Fuzzing: Upload SARIF file to GitHub Security tab

Author: kateinoigakukun

.github/workflows/cflite_batch.yml

@@ -13,6 +13,8 @@ permissions: read-all
 jobs:
   BatchFuzzing:
     runs-on: ubuntu-latest
+    permissions:
+      security-events: write
     strategy:
       fail-fast: false
       matrix:
@@ -37,3 +39,9 @@ jobs:
         storage-repo: https://${{ secrets.SWIFTWASM_BOT_GITHUB_TOKEN }}@github.com/swiftwasm/wasmkit-fuzz-corpora.git
         storage-repo-branch: main
         storage-repo-branch-coverage: gh-pages
+    - name: Upload Sarif
+      if: always() && steps.build.outcome == 'success'
+      uses: github/codeql-action/upload-sarif@v2
+      with:
+       sarif_file: cifuzz-sarif/results.sarif
+       checkout_path: cifuzz-sarif