chore: archive Inrupt-specific workflows (#579)

- Move audit.yml to archived-workflows directory
- Remove Sonarqube integration from CI workflow
- Add documentation explaining workflow changes
- Archive workflows dependent on Inrupt infrastructure

Author: d-a-v-i--

.github/archived-workflows/audit.yml

@@ -0,0 +1,19 @@
+# This workflow has been archived during the project transition.
+# It was previously used for running security audits using Inrupt's infrastructure.
+# A new security audit workflow should be implemented by the new maintainers.
+#
+# Original workflow file below:
+# ----------------------------------------
+
+name: Audit
+
+on:
+  push:
+  schedule:
+    - cron: "40 10 * * *"
+
+jobs:
+  audit:
+    uses: inrupt/typescript-sdk-tools/.github/workflows/[email protected]
+    secrets:
+      WEBHOOK_E2E_FAILURE: ${{ secrets.WEBHOOK_E2E_FAILURE }}

.github/workflows/README.md

@@ -0,0 +1,24 @@
+# GitHub Actions Workflows
+
+This directory contains the active GitHub Actions workflows for this project.
+
+## Recent Changes
+
+As part of the project transition, some workflows have been archived:
+
+- The `audit.yml` workflow has been moved to `.github/archived-workflows/` as it depended on Inrupt's infrastructure
+- Sonarqube integration has been removed from the CI workflow for the same reason
+
+## Current Workflows
+
+- `ci.yml`: Runs tests and linting on push events
+
+## Future Considerations
+
+New maintainers should consider implementing:
+
+1. A new security audit workflow appropriate for the project's needs
+2. Code quality checks using publicly available tools
+3. Any additional CI/CD requirements specific to the new maintenance team
+
+The archived workflows can serve as reference for the previous implementation.

.github/workflows/audit.yml

@@ -5,6 +5,7 @@ on: [push]
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
+
 jobs:
   test:
     runs-on: ubuntu-latest
@@ -17,30 +18,8 @@ jobs:
       - run: npm ci --ignore-scripts
       - run: npm run lint
       - run: npm run test
-      # Upload coverage for sonarcube (only matching OS and one node version required)
+      # Coverage artifacts still uploaded for potential future use
       - uses: actions/upload-artifact@v3
         with:
           name: code-coverage
           path: coverage/
-
-  sonarqube:
-    name: run sonarqube
-    if: ${{ github.actor != 'dependabot[bot]' }}
-    needs: [test]
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checking out
-        uses: actions/checkout@v3
-        with:
-          # Sonar analysis needs the full history for features like automatic assignment of bugs. If the following step
-          # is not included the project will show a warning about incomplete information.
-          fetch-depth: 0
-      - uses: actions/download-artifact@v3
-        with:
-          name: code-coverage
-          path: coverage/
-      - name: SonarQube Scan
-        uses: kitabisa/[email protected]
-        with:
-          host: ${{ secrets.SONARQUBE_HOST }}
-          login: ${{ secrets.SONARQUBE_TOKEN }}