Add resolve-environment action

[mbg]

Summary

This PR adds a new resolve-environment action which calls the new CLI resolve build-environment command to try and infer a configuration for the build environment that is suitable for the autobuilder. Example workflow (assuming a repository with a Go project):

jobs:
  analyze-linux:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v3

      - uses: github/codeql-action/resolve-environment@mbg/add-resolve-environment
        id: resolve-environment
        with:
          language: go

      - run: echo "${{ steps.resolve-environment.outputs.environment }}"

The action performs the following work:

• Downloads the CodeQL CLI (optionally from the tools input); same behaviour as the init action.
• Runs the resolve build-environment command and stores the JSON result received from that in the environment output

[henrymercer]

This is looking in good shape!

• I think it's worth writing a CHANGELOG note for observant customers who are watching the repo to say that this Action is an internal experiment, is subject to change and shouldn't be used in production.
• It'd be good to have a basic integration test of this once we have a CLI to test it against, just to make sure everything is wired up correctly.
• We will need to make some internal changes to start capturing telemetry properly — for instance we need to add resolve-environment to an allowlist in the monolith. Though there's no rush to make this change.

[aeisenberg]

Are there any known user errors that we should ignore? Eg- trying to resolve an unknown language? Trying to avoid spurious triggers of our SLOs.

[mbg]

I think this will probably get addressed by the proposed handling of CLI errors in general: #1684 (comment)

[henrymercer]

Nice! Some minor suggestions to improve this before we merge.

[mbg]

In addition to the basic integration test included in this PR, we also have an internal repo with a more comprehensive test matrix which covers most cases that the Go autobuilder distinguishes between when resolving build environments. That forms an end-to-end test for all the new components related to this work.

[henrymercer]

One improvement around better CLI error handling for old CLIs, otherwise this LGTM.

[henrymercer]

Checks are currently failing since nightly-latest doesn't have a version number of 2.13.4+ yet. I suggest we point to the new 2.13.4 bundle directly (stable-v2.13.4) or alternatively wait until #1721 is merged and use latest in the checks.

[henrymercer]

Thanks for addressing the feedback on the naming of the check step! This LGTM