Add comprehensive DevOps improvements and modernization

This commit implements a complete set of DevOps best practices and
modernization improvements to enhance repository quality, security,
and maintainability.

Key additions:

CI/CD Automation:
- Add GitHub Actions workflows for automated testing and validation
- Link checker to catch broken documentation URLs
- Markdown linting for consistent documentation formatting
- Python linting (Ruff, Black, isort) for code quality
- YAML validation for configuration files
- Spell checking to catch typos

Security Enhancements:
- Add Dependabot configuration for automated dependency updates
- Implement CodeQL security scanning workflow
- Pin Python dependencies to specific versions (requests==2.31.0, PyGithub==2.1.1)
- Add security policy (SECURITY.md) with vulnerability reporting process
- Configure Bandit security linter for Python code

Development Experience:
- Add pre-commit hooks configuration for local development
- Create .editorconfig for consistent code formatting across editors
- Add pyproject.toml for Python tooling configuration
- Improve .gitignore with comprehensive Python and development patterns

Community & Documentation:
- Add CODE_OF_CONDUCT.md following Contributor Covenant 2.0
- Add SUPPORT.md with comprehensive help resources
- Add CHANGELOG.md following Keep a Changelog format
- Enhance README with prominent deprecation notice and version matrix
- Add compatibility information for OpenFaaS, Kubernetes, and Python versions

Configuration Files:
- .markdownlint.json: Markdown linting rules
- .yamllint.yml: YAML validation configuration
- .typos.toml: Spell checking configuration
- pyproject.toml: Python tooling (Ruff, Black, isort, Bandit)

These improvements bring the repository up to modern DevOps standards
while maintaining backward compatibility with the existing workshop content.

Addresses repository modernization and security best practices.

Author: claude

.editorconfig

@@ -0,0 +1,51 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+charset = utf-8
+trim_trailing_whitespace = true
+
+# Markdown files
+[*.md]
+trim_trailing_whitespace = false
+max_line_length = off
+
+# Python files
+[*.py]
+indent_style = space
+indent_size = 4
+max_line_length = 100
+
+# YAML files
+[*.{yml,yaml}]
+indent_style = space
+indent_size = 2
+
+# JSON files
+[*.json]
+indent_style = space
+indent_size = 2
+
+# Shell scripts
+[*.sh]
+indent_style = space
+indent_size = 2
+
+# Dockerfile
+[Dockerfile]
+indent_style = space
+indent_size = 2
+
+# Makefiles
+[Makefile]
+indent_style = tab
+
+# TOML files
+[*.toml]
+indent_style = space
+indent_size = 2

.github/dependabot.yml

@@ -0,0 +1,55 @@
+version: 2
+updates:
+  # GitHub Actions dependencies
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    open-pull-requests-limit: 10
+    labels:
+      - "dependencies"
+      - "github-actions"
+    commit-message:
+      prefix: "chore"
+      include: "scope"
+
+  # Python dependencies
+  - package-ecosystem: "pip"
+    directory: "/astronaut-finder"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    open-pull-requests-limit: 5
+    labels:
+      - "dependencies"
+      - "python"
+    commit-message:
+      prefix: "chore"
+      include: "scope"
+
+  - package-ecosystem: "pip"
+    directory: "/issue-bot/bot-handler"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    open-pull-requests-limit: 5
+    labels:
+      - "dependencies"
+      - "python"
+    commit-message:
+      prefix: "chore"
+      include: "scope"
+
+  - package-ecosystem: "pip"
+    directory: "/issue-bot-secrets/bot-handler"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    open-pull-requests-limit: 5
+    labels:
+      - "dependencies"
+      - "python"
+    commit-message:
+      prefix: "chore"
+      include: "scope"

.github/workflows/codeql.yml

@@ -0,0 +1,42 @@
+name: "CodeQL Security Scan"
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+  schedule:
+    # Run weekly on Monday at 00:00 UTC
+    - cron: '0 0 * * 1'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['python']
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          queries: +security-extended,security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{ matrix.language }}"

.github/workflows/link-checker.yml

@@ -0,0 +1,38 @@
+name: Link Checker
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+  schedule:
+    # Run weekly on Monday at 00:00 UTC
+    - cron: '0 0 * * 1'
+
+jobs:
+  linkChecker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Link Checker
+        uses: lycheeverse/lychee-action@v1
+        with:
+          args: --verbose --no-progress '**/*.md' '**/*.html' --exclude-mail --exclude-path './node_modules' --exclude-path './vendor'
+          fail: true
+        env:
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
+      - name: Create Issue on Failure
+        if: failure()
+        uses: actions/github-script@v7
+        with:
+          script: |
+            github.rest.issues.create({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              title: 'Link Checker Failed - Broken Links Detected',
+              body: 'The link checker workflow has detected broken links in the documentation. Please review the workflow logs for details.',
+              labels: ['documentation', 'bug']
+            })

.github/workflows/markdown-lint.yml

@@ -0,0 +1,20 @@
+name: Markdown Lint
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+
+jobs:
+  markdown-lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Run markdownlint
+        uses: DavidAnson/markdownlint-cli2-action@v15
+        with:
+          globs: '**/*.md'
+          config: '.markdownlint.json'

.github/workflows/python-lint.yml

@@ -0,0 +1,60 @@
+name: Python Lint
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+
+jobs:
+  python-lint:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ['3.9', '3.10', '3.11', '3.12']
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install linting dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install ruff black isort
+
+      - name: Run Ruff linter
+        run: |
+          ruff check . --exclude translations/
+
+      - name: Run Black formatter check
+        run: |
+          black --check . --exclude translations/
+
+      - name: Run isort import checker
+        run: |
+          isort --check-only . --skip translations/
+
+  python-security:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install bandit
+        run: |
+          pip install bandit[toml]
+
+      - name: Run Bandit security linter
+        run: |
+          bandit -r . -f json -o bandit-report.json || true
+          bandit -r . --exclude ./translations/

.github/workflows/spell-check.yml

@@ -0,0 +1,20 @@
+name: Spell Check
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+
+jobs:
+  spellcheck:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Check spelling
+        uses: crate-ci/typos@master
+        with:
+          files: '*.md **/*.md **/*.py'
+          config: .typos.toml

.github/workflows/yaml-lint.yml

@@ -0,0 +1,21 @@
+name: YAML Lint
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+
+jobs:
+  yaml-lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Run yamllint
+        uses: ibiqlik/action-yamllint@v3
+        with:
+          config_file: .yamllint.yml
+          file_or_dir: .
+          strict: true