feat: create organization profile with security-first branding and workflow templates

[Copilot]

Description

Complete organization profile for Guardyn's E2EE messaging platform. Establishes security-first branding, contributor workflows for Rust/K8s projects, and reusable CI/CD templates.

Type of Change

• 🐛 Bug fix (non-breaking change that fixes an issue)
• ✨ New feature (non-breaking change that adds functionality)
• 💥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
• 📝 Documentation update
• 🔒 Security fix
• ⚡ Performance improvement
• ♻️ Code refactoring
• 🧪 Test addition or update
• 🔧 Configuration change

Related Issues

Closes #N/A

Changes Made

Organization Branding

• profile/README.md: Public organization profile emphasizing zero-knowledge E2EE, memory safety (Rust), and cloud-native architecture (K8s)

Community Health Files

• CONTRIBUTING.md: Rust/K8s development workflows (cargo fmt/clippy/audit, kubectl, conventional commits), code review process, security-first architecture guidelines
• SECURITY.md: Vulnerability disclosure policy with severity classification (Critical/High/Medium/Low), response SLAs, security@guardyn.io contact
• CODE_OF_CONDUCT.md: Contributor Covenant 2.1
• SUPPORT.md: Support channels, troubleshooting guides, resource links

Workflow Templates (3)

• rust-ci.yml: Multi-OS CI (Linux/Windows/macOS), cargo check/test/fmt/clippy, cargo-audit, tarpaulin coverage, multi-arch builds
• k8s-deploy.yml: Manifest validation (kubectl/kubeconform), Trivy security scanning, multi-arch container builds, staging→production rollouts with health checks
• security-scan.yml: Comprehensive scanning (cargo-audit, cargo-deny, CodeQL, TruffleHog, Trivy, OSV, Semgrep), SBOM generation, dependency review

Issue/PR Templates

• Issue templates: bug reports, feature requests, security issues, documentation improvements
• PR template: Security/testing checklists, performance assessment, deployment notes
• config.yml: Template routing with community links

Additional

• LICENSE: Apache-2.0
• FUNDING.yml: Sponsorship configuration
• README.md: Repository overview and template usage

Testing

Test Environment

• OS: Ubuntu 22.04
• Rust version: N/A (documentation only)
• Kubernetes version (if applicable): N/A (templates)

Test Steps

1. Validated YAML syntax for all workflow templates (Python yaml.safe_load)
2. Validated JSON syntax for all .properties.json files
3. Verified markdown formatting and structure
4. Confirmed git commit and push successful

Security Considerations

• No security implications
• Security review completed
• Security tests added
• Potential security impact (describe below)

Security Impact:
N/A - Documentation and templates only. Templates include security scanning workflows (8+ tools), responsible disclosure policy, and security checklists. No credentials or secrets included.

Checklist

• My code follows the project's style guidelines (cargo fmt)
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings (cargo clippy)
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes (cargo test)
• Any dependent changes have been merged and published
• I have run cargo audit and addressed any security issues
• I have checked that no secrets or sensitive data are included

Performance Impact

• No performance impact
• Performance improved
• Performance benchmarks included
• Potential performance impact (describe below)

Performance Notes:
N/A - Documentation and CI/CD templates

Screenshots/Videos

N/A

Additional Context

All workflow templates validated for YAML syntax. Templates use GitHub Actions best practices: caching, multi-stage deployments, security scanning at multiple layers (dependencies, code, containers), and SARIF upload for security insights.

Organization profile will be automatically inherited by all Guardyn repositories without these files. Workflow templates appear in Actions → New workflow for easy adoption.

Deployment Notes

Merge to main to activate:

• Organization profile appears at github.com/guardyn
• Templates available in all Guardyn repos (Actions → New workflow)
• Community health files inherited by repos without their own versions

---

For Maintainers:

• PR title follows conventional commits format
• Labels applied appropriately
• Milestone assigned (if applicable)
• Breaking changes documented

Original prompt

Create organization profile with security-first branding, contributor guidelines, and workflow templates for E2EE messaging platform using Rust + Kubernetes

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.