Code scanning can now be easily setup with a few button clicks, and without committing a workflow file to the repository.
The new default setup feature is available for CodeQL on repositories that use GitHub Actions. You can use default setup on your repository's "Settings" tab under "Code security and analysis" (accessible by repository admins and security managers).
The options to set up code scanning using an Actions workflow file or through API upload from 3rd party CI/CD systems remain supported and are unchanged. This more advanced setup method can be useful if you need to alter the default configuration, for example to include custom query packs. Default setup configurations can also be converted to advanced setups if your analysis requirements change.
Default setup is currently available at the repository level. We are actively working on future features at the organization level so you can easily set up code scanning at scale across large numbers of repositories.
This has shipped to GitHub.com and will be available in GitHub Enterprise Server 3.9. To learn more, read the documentation on setting up code scanning for a repository.