refactor(ci): integrate codeql analysis into build job

- Adds CodeQL init and analyze steps directly into the 'build' job.
- Leverages the existing devcontainer build step to ensure CodeQL
  analyzes the correctly built code.
- Consolidates CI into a more efficient, single-job workflow for
  building and scanning.

Author: jcscottiii

.github/workflows/ci.yml

@@ -26,6 +26,9 @@ env:
 jobs:
   build:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      security-events: write
     steps:
       - name: Checkout (GitHub)
         uses: actions/checkout@v5
@@ -37,15 +40,21 @@ jobs:
         with:
           node-version: ${{ env.NODE_VERSION }}
           cache: 'npm'
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v4
+        with:
+          languages: go, javascript-typescript, actions
       - name: Get Repo Owner
         id: get_repo_owner
         run: echo "REPO_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" > $GITHUB_ENV
-      - name: Run precommit target for CI
+      - name: Run build and precommit for CI
         uses: devcontainers/[email protected]
         with:
           cacheFrom: ghcr.io/${{ env.REPO_OWNER }}/webstatus-dev-devcontainer-ci-precommit
           push: never
-          runCmd: make precommit
+          runCmd: make gen && make precommit
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v4
   playwright:
     runs-on: ubuntu-latest
     steps: