gh-actions: Run codeql

Signed-off-by: Daniel Schaefer <dhs@frame.work>

Author: JohnAZoidberg

.github/workflows/codeql.yml

@@ -0,0 +1,61 @@
+# This workflow runs the latest CodeQL CLI and checks against CodeQL's Cpp library.
+# This is the source for the GitHub Security Code Scanning job.
+
+name: "CodeQL Analysis"
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+    paths-ignore:
+      - '**.md'
+      - 'LICENSE'
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches:
+      - main
+      - develop
+    paths-ignore:
+      - '**.md'
+      - 'LICENSE'
+    
+  # Allow manual scheduling
+  workflow_dispatch:
+
+jobs:
+  analyze:
+    name: Analysis
+    runs-on: windows-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'cpp' ]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          submodules: 'recursive'
+      - name: Install Nuget Packages
+        run: nuget restore .\packages.config -PackagesDirectory .\packages\
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          config-file: microsoft/Windows-Driver-Developer-Supplemental-Tools/config/codeql-config.yml@development
+          packs: +microsoft/windows-drivers@1.2.0-beta
+      - name: Retrieve and build all available solutions
+        run: |
+          msbuild FrameworkSensors\FrameworkSensors.sln /property:Configuration=Debug /property:Platform=x64
+
+      - name: Perform CodeQL analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{matrix.language}}"