From 63ae236f288384e317c43e719f4ebc30ded53130 Mon Sep 17 00:00:00 2001
From: Viktor Szakats <commit@vsz.me>
Date: Sun, 14 Sep 2025 01:04:56 +0200
Subject: [PATCH] ci/GHA: extend CodeQL to libgcrypt, mbedTLS, wolfSSL, zlib
 builds

Closes #1657
---
 .github/workflows/codeql.yml | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index fe1b4fb0..b65de0f8 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -46,7 +46,25 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       security-events: write  # To create/update security events
+    strategy:
+      fail-fast: false
+      matrix:
+        crypto: [OpenSSL, Libgcrypt, mbedTLS, wolfSSL]
+    env:
+      MATRIX_CRYPTO: '${{ matrix.crypto }}'
     steps:
+      - name: 'install prereqs'
+        timeout-minutes: 5
+        run: |
+          [ "${MATRIX_CRYPTO}" = 'OpenSSL' ] && pkg='libssl-dev'
+          [ "${MATRIX_CRYPTO}" = 'Libgcrypt' ] && pkg='libgcrypt-dev'
+          [ "${MATRIX_CRYPTO}" = 'mbedTLS' ] && pkg='libmbedtls-dev'
+          [ "${MATRIX_CRYPTO}" = 'wolfSSL' ] && pkg='libwolfssl-dev'
+          sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
+          sudo apt-get -o Dpkg::Use-Pty=0 update
+          sudo rm -f /var/lib/man-db/auto-update
+          sudo apt-get -o Dpkg::Use-Pty=0 install zlib1g-dev ${pkg}
+
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
         with:
           persist-credentials: false
@@ -60,7 +78,7 @@ jobs:
       - name: 'build'
         timeout-minutes: 5
         run: |
-          cmake -B . -G Ninja
+          cmake -B . -G Ninja -DCRYPTO_BACKEND=${MATRIX_CRYPTO} -DENABLE_ZLIB_COMPRESSION=ON
           cmake --build . --verbose
 
       - name: 'perform analysis'