CI: Set up a static code analysis tool

We need to run a CI job that executes static analysis tools, starting with CodeQL and increasing the variety of tools on an as-needed basis:
https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql