feat: add codeql GHA and cron job for image build to run trivy

.github/workflows/ci.yml

@@ -10,6 +10,8 @@ on:
     paths-ignore:
       - "**/*.md"
       - "LICENSE"
+  schedule:
+    - cron: '37 21 * * 5'
 jobs:
   test-and-build:
     strategy:
@@ -64,3 +66,4 @@ jobs:
         with:
           image: hypertrace/hypertrace-collector
           tag: latest
+          output-mode: github

.github/workflows/codeql.yml

@@ -0,0 +1,46 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  schedule:
+    - cron: '37 21 * * 5'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-22.04
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      - uses: hypertrace/github-actions/gradle@main
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2