ci: run clang-tidy and generate Github code scanning report

.clang-tidy

@@ -0,0 +1 @@
+Checks: "-bugprone-*,clang-diagnostic-*,clang-analyzer-*,-modernize-*,-performance-*,-readability-*"

.github/workflows/clang-tidy.yml

@@ -0,0 +1,41 @@
+name: Run clang-tidy
+
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    name: Run clang-tidy
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v3
+      - name: Run CMake to generate the compilation database
+        run: |
+          mkdir build
+          cmake -B build -DARGTABLE3_ENABLE_TESTS=0 -DARGTABLE3_ENABLE_EXAMPLES=0 -DCMAKE_EXPORT_COMPILE_COMMANDS=1 .
+      - name: Run clang-tidy on files in src/
+        run: |
+          clang-tidy -p build/compile_commands.json src/*.c | tee warnings.txt
+      - name: Convert absolute paths to relative ones
+        run: |
+          sed -i "s|${GITHUB_WORKSPACE}/||g" warnings.txt
+      - name: Download clang-tidy-sarif
+        run: |
+          curl -sSL https://github.com/psastras/sarif-rs/releases/download/clang-tidy-sarif-v0.3.3/clang-tidy-sarif-x86_64-unknown-linux-gnu -o clang-tidy-sarif
+          chmod +x clang-tidy-sarif
+      - name: Convert clang-tidy warnings to SARIF
+        run: |
+          ./clang-tidy-sarif -o results.sarif warnings.txt
+      - uses: actions/upload-artifact@v3
+        with:
+          path: |
+            warnings.txt
+            results.sarif
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: results.sarif
+          category: clang-tidy