Add workflow to update go mod version.

[robdimsdale]

Summary

This PR adds a workflow to update the version of go and the toolchain in go.mod. It also adds the associated failure labels for when this job fails.

See https://github.com/orgs/paketo-buildpacks/discussions/283

Use cases

We want to keep the toolchain go1.X.Y line up to date with the latest version of go available, as that is the actual version of the go toolchain that will be used to build the module. If this line is present, go will guarantee to build with this version of go toolchain, regardless of what version is provided in CI. Essentially this line locks down the version of go used to build a module at a specific point in time. By keeping it up to date, we guarantee that we're always building with the latest version of go.

One caveat is that this toolchain line requires a minimum version of the go 1.x line in the go.mod - specifically it requires go 1.21 or greater. So this workflow will also bump that version if it is lower than 1.21. It will ignore the line if it is greater than or equal to go 1.21.

I think running this job once per week is sufficient. Go doesn't release patch versions that frequently, and we don't release buildpacks more frequently than weekly. We can always invoke it directly with the workflow_dispatch in case of a critical CVE fix between scheduled runs.

Checklist

• I have viewed, signed, and submitted the Contributor License Agreement.
• I have linked issue(s) that this PR should close using keywords or the Github UI (See docs)
• I have added an integration test, if necessary.
• I have reviewed the styleguide for guidance on my code quality.
• I'm happy with the commit history on this PR (I have rebased/squashed as needed).