Update dependencies, go mod and remove vendor

[NicolasMahe]

Hi, I created this PR to update your CLI's dependencies:

• updates the dependencies to spf13/cobra v0.0.5 and hashicorp/vault v1.2.3
• switch from gopkg to go mod
• remove vendor folder
• add command dep to the makefile to download the dependencies

I didn't change the source code and the test are still passing.

If you want to keep vendor folder, I can remove commit be7ca0d.

Cheers.

[NicolasMahe]

Hey @NicolasMahe, thank you for your patch!

It seems that after running go get -u ./... there is following dependency added to go.* files:

+       github.com/spf13/pflag v1.0.5 // indirect

I'm not the author of this project, but perhaps we should include that too.

I updated spf13/pflag to v1.0.5 even if spf13/cobra (the package that requires spf13/pflag) is requiring v1.0.3 in its go.mod 👍

Also, I'd keep vendor directory, as it can sometimes prevent some import errors + it allows offline builds (go build -mod vendor won't download any package and if some upstream is unavailable, you can still build everything).

I added back the vendor folder 👍

---

Any other feedback? Cheers