More work on GitHub Actions.

- Add Workflow for GitHub CodeQL code analysis.
- Add Workflow and Actions for automated releases.
- Overhaul and clean up various other Actions.
- Rename a few Actions. (Actually, duplicate them; we'll remove the original ones as soon as they're no longer needed by other branches.)
- Remove Travis CI and AppVeyor config files for this branch.

.github/actions/get_exe_version/action.yml

@@ -0,0 +1,17 @@
+name: 'Get Windows Executable Version Information'
+description: 'Extract version information from Windows executable'
+
+inputs:
+  binary:
+    description: 'Path and name of binary to examine'
+    required: true
+
+runs:
+  using: composite
+  steps:
+  - name: 'Extract Version Information from Binary'
+    shell: pwsh
+    run: ./tools/windows/get-exe-version.ps1 ${{ inputs.binary }} -github_env $env:GITHUB_ENV
+  - name: 'Version Information Diagnostics'
+    shell: bash
+    run: set | grep -e '^BINARY_'

.github/actions/get_source_version/action.yml

@@ -0,0 +1,11 @@
+name: 'Get Source Version Information'
+description: 'Extract version information from source code'
+runs:
+  using: composite
+  steps:
+  - name: 'Extract Version Information from Source'
+    shell: bash
+    run: ./tools/unix/get-source-version.sh ./source/base/version.h -github_env $GITHUB_ENV
+  - name: 'Version Information Diagnostics'
+    shell: bash
+    run: set | grep -E '^POV_?RAY_'

.github/actions/git_bundle_ignored/action.yml

@@ -0,0 +1,16 @@
+name: 'Bundle Ignored Files'
+description: 'Bundle all untracked ignored files as an artifact'
+
+inputs:
+  name:
+    description: 'Artifact name'
+    required: true
+    default: 'artifact_diag.tar.gz'
+
+runs:
+  using: composite
+  steps:
+  - shell: bash
+    run: |
+      artifacts=$( git status --porcelain --ignored -uall | egrep '^[!]' | cut -c 4- || true )
+      tar -cvzf "${{inputs.name}}" $artifacts || true

.github/actions/git_check_repo/action.yml

@@ -0,0 +1,25 @@
+name: 'Sanity-Check Working Tree'
+description: 'Verify that working tree (and index) of repository is "clean"'
+runs:
+  using: composite
+  steps:
+  - shell: bash
+    run: |
+      changed=$( git status --porcelain )
+      if test -z "$changed" ; then
+        echo "No unexpected changes to the working tree found."
+        exit 0
+      fi
+      untracked=$( echo "$changed" | egrep '^[?]' || true )
+      changed=$( echo "$changed" | egrep '^[^?]' || true )
+      if test -n "$untracked" ; then
+        echo "::error::Build process adds files not covered by .gitignore."
+      fi
+      if test -n "$changed" ; then
+        echo "::error::Build process tampers with tracked files."
+      fi
+      echo "::group::Offending files:"
+      echo "$untracked"
+      echo "$changed"
+      echo "::endgroup::"
+      exit 1

.github/actions/github_create_release/action.yml

@@ -0,0 +1,52 @@
+name: 'Create Release'
+description: 'Create GitHub Release from commit under examination'
+
+inputs:
+  token:
+    description: 'GitHub access token'
+    required: true
+  is-draft:
+    description: 'Whether to generate a draft only'
+    required: true
+  is-prerelease:
+    description: 'Whether to generate a pre-release only'
+    required: true
+  tag-name:
+    description: 'Name of the associated tag to create'
+    required: true
+  title:
+    description: 'Title of the release'
+    required: true
+  notes-file:
+    description: 'File containing release notes'
+    required: true
+  assets:
+    description: 'Blank-separated list of filenames to attach as assets'
+    required: false
+    default: ''
+
+runs:
+  using: composite
+  steps:
+  - shell: bash
+    run: |
+      if ${{ inputs.is-draft }} ; then
+        draft_switch='--draft'
+      else
+        draft_switch=''
+        # git config --global user.name "${{ inputs.token }}"
+        # git tag -a -m "${{ inputs.message }}" "${{ inputs.tag-name }}"
+        # git push origin "${{ inputs.tag-name }}"
+      fi
+      if ${{ inputs.is-prerelease }} ; then
+        prerelease_switch='--prerelease'
+      else
+        prerelease_switch=''
+      fi
+      gh auth login --with-token <<< "${{ inputs.token }}"
+      gh release create ${{ inputs.tag-name }}                        \
+        --target ${{ github.sha }}                                    \
+        $draft_switch $prerelease_switch                              \
+        --title "${{ inputs.title }}"                                 \
+        --notes-file "${{ inputs.notes-file }}"                       \
+        ${{ inputs.assets }}

.github/actions/unix_configure/action.yml

@@ -16,17 +16,16 @@ inputs:
     default: ''
 
 runs:
-  using: "composite"
+  using: composite
   steps:
-    - shell: bash
-      run: |
-        # TODO: Figure out a neat way to compile with SDL to check the build,
-        # but have `make check` pass -D instead of +D to POV-Ray
-        # TODO: Invoke the chosen compiler, rather than the standard one
-        if test -n "${{inputs.c-compiler}}" ; then
-          export CC="${{inputs.c-compiler}}"
-        fi
-        if test -n "${{inputs.cxx-compiler}}" ; then
-          export CXX="${{inputs.cxx-compiler}}"
-        fi
-        ./configure --without-libsdl --without-x ${{inputs.configure-options}} COMPILED_BY="GitHub"
+  - shell: bash
+    run: |
+      # TODO: Figure out a neat way to compile with SDL to check the build,
+      # but have `make check` pass -D instead of +D to POV-Ray
+      if test -n "${{inputs.c-compiler}}" ; then
+        export CC="${{inputs.c-compiler}}"
+      fi
+      if test -n "${{inputs.cxx-compiler}}" ; then
+        export CXX="${{inputs.cxx-compiler}}"
+      fi
+      ./configure --without-libsdl --without-x ${{inputs.configure-options}} COMPILED_BY="GitHub"

.github/actions/unix_getlibs/action.yml

@@ -0,0 +1,76 @@
+name: 'Install Packages'
+description: 'Install required packages'
+runs:
+  using: composite
+  steps:
+  - env:
+      package_matrix: |
+        _os                     | Linux                             | macOS         |
+        _update                 | sudo apt-get update               | brew update   | cmd to update pkg mgr database
+        _install                | sudo apt-get install --no-upgrade | brew install  | cmd to install pkg
+        boost/                  | libboost-dev                      | boost         | bulk of boost lib
+        boost/boost/date_time/  | libboost-date-time-dev            |               | boost date-time lib
+        boost/libs/system/      | libboost-system-dev               |               | boost system lib
+        boost/libs/thread/      | libboost-thread-dev               |               | boost thread lib
+        freetype/               | libfreetype-dev                   | freetype      |
+        jpeg/                   | libjpeg-dev                       | libjpeg       |
+        openexr/                | libopenexr-dev                    | openexr       |
+        png/                    | libpng-dev                        | libpng        |
+                                | libsdl-dev                        | sdl           | simple direct media layer
+        tiff/                   | libtiff-dev                       | libtiff       |
+        zlib/                   | libz-dev                          | zlib          |
+                                | automake                          | automake      |
+                                | pkg-config                        | pkg-config    |
+    shell: bash
+    run: |
+      echo "Preparing to install packages for ${{ runner.os }}"
+      package_matrix=`echo "${package_matrix}" | sed 's/ *| */|/g'`
+      col_list=`echo "${package_matrix}" | head -n1 | tr '|' '\n'`
+      col_os=`echo "${col_list}" | grep -nx "${{ runner.os }}" || true`
+      if test -z "${col_os}" ; then
+        echo "::error::Operating system not found in matrix."
+        exit 1
+      fi
+      col_index=`echo "${col_os}" | cut -d':' -f1`
+      package_matrix=`echo "${package_matrix}" | cut -d'|' -f"1,${col_index}"`
+      do_update=`echo "${package_matrix}" | grep '_update' | cut -d'|' -f2`
+      do_install=`echo "${package_matrix}" | grep '_install' | cut -d'|' -f2`
+      echo "::group::Determine packages to install"
+      cp /dev/null ~PACKAGE_LIST
+      echo "${package_matrix}" | while read line ; do
+        key=`echo ${line} | cut -d'|' -f1`
+        value=`echo ${line} | cut -d'|' -f2`
+        if test -z "${value}" ; then
+          continue
+        fi
+        case "${key}" in
+          _*) continue ;;
+          '') condition="true" ;;
+          */) condition="test -d 'libraries/${key}'" ;;
+          *)  echo "::warning::Ignoring unexpected key '${key}' in package matrix." ; continue ;;
+        esac
+        if eval "${condition}" ; then
+          echo "${value}" | tee -a ~PACKAGE_LIST
+        else
+          echo "(${value} not required for this version)"
+        fi
+      done
+      package_list=`cat ~PACKAGE_LIST`
+      rm ~PACKAGE_LIST
+      echo "::endgroup::"
+      if test -n "${do_update}" ; then
+        echo "::group::Update package manager database"
+        ${do_update}
+        echo "::endgroup::"
+      else
+        echo "::warning::No package manager update command found in matrix."
+      fi
+      if test -n "${do_install}" ; then
+        echo "::group::Install packages"
+        ${do_install} ${package_list}
+        echo "::endgroup::"
+      elif test -n "${package_list}" ; then
+        echo "::error::No package manager install command found in matrix."
+      else
+        echo "::warning::No package manager install command found in matrix (nor packages to install)."
+      fi

.github/actions/unix_make/action.yml

@@ -8,8 +8,8 @@ inputs:
     default: ''
 
 runs:
-  using: "composite"
+  using: composite
   steps:
-    - shell: bash
-      run: |
-        make ${{ inputs.make-target }}
+  - shell: bash
+    run: |
+      make ${{ inputs.make-target }}

.github/actions/unix_prebuild/action.yml

@@ -1,8 +1,8 @@
 name: 'Pre-Build POV-Ray for Unix'
 description: 'Run `prebuild.sh` build step for POV-Ray for Unix'
 runs:
-  using: "composite"
+  using: composite
   steps:
-    - shell: bash
-      run: |
-        cd unix && ./prebuild.sh && cd ..
+  - shell: bash
+    run: |
+      cd unix && ./prebuild.sh && cd ..

.github/actions/windows_build/action.yml

@@ -1,5 +1,5 @@
-name: 'Build POV-Ray for Windows'
-description: 'Build POV-Ray for Windows'
+name: 'Build POV-Ray for Windows Binary'
+description: 'Build POV-Ray for Windows Binary'
 
 inputs:
   pov-ray-is-autobuild: 
@@ -34,19 +34,17 @@ inputs:
     default: ''
 
 runs:
-  using: "composite"
+  using: composite
   steps:
-
-    - name: 'Prebuild'
-      shell: pwsh
-      run: |
-        $env:PovBuildDefs  = 'POV_RAY_IS_AUTOBUILD=${{ inputs.pov-ray-is-autobuild }};'
-        $env:PovBuildDefs += 'POV_RAY_BUILD_ID="${{ inputs.pov-ray-build-id }}";'
-        $env:PovBuildDefs += 'BUILT_BY="${{ inputs.built-by }}";'
-        msbuild `
-          /t:Rebuild /m `
-          /p:Configuration=${{ inputs.configuration }} `
-          /p:Platform=${{ inputs.platform }} `
-          /p:PlatformToolset=${{ inputs.toolset }} `
-          ${{ inputs.msbuild-options }} `
-          windows/${{ inputs.solution }}/povray.sln
+  - shell: pwsh
+    run: |
+      $env:PovBuildDefs  = 'POV_RAY_IS_AUTOBUILD=${{ inputs.pov-ray-is-autobuild }};'
+      $env:PovBuildDefs += 'POV_RAY_BUILD_ID="${{ inputs.pov-ray-build-id }}";'
+      $env:PovBuildDefs += 'BUILT_BY="${{ inputs.built-by }}";'
+      msbuild `
+        /t:Rebuild /m `
+        /p:Configuration=${{ inputs.configuration }} `
+        /p:Platform=${{ inputs.platform }} `
+        /p:PlatformToolset=${{ inputs.toolset }} `
+        ${{ inputs.msbuild-options }} `
+        windows/${{ inputs.solution }}/povray.sln

.github/actions/windows_build_installer/action.yml

@@ -0,0 +1,43 @@
+name: 'Build POV-Ray for Windows Installer'
+description: 'Build POV-Ray for Windows Installer'
+
+inputs:
+  installer-path:
+    description: 'Location of the installer source files'
+    required: true
+  version-prototype:
+    description: 'Location of binary to pull version information from'
+    required: true
+
+outputs:
+  installer-file:
+    description: 'Name of the compiled installer binary file'
+    value: ${{ steps.build-installer.outputs.installer-file }}
+
+runs:
+  using: composite
+  steps:
+
+  - name: 'Extract Binary Version Information'
+    shell: pwsh
+    run: |
+      ./tools/windows/get-exe-version.ps1 ${{ inputs.version-prototype }} -bat ~version.bat
+
+  - name: 'Build Installer'
+    id: build-installer
+    shell: cmd
+    run: |
+      call ~version.bat
+      set BINVER=%BINARY_PRODUCTMAJORPART%.%BINARY_PRODUCTMINORPART%.%BINARY_PRODUCTBUILDPART%.%BINARY_PRODUCTPRIVATEPART%
+      set FULLVER=%BINARY_PRODUCTVERSION%
+      for /f "tokens=1    delims=+" %%I in ("%FULLVER%")    do set SOURCEVER=%%I
+      for /f "tokens=1*   delims=-" %%I in ("%SOURCEVER%")  do set PRERELEASE=%%J
+      for /f "tokens=1    delims=." %%I in ("%PRERELEASE%") do set PRERELEASE_TYPE=%%I
+      for /f "tokens=1,2  delims=." %%I in ("%SOURCEVER%")  do set VER=%%I.%%J
+      set BETA=
+      if "%PRERELEASE_TYPE%" == "beta" set BETA=-beta
+      cd installer
+      makensis.exe setup.nsi
+      set INSTALLER_FILE=povwin-v%FULLVER%-setup.exe
+      ren "povwin-%VER%-agpl3-setup.exe" "%INSTALLER_FILE%"
+      echo ::set-output name=installer-file::installer/%INSTALLER_FILE%

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,48 @@
+name: 'Code Analysis'
+
+on:
+  push:
+    branches: [ 'master', 'release/*' ]
+    # There's no actual source code to examine in the following directories.
+    paths-ignore: [ 'distribution/**', 'doc/**', 'source-doc/**', 'tools/**' ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ 'master', 'release/*' ]
+    # There's no actual source code to examine in the following directories.
+    paths-ignore: [ 'distribution/**', 'doc/**', 'source-doc/**', 'tools/**' ]
+
+jobs:
+  analyze:
+    name: 'Analyze'
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+
+    - name: 'Check out Repository'
+      uses: actions/checkout@v2
+
+    - name: 'Initialize CodeQL'
+      uses: github/codeql-action/init@v1
+      with:
+        languages: cpp
+        # Comment out the following to perform just the bare minimum of checks:
+        queries: security-extended
+        # Use the following instead to perform the whole suite of pre-defined checks:
+        # queries: security-and-quality
+
+    - name: 'Install Prerequisites'
+      uses: POV-Ray/povray/.github/actions/unix_getlibs@gh-actions-v1
+
+    - name: 'Prebuild'
+      uses: POV-Ray/povray/.github/actions/unix_prebuild@gh-actions-v1
+    - name: 'Configure'
+      uses: POV-Ray/povray/.github/actions/unix_configure@gh-actions-v1
+    - name: 'Build'
+      uses: POV-Ray/povray/.github/actions/unix_make@gh-actions-v1
+
+    - name: 'Perform CodeQL Analysis'
+      uses: github/codeql-action/analyze@v1