chore: Bump Go version to 1.17.8

[terrytangyuan]

Upgrading Go to 1.17.8 would resolve the following CVEs:

GHSA-8c83-vp4v-h7fq | critical | | go | 1.17.6 | fixed in 1.17.7, 1.16.14 | 11-Feb-2022 00:00 | 21-Mar-2022 13:11
GHSA-6685-ffxp-xm6f | high | | go | 1.17.6 | fixed in 1.17.8, 1.16.15 | 03-Mar-2022 00:00 | 21-Mar-2022 13:11
GHSA-52j8-p7r3-733m | high | | go | 1.17.6 | fixed in 1.17.7, 1.16.14 | 18-Nov-2019 00:00 | 21-Mar-2022 13:11
GHSA-q99m-p7hq-5v4f | high | | go | 1.17.6 | fixed in 1.17.7, 1.16.14 | 19-Jan-2022 00:00 | 21-Mar-2022 13:11

Signed-off-by: Yuan Tang [email protected]

[alexec]

Doesn't 1.17 give us the latest version always?

[terrytangyuan]

Doesn't 1.17 give us the latest version always?

You are right. Although would it be better to be more explicit (like what Argo CD does), especially when releasing the images?

[alexec]

i think it just creates work to re-pin the version

[terrytangyuan]

That's a good point. Also cc @crenshaw-dev who's working on upgrading this as well. Any downside of always using the latest version via 1.17 that you can think of?

[crenshaw-dev]

@terrytangyuan good point. I think we can just use latest. I'll try that on the other PR.