Enable gosec/golangci-lint, then fix reported errors

[jgwest]

What type of PR is this?

Uncomment only one /kind line, and delete the rest.
For example, > /kind bug would simply become: /kind bug

/kind cleanup

What does this PR do / why we need it:

• Add gosec and golangci-lint targets to Makefile

• Add call to gosec and golangci-lint (with default settings) to GitHub workflow

• Adds ginkgo-linter, which ensures that Ginkgo code is properly formatted (we used this on managed-gitops project, and it was created by a Red Hatter who reached out to let us know about it, previously)

• The rest of the PR is cleaning up issues identified by gosec and golangci-lint

• You'll occasionally see cases where I've had to 'smother' a line with lint ignores, like so:

	//lint:ignore SA1019 known to be deprecated
	assert.DeepEqual(t, testArgoCD.Spec.Grafana.Resources, testGrafanaResources) //nolint:staticcheck // SA1019: We must test deprecated fields.

• Unfortunately this is necessary to add ignores for BOTH VS Code warnings AND golangci-lint errors

[jgwest]

/retest

[jannfis]

/lgtm

[jannfis]

/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jannfis

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [jannfis]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[jgwest]

Thanks @jannfis!

Merging, as the Konflux workflow error appears unrelated to this PR:

✕ [Violation] slsa_source_correlated.expected_source_code_reference
  ImageRef: quay.io/redhat-user-workloads/rh-openshift-gitops-tenant/dex@sha256:11a13a97b4450b01934a7632692511d1fef1357af9cdbdfdf29f19854203ac6b
  Reason: The expected source code reference
  "git+https://github.com/rh-gitops-midstream/downstream-dex@149705e191549b57c62b0567a87f99406e96e6ae" is not attested