Add a static source code analyser to our GitHub Actions

[kripton]

As discussed during the PlugFest, OLA might benefit from running some kind of static code analysis. While I'm perfectly open to alternatives, I do like how SonarQube / SonarCloud reports issues and there is GitHub Actions integration, including PR-annotation (as we currently do with codespell). Also, SonarCloud is free for Open Source projects:

SonarLint is completely free. SonarQube Community Edition is free. All other SonarQube editions are commercial and require a paid license. SonarCloud is entirely free for all open source projects. You only pay if you want to analyze private repositories.

(from https://www.sonarsource.com/open-source-editions/, FAQ entry "Are the products always free? ")

Thus, I would propose to enable SonarCloud integration for OLA.

[kripton]

If there are no objections (looking @peternewman :D), I would install the SonarCloud app into the ola repository using my account and permissions. See: https://github.com/apps/sonarcloud

[DaAwesomeP]

This also goes along the lines of #1889 and #1890 which have been on the table for a bit. We should really get those reviewed/merged before considering more analysis otherwise the additional analysis may not result in improvements.

My personal C++ stack currently contains:

• clang-tidy: This is a wonderful tool but would need rules to be slowly enabled and fixed for a repo of this size; I really like clangt-tidy and its rule-sets are very well-defined
• -Werror: This seems like a given but often isn't on by default
• iwyu (include what you use)
• I used to do this string of checks, but clang-tidy handles these instead for me now: -Werror -Wextra -Wall -Wfloat-equal -Wconversion -Wparentheses -pedantic -Wunused-parameter -Wunused-variable -Wreturn-type -Wunused-function -Wredundant-decls -Wreturn-type -Wunused-value -Wswitch-default -Wuninitialized -Winit-self