feat(ci): fix CI, switch to self-hosted SonarQube

.archive/.github.old/CODEOWNERS

@@ -0,0 +1 @@
+*   @luketainton

.archive/.github.old/workflows/ci.yml

@@ -0,0 +1,20 @@
+name: CI
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+    paths-ignore:
+      - "README.md"
+      - "LICENSE.md"
+      - ".gitignore"
+      - ".github/CODEOWNERS"
+      - ".github/renovate.json"
+      - ".github/dependabot.yml"
+
+jobs:
+  ci:
+    uses: luketainton/gha-workflows/.github/workflows/ci-python-poetry-with-docker.yml@main
+    with:
+      python-version: "3.13"
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

.archive/.github.old/workflows/release.yml

@@ -0,0 +1,26 @@
+name: Release
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 9 * * 0"
+
+jobs:
+  test:
+    uses: luketainton/gha-workflows/.github/workflows/ci-python-poetry-with-docker.yml@main
+    with:
+      python-version: "3.13"
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
+  create_release:
+    name: Create Release
+    uses: luketainton/gha-workflows/.github/workflows/create-release.yml@main
+
+  create_docker:
+    name: Create Docker Image
+    needs: create_release
+    if: ${{ needs.create_release.outputs.success == 'true' }}
+    uses: luketainton/gha-workflows/.github/workflows/build-push-attest-docker.yml@main
+    with:
+        release: ${{ needs.create_release.outputs.release_name }}