chore: Lock workflow dependencies (OSSF recommendations) (#4668)

This pull request introduces support for managing Python dependencies
for the `mkdocs` documentation workflow using Dependabot and adds a
`requirements.txt` file to specify these dependencies. This address one
of the finings by OSSF. The changes aim to automate dependency updates
and ensure consistent dependency management for the documentation build
process.

Also avoid pages got published via a branch.

---------

Co-authored-by: Ron <[email protected]>

Author: npalm

.github/dependabot.yml

@@ -71,3 +71,17 @@ updates:
       - "docker"
     commit-message:
       prefix: "chore(devcontainer)"
+
+  - package-ecosystem: "pip"
+    directory: "/.github/workflows/mkdocs"
+    schedule:
+      interval: "weekly"
+    groups:
+      python-deps:
+        patterns:
+          - "*"
+    labels:
+      - "dependencies"
+      - "python"
+    commit-message:
+      prefix: "chore(docs)"

.github/workflows/mkdocs/requirements.in

@@ -0,0 +1 @@
+mkdocs-material==9.6.15