Add CodeQL workflow

[0xTim]

Adds a CodeQL workflow for static analysis.

[codecov-commenter]

Codecov Report

Merging #3039 (a7cd825) into main (b7c1f9c) will decrease coverage by 0.14%.
Report is 2 commits behind head on main.
The diff coverage is 100.00%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3039      +/-   ##
==========================================
- Coverage   76.72%   76.58%   -0.14%     
==========================================
  Files         211      211              
  Lines        7781     7786       +5     
==========================================
- Hits         5970     5963       -7     
- Misses       1811     1823      +12     

Files Changed	Coverage Δ
Sources/Vapor/Client/ClientRequest.swift	48.00% <100.00%> (+9.90%)	⬆️
...ources/Vapor/HTTP/Client/EventLoopHTTPClient.swift	97.50% <100.00%> (+0.06%)	⬆️

... and 4 files with indirect coverage changes

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[0xTim]

This is now done in central CI