feat: add govulncheck for checking whether ArgoCD has CVE

[sivchari]

Checklist:

• Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
• The title of the PR states what changed and the related issues number (used for the release note).
• The title of the PR conforms to the Toolchain Guide
• I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
• I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
• Does this PR require documentation updates?
• I've updated documentation as required by this PR.
• I have signed off all my commits as required by DCO
• I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
• My build is green (troubleshooting builds).
• My new feature complies with the feature status guidelines.
• I have added a brief description of why this PR is necessary and/or what this PR solves.
• Optional. My organization is added to USERS.md.
• Optional. For bug fixes, I've indicated what older releases this fix should be cherry-picked into (this may or may not happen depending on risk/complexity).

I added govulncheck workflow to check whether ArgoCD has CVE.

[bunnyshell]

❗ Preview Environment undeploy from Bunnyshell failed

See: Environment Details | Pipeline Logs

Available commands (reply to this comment):

• 🚀 /bns:deploy to redeploy the environment
• ❌ /bns:delete to try again to remove the environment

[sivchari]

https://github.com/argoproj/argo-cd/actions/runs/13448667288/job/37579098493?pr=21928

This CI is passed when #21929 is merged.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 56.04%. Comparing base (9f37d43) to head (0db092d).
⚠️ Report is 1983 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #21928      +/-   ##
==========================================
+ Coverage   55.95%   56.04%   +0.09%     
==========================================
  Files         343      343              
  Lines       57327    57536     +209     
==========================================
+ Hits        32075    32248     +173     
- Misses      22619    22645      +26     
- Partials     2633     2643      +10     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[sivchari]

When argoproj/gitops-engine#698 is merged, we can deal with issue that CI is failed.

[sivchari]

@andrii-korotkov-verkada
If you have time, please review it. Thanks.

[sivchari]

@crenshaw-dev @gdsoumya
If you have time, PTAL 🙏

[sivchari]

I've updated it after #698 is merged. This patch aims to fix the vulnerability.

[sivchari]

https://pkg.go.dev/vuln/GO-2025-3547 is occurred, but this issue hasn't been resolved yet.
So vulncheck must be failed. Let's keep it until it's resolved.