chore: bump go version to 1.20

[cyril-corbon]

Description

• bump go version to 1.20
• bump go mod to fix some vulnerabilities.

manager (gobinary)

Total: 3 (UNKNOWN: 1, LOW: 0, MEDIUM: 1, HIGH: 1, CRITICAL: 0)

┌──────────────────┬─────────────────────┬──────────┬──────────────────────────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│     Library      │    Vulnerability    │ Severity │          Installed Version           │ Fixed Version │                            Title                            │
├──────────────────┼─────────────────────┼──────────┼──────────────────────────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ golang.org/x/net │ CVE-2022-41723      │ HIGH     │ v0.3.1-0.20221206200815-1e63c2f08a10 │ 0.7.0         │ golang.org/x/net/http2: avoid quadratic complexity in HPACK │
│                  │                     │          │                                      │               │ decoding                                                    │
│                  │                     │          │                                      │               │ https://avd.aquasec.com/nvd/cve-2022-41723                  │
│                  ├─────────────────────┼──────────┤                                      ├───────────────┼─────────────────────────────────────────────────────────────┤
│                  │ CVE-2022-41717      │ MEDIUM   │                                      │ 0.4.0         │ golang: net/http: An attacker can cause excessive memory    │
│                  │                     │          │                                      │               │ growth in a Go...                                           │
│                  │                     │          │                                      │               │ https://avd.aquasec.com/nvd/cve-2022-41717                  │
│                  ├─────────────────────┼──────────┤                                      ├───────────────┼─────────────────────────────────────────────────────────────┤
│                  │ GHSA-vvpx-j8f3-3w6h │ UNKNOWN  │                                      │ 0.7.0         │ Uncontrolled Resource Consumption                           │
│                  │                     │          │                                      │               │ https://github.com/advisories/GHSA-vvpx-j8f3-3w6h           │
└──────────────────┴─────────────────────┴──────────┴──────────────────────────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘

---

This PR has:

• been tested on a real K8S cluster to ensure creation of a brand new Druid cluster works.
• been tested for backward compatibility on a real K*S cluster by applying the changes introduced here on an existing Druid cluster. If there are any backward incompatible changes then they have been noted in the PR description.
• added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader.
• added documentation for new or modified features or behaviors.

---

Key changed/added files in this PR

• Dockerfile
• go.mod

[AdheipSingh]

@cyril-corbon thanks, which tool did we use to get the vulnerability ?

[cyril-corbon]

@cyril-corbon thanks, which tool did we use to get the vulnerability ?

I used trivy
https://github.com/aquasecurity/trivy