Fix CI and update go version and dependencies.

[philipgough]

There is a significantly bigger number of changes in here than I would have liked but I will try to explain the reasoning and what we are actually trying to fix.

Firstly, we have not had CI push a new image in over a year as can be seen by quay dashboard.

So it seems like CI has been broken for some time and lint also failed on the latest commit.

I was not able to run make lint locally (OS X) without panic so I updated the version which bubbled up a number of lint failures, the trivial ones I fixed. Also see #46

The main reason for this change initially was to address some vulnerabilities which have now been rectified by the changes to go.mod. I also noticed #64 so updated those dependencies accordingly and will follow up with a fix for that.

Pulling in the latest k8s.io/* into go.mod brought about the error seen in kubernetes-sigs/json#8 and noticing our intention to move some repos to go 1.1.17 (observatorium/api#262) I updated the Dockerfile and all relevant CI to take care of that here and allow us to proceed with fixing #64

Finally, since we are using scratch in other components, I updated to scratch from distroless image (https://github.com/observatorium/token-refresher/blob/master/Dockerfile#L10) - This can be undone if we prefer.

End result is we are up-to-date and docker scan on the built images shows no vulnerabilities.

Fixes #46
Precursor to closing #64

[bwplotka]

Thanks a lot! Makes sense to me (: