Sync CodeQL workflow with instrumentation repo (#243)

* Sync CodeQL workflow with instrumentation repo

* Bump to Java 17

* Update .github/workflows/nightly-codeql-analysis.yml

Co-authored-by: Anuraag Agrawal <[email protected]>

Co-authored-by: Anuraag Agrawal <[email protected]>

Author: trask

.github/templates/workflow-failed.md

@@ -0,0 +1,6 @@
+---
+title: "{{ env.GITHUB_WORKFLOW }} #{{ env.GITHUB_RUN_NUMBER }} failed"
+labels: bug, area:build, priority:p1
+---
+<a href="https://github.com/{{ env.GITHUB_REPOSITORY }}/actions/runs/{{ env.GITHUB_RUN_ID }}">
+{{ env.GITHUB_WORKFLOW }} #{{ env.GITHUB_RUN_NUMBER }}</a> failed. Please take a look and fix it ASAP.

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,51 @@
+name: Nightly CodeQL analysis
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '30 1 * * *'
+
+jobs:
+  analyze:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Setup Java 17
+        uses: actions/setup-java@v2
+        with:
+          distribution: temurin
+          java-version: 17
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: java
+
+      - uses: gradle/gradle-build-action@v2
+        with:
+          # skipping build cache is needed so that all modules will be analyzed
+          arguments: assemble --no-build-cache
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1
+
+  issue:
+    name: Open issue on failure
+    needs: analyze
+    runs-on: ubuntu-latest
+    if: always()
+    steps:
+      # run this action to get workflow conclusion
+      # You can get conclusion by env (env.WORKFLOW_CONCLUSION)
+      - uses: technote-space/[email protected]
+
+      - uses: actions/checkout@v3
+
+      - uses: JasonEtco/[email protected]
+        if: env.WORKFLOW_CONCLUSION == 'failure' # notify only if failure
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          filename: .github/templates/workflow-failed.md