Update CodeQL workflow (#317)

The main purpose of this change is to switch to using the v2 CodeQL actions since the v1 version is deprecated. This also adjusts the build process to build the entire codebase instead of just bzfs and a basic bzadmin. This now reflects our normal Linux build process including the client with SDL2 and bzadmin with ncurses. It will also try to use multiple CPU cores if available. Additionally, this add the master branch to the list of push and pull-request branches that CodeQL should analyze, adds the write permission for security events, switches to the v3 checkout action, and removes the depth and checkout settings as recommended.
BZFlag-Dev · Nov 6, 2022 · accc67c · accc67c
1 parent 1e63af1
commit accc67c
Showing 1 changed file with 18 additions and 22 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -1,45 +1,41 @@
-name: "CodeQL"
+name: "Code Scanning - Action"
 
 on:
   push:
-    branches: [2.4, ]
+    branches: [2.4, master]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [2.4]
+    branches: [2.4, master]
   schedule:
     - cron: '0 7 * * 2'
   workflow_dispatch:
 
 jobs:
-  analyse:
-    name: Analyse
+  CodeQL-Build:
     runs-on: ubuntu-latest
 
+    permissions:
+      # required for all workflows
+      security-events: write
+
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
-
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
+      uses: actions/checkout@v3
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       # Override language selection by uncommenting this and choosing your languages
       # with:
       #   languages: go, javascript, csharp, python, cpp, java
 
     - run: |
-        sudo apt-get update
-        sudo apt-get install libc-ares-dev libcurl3-dev libglm-dev
-        autoreconf -i
-        ./configure --disable-client
-        make
+        sudo apt-get update &&
+        sudo apt-get install g++ libtool automake autoconf libsdl2-dev libcurl3-dev \
+        libc-ares-dev zlib1g-dev libncurses-dev libglew-dev libglm-dev make &&
+        ./autogen.sh &&
+        ./configure &&
+        make -j`nproc`
+
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2