[chore]run govulncheck with multiple actions

[atoulme]

Try to run govulncheck with multiple runners in parallel to avoid hitting memory limits.

• Split the runner across the usual boundaries of receivers, exporters, connectors, etc groups.
• Identify that the cmd/* go modules and root create a spike in memory that triggers OOM, those are now skipped. We create a pkg group to track all pkg/* go.mod.

[dmitryax]

Looks like we have a bunch issues uncovered? They can be fixed separately I think

[atoulme]

Yes, but it looks like they are tied to our version of golang, trying to move to the latest version of go 1.19 to see if we still see those issues.

[atoulme]

I still see kills on cmd/otelcontribcol and cmd/configschema:

Running target 'govulncheck' in module 'cmd/configschema' as part of group 'all'
make -C cmd/configschema govulncheck
Running target 'govulncheck' in module 'cmd/mdatagen' as part of group 'all'
make -C cmd/mdatagen govulncheck
make[1]: Entering directory '/home/runner/work/opentelemetry-collector-contrib/opentelemetry-collector-contrib/cmd/configschema'
make[1]: Entering directory '/home/runner/work/opentelemetry-collector-contrib/opentelemetry-collector-contrib/cmd/mdatagen'
/home/runner/work/opentelemetry-collector-contrib/opentelemetry-collector-contrib/.tools/govulncheck ./...
govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback.

Using go1.1[9](https://github.com/open-telemetry/opentelemetry-collector-contrib/actions/runs/4902282363/jobs/8754032110#step:6:10).9 and [email protected] with
vulnerability data from https://vuln.go.dev (last modified 2023-05-05 21:[10](https://github.com/open-telemetry/opentelemetry-collector-contrib/actions/runs/4902282363/jobs/8754032110#step:6:11):24 +0000 UTC).
/home/runner/work/opentelemetry-collector-contrib/opentelemetry-collector-contrib/.tools/govulncheck ./...
govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback.

Using go1.19.9 and [email protected] with
vulnerability data from https://vuln.go.dev (last modified 2023-05-05 21:10:24 +0000 UTC).

Scanning your code and 3[12](https://github.com/open-telemetry/opentelemetry-collector-contrib/actions/runs/4902282363/jobs/8754032110#step:6:13) packages across 30 dependent modules for known vulnerabilities...
No vulnerabilities found.
make[1]: Leaving directory '/home/runner/work/opentelemetry-collector-contrib/opentelemetry-collector-contrib/cmd/mdatagen'
Running target 'govulncheck' in module 'cmd/otelcontribcol' as part of group 'all'
make -C cmd/otelcontribcol govulncheck
make[1]: Entering directory '/home/runner/work/opentelemetry-collector-contrib/opentelemetry-collector-contrib/cmd/otelcontribcol'
/home/runner/work/opentelemetry-collector-contrib/opentelemetry-collector-contrib/.tools/govulncheck ./...
govulncheck is an experimental tool. Share feedback at https://go.dev/s/govulncheck-feedback.

Using go1.19.9 and [email protected] with
vulnerability data from https://vuln.go.dev (last modified 2023-05-05 21:10:24 +0000 UTC).
make[1]: *** [../../Makefile.Common:[15](https://github.com/open-telemetry/opentelemetry-collector-contrib/actions/runs/4902282363/jobs/8754032110#step:6:16)6: govulncheck] Killed
make: *** [Makefile:[16](https://github.com/open-telemetry/opentelemetry-collector-contrib/actions/runs/4902282363/jobs/8754032110#step:6:17)7: cmd/configschema] Terminated
make[1]: *** [../../Makefile.Common:156: govulncheck] Terminated

For now, we can ignore those folders.

[dmitryax]

I still see kills on cmd/otelcontribcol and cmd/configschema

Because they depend on the whole repo lol. We should probably exclude them