Add reusable workflow to validate Dependabot config file

[jrfnl]

There is currently no possibility to properly validate a dependabot.yml file when it's being updated in a PR.

The problem with this, is that Dependabot will silently stop running if there is an error in the configuration and you may not notice this for months.

Got caught out by this today and now have to waste a lot of time fixing the mistake I made (as I pulled the same thing to dozen+ repos).

I tested two tools which can validate the dependabot.yml file against the schema:

• https://github.com/marocchino/validate-dependabot
• https://www.npmjs.com/package/@bugron/validate-dependabot-yaml

Unfortunately, though not surprisingly, neither caught the error I made, which was to do with a key which is supported on some eco-systems, but not others.

There is an upstream issue open about this and I'm watching it in hopes of finding a solution: dependabot/dependabot-core#4605