name: "Perform CodeQL Analysis"

on:
  push:
    branches:
      - sagitta
    paths:
      - '**'
      - '!.github/**'
      - '!**/*.md'
  pull_request:
    # The branches below must be a subset of the branches above
    branches:
      - sagitta
    paths:
      - '**'
      - '!.github/**'
      - '!**/*.md'
  schedule:
    - cron: '22 10 * * 0'
  workflow_dispatch:

permissions:
  actions: read
  contents: read
  security-events: write

jobs:
  codeql-analysis-call:
    uses: vyos/.github/.github/workflows/codeql-analysis.yml@sagitta
    secrets: inherit
    with:
      languages: "['python']"