Guidelines to ensure that Go-based Secure analyzers use fixed versions of Go

Why is this change being made?

quoting the issue:

As a project maintainer of Secure analyzers implemented in Go, I need to quickly release new versions of the analyzers I maintain when a patch release is available for Go. [..] This is intended to project maintainers of the Secure analyzer projects implemented in Go.

See gitlab-org/gitlab#284643 (closed)

Next step is to make this more generic and cover the update of the base image (like Debian) and its packages.

Author Checklist

• Provided a concise title for the MR
• Added a description to this MR explaining the reasons for the proposed change, per say-why-not-just-what
• Assign this change to the correct DRI
  • If the DRI for the page/s being updated isn’t immediately clear, then assign it to one of the people listed in the "Maintained by" section in on the page being edited.
  • If your manager does not have merge rights, please ask someone to merge it AFTER it has been approved by your manager in #mr-buddies.
  • If the changes relate to any part of the project other than updates to content and/or data files please make sure to ping @gl-static-site-editor in a comment for a review and merge. For example changes to .gitlab-ci.yml, JavaScript/CSS/Ruby code or the layout files. (this requirement has been removed pending identification of a new DRI for the handbook)