Support HTTP Websocket Connections in wsclient

[dastbe]

Summary

This pull requests allows the wsclient (and therefore acs and tcs) to connect over http and upgrade to a plain websocket connection.

Implementation details

wss (secure websocket) was hardcoded. This change makes a determination based on http or https. Maybe there will be some crazy httpX in the future so I made it a switch.

Testing

• Builds on Linux (make release)
• Builds on Windows (go build -out amazon-ecs-agent.exe ./agent)
• Unit tests on Linux (make test) pass
• Unit tests on Windows (go test -timeout=25s ./agent/...) pass
• Integration tests on Linux (make run-integ-tests) pass
• Integration tests on Windows (.\scripts\run-integ-tests.ps1) pass
• Functional tests on Linux (make run-functional-tests) pass
• Functional tests on Windows (.\scripts\run-functional-tests.ps1) pass

New tests cover the changes: yes

Description for the changelog

Enhancement - Allow plain HTTP connections through wsclient

Licensing

This contribution is under the terms of the Apache 2.0 License: yes

[petderek]

Should we gate this code path with an 'allowUnsecureACS' option? I don't think we want this enabled by default.

[petderek]

In general, we've avoided using named returns. Please change this.

[dastbe]

Done.

[samuelkarp]

samuelkarp@d57d983

[petderek]

Use format $context: msg and package errors.New()

errors.New("wsclient: Unknown httpScheme %s", httpScheme)

[samuelkarp]

samuelkarp@adcca2c

[dastbe]

Done

[petderek]

Nice!!

[dastbe]

"Should we gate this code path with an 'allowUnsecureACS' option?"

So my argument against is that we do allow using an http endpoint to talk to ECS via the SDK. If there were a flag, it should apply to both.

[samuelkarp]

Should we gate this code path with an 'allowUnsecureACS' option? I don't think we want this enabled by default.

I'm somewhat okay with it being ungated since the endpoint is not actually configurable; you only get the endpoint from the result of a DiscoverPollEndpoint call.