Add a static code analysis workflow

.github/workflows/analysis.yml

@@ -0,0 +1,49 @@
+name: Analysis
+on: [push, pull_request]
+permissions:
+  contents: read
+
+jobs:
+  static_analysis:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        persist-credentials: false
+    - uses: WillAbides/setup-go-faster@v1
+      with:
+        go-version: 'stable'
+
+    - name: Install build dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install --no-install-recommends clang libgl1-mesa-dev libegl1-mesa-dev libgles2-mesa-dev libx11-dev xorg-dev
+        
+    - name: Install static analysis tools
+      run: |
+        go install github.com/securego/gosec/v2/cmd/gosec@latest
+        go install golang.org/x/vuln/cmd/govulncheck@latest
+        go install github.com/fzipp/gocyclo/cmd/gocyclo@latest
+        go install honnef.co/go/tools/cmd/staticcheck@latest
+        go install mvdan.cc/gofumpt@latest
+
+    - name: Vet
+      run: go vet ./...
+
+    - name: Gofumpt
+      run: test -z $(gofumpt -d -e . | tee /dev/stderr)
+
+    - name: Gocyclo
+      run: gocyclo -over 15 .
+
+    - name: Staticcheck
+      run: staticcheck ./...
+
+    - name: Gosec
+      run: gosec ./...
+
+    - name: Vulncheck
+      run: govulncheck ./...