build: Add missing Celery task decorators, and add CI check for it (#33154)

.github/workflows/semgrep.yml

@@ -0,0 +1,45 @@
+# Finds code problems by structural pattern matching.
+#
+# New rules can be added to test_root/semgrep/ and they should be picked up
+# automatically. See https://semgrep.dev/docs/ for documentation.
+
+name: Semgrep code quality
+
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+
+jobs:
+  run_semgrep:
+    name: Semgrep analysis
+    runs-on: "${{ matrix.os }}"
+    strategy:
+      matrix:
+        os: [ "ubuntu-20.04" ]
+        python-version: [ "3.8" ]
+
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 1
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "${{ matrix.python-version }}"
+
+      - name: Install semgrep
+        run: |
+          make pre-requirements
+          pip-sync requirements/edx/semgrep.txt
+
+      - name: Run semgrep
+        env:
+          # Peg this to some reasonable value so that semgrep's rewrapping
+          # of messages doesn't break up lines in an unpredictable manner:
+          # https://github.com/returntocorp/semgrep/issues/8608
+          COLUMNS: 80
+        run: |
+          semgrep scan --config test_root/semgrep/ --error --quiet \
+            -- lms cms common openedx