeline/pipeline_adapter.go	58.27% <0.00%> (+7.94%)	⬆️
controllers/scenario/scenario_controller.go	97.82% <0.00%> (+19.56%)	⬆️
controllers/scenario/scenario_adapter.go	71.11% <0.00%> (+24.44%)	⬆️
controllers/scenario/predicates.go	57.14% <0.00%> (+42.85%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

[jsztuka]

Lgtm