Bump Go version to 1.19.1 (#3398)

* Bump Go version to 1.19.1

pickup the fix for https://nvd.nist.gov/vuln/detail/CVE-2022-27664

* make goimports

* make goimports -f init_Makefile

* fix seelog xml

* deprecate ioutil

Author: sparrc

GO_VERSION

@@ -1 +1 @@
-1.18.3
+1.19.1

GO_VERSION_WINDOWS

@@ -1 +1 @@
-1.18.3
+1.19.1

agent/api/container/container_test.go

@@ -138,7 +138,7 @@ func TestIsInternal(t *testing.T) {
 }
 
 // TestSetupExecutionRoleFlag tests whether or not the container appropriately
-//sets the flag for using execution roles
+// sets the flag for using execution roles
 func TestSetupExecutionRoleFlag(t *testing.T) {
 	testCases := []struct {
 		container *Container

agent/api/task/task_linux.go

@@ -98,11 +98,12 @@ func buildCgroupV1Root(taskID string) string {
 // buildCgroupV2Root creates a root cgroup using the systemd driver's special "-"
 // character. The "-" specifies a parent slice, so tasks and their containers end up
 // looking like this in the cgroup directory:
-//   /sys/fs/cgroup/ecstasks.slice/
-//   ├── ecstasks-XXXXf406f70c4c678073ae96944fXXXX.slice
-//   │   └── docker-XXXX7c6dc81f2e9a8bf1c566dc769733ccba594b3007dd289a0f50ad7923XXXX.scope
-//   └── ecstasks-XXXX30467358463ab6bbba4e73afXXXX.slice
-//       └── docker-XXXX7ef4e942552437c96051356859c1df169f16e1cf9a9fc96fd30614e6XXXX.scope
+//
+//	/sys/fs/cgroup/ecstasks.slice/
+//	├── ecstasks-XXXXf406f70c4c678073ae96944fXXXX.slice
+//	│   └── docker-XXXX7c6dc81f2e9a8bf1c566dc769733ccba594b3007dd289a0f50ad7923XXXX.scope
+//	└── ecstasks-XXXX30467358463ab6bbba4e73afXXXX.slice
+//	    └── docker-XXXX7ef4e942552437c96051356859c1df169f16e1cf9a9fc96fd30614e6XXXX.scope
 func buildCgroupV2Root(taskID string) string {
 	return fmt.Sprintf("%s-%s.slice", config.DefaultTaskCgroupV2Prefix, taskID)
 }

agent/app/agent_capability.go

@@ -129,53 +129,53 @@ var (
 // capabilities returns the supported capabilities of this agent / docker-client pair.
 // Currently, the following capabilities are possible:
 //
-//    com.amazonaws.ecs.capability.privileged-container
-//    com.amazonaws.ecs.capability.docker-remote-api.1.17
-//    com.amazonaws.ecs.capability.docker-remote-api.1.18
-//    com.amazonaws.ecs.capability.docker-remote-api.1.19
-//    com.amazonaws.ecs.capability.docker-remote-api.1.20
-//    com.amazonaws.ecs.capability.logging-driver.json-file
-//    com.amazonaws.ecs.capability.logging-driver.syslog
-//    com.amazonaws.ecs.capability.logging-driver.fluentd
-//    com.amazonaws.ecs.capability.logging-driver.journald
-//    com.amazonaws.ecs.capability.logging-driver.gelf
-//    com.amazonaws.ecs.capability.logging-driver.none
-//    com.amazonaws.ecs.capability.selinux
-//    com.amazonaws.ecs.capability.apparmor
-//    com.amazonaws.ecs.capability.ecr-auth
-//    com.amazonaws.ecs.capability.task-iam-role
-//    com.amazonaws.ecs.capability.task-iam-role-network-host
-//    ecs.capability.docker-volume-driver.${driverName}
-//    ecs.capability.task-eni
-//    ecs.capability.task-eni-block-instance-metadata
-//    ecs.capability.execution-role-ecr-pull
-//    ecs.capability.execution-role-awslogs
-//    ecs.capability.container-health-check
-//    ecs.capability.private-registry-authentication.secretsmanager
-//    ecs.capability.secrets.ssm.environment-variables
-//    ecs.capability.secrets.ssm.bootstrap.log-driver
-//    ecs.capability.pid-ipc-namespace-sharing
-//    ecs.capability.ecr-endpoint
-//    ecs.capability.secrets.asm.environment-variables
-//    ecs.capability.secrets.asm.bootstrap.log-driver
-//    ecs.capability.aws-appmesh
-//    ecs.capability.task-eia
-//    ecs.capability.task-eni-trunking
-//    ecs.capability.task-eia.optimized-cpu
-//    ecs.capability.firelens.fluentd
-//    ecs.capability.firelens.fluentbit
-//    ecs.capability.efs
-//    com.amazonaws.ecs.capability.logging-driver.awsfirelens
-//    ecs.capability.logging-driver.awsfirelens.log-driver-buffer-limit
-//    ecs.capability.firelens.options.config.file
-//    ecs.capability.firelens.options.config.s3
-//    ecs.capability.full-sync
-//    ecs.capability.gmsa
-//    ecs.capability.efsAuth
-//    ecs.capability.env-files.s3
-//    ecs.capability.fsxWindowsFileServer
-//    ecs.capability.execute-command
-//    ecs.capability.external
+//	com.amazonaws.ecs.capability.privileged-container
+//	com.amazonaws.ecs.capability.docker-remote-api.1.17
+//	com.amazonaws.ecs.capability.docker-remote-api.1.18
+//	com.amazonaws.ecs.capability.docker-remote-api.1.19
+//	com.amazonaws.ecs.capability.docker-remote-api.1.20
+//	com.amazonaws.ecs.capability.logging-driver.json-file
+//	com.amazonaws.ecs.capability.logging-driver.syslog
+//	com.amazonaws.ecs.capability.logging-driver.fluentd
+//	com.amazonaws.ecs.capability.logging-driver.journald
+//	com.amazonaws.ecs.capability.logging-driver.gelf
+//	com.amazonaws.ecs.capability.logging-driver.none
+//	com.amazonaws.ecs.capability.selinux
+//	com.amazonaws.ecs.capability.apparmor
+//	com.amazonaws.ecs.capability.ecr-auth
+//	com.amazonaws.ecs.capability.task-iam-role
+//	com.amazonaws.ecs.capability.task-iam-role-network-host
+//	ecs.capability.docker-volume-driver.${driverName}
+//	ecs.capability.task-eni
+//	ecs.capability.task-eni-block-instance-metadata
+//	ecs.capability.execution-role-ecr-pull
+//	ecs.capability.execution-role-awslogs
+//	ecs.capability.container-health-check
+//	ecs.capability.private-registry-authentication.secretsmanager
+//	ecs.capability.secrets.ssm.environment-variables
+//	ecs.capability.secrets.ssm.bootstrap.log-driver
+//	ecs.capability.pid-ipc-namespace-sharing
+//	ecs.capability.ecr-endpoint
+//	ecs.capability.secrets.asm.environment-variables
+//	ecs.capability.secrets.asm.bootstrap.log-driver
+//	ecs.capability.aws-appmesh
+//	ecs.capability.task-eia
+//	ecs.capability.task-eni-trunking
+//	ecs.capability.task-eia.optimized-cpu
+//	ecs.capability.firelens.fluentd
+//	ecs.capability.firelens.fluentbit
+//	ecs.capability.efs
+//	com.amazonaws.ecs.capability.logging-driver.awsfirelens
+//	ecs.capability.logging-driver.awsfirelens.log-driver-buffer-limit
+//	ecs.capability.firelens.options.config.file
+//	ecs.capability.firelens.options.config.s3
+//	ecs.capability.full-sync
+//	ecs.capability.gmsa
+//	ecs.capability.efsAuth
+//	ecs.capability.env-files.s3
+//	ecs.capability.fsxWindowsFileServer
+//	ecs.capability.execute-command
+//	ecs.capability.external
 func (agent *ecsAgent) capabilities() ([]*ecs.Attribute, error) {
 	var capabilities []*ecs.Attribute
 

agent/app/data.go

@@ -46,20 +46,20 @@ type savedData struct {
 // load from boltdb, and if it doesn't get anything, it tries to load from state file and then save data it loaded to
 // boltdb. Behavior of three cases are considered:
 //
-// 1. Agent starts from fresh instance (no previous state):
-//    (1) Try to load from boltdb, get nothing;
-//    (2) Try to load from state file, get nothing;
-//    (3) Return empty data.
+//  1. Agent starts from fresh instance (no previous state):
+//     (1) Try to load from boltdb, get nothing;
+//     (2) Try to load from state file, get nothing;
+//     (3) Return empty data.
 //
-// 2. Agent starts with previous state stored in boltdb:
-//    (1) Try to load from boltdb, get the data;
-//    (2) Return loaded data.
+//  2. Agent starts with previous state stored in boltdb:
+//     (1) Try to load from boltdb, get the data;
+//     (2) Return loaded data.
 //
-// 3. Agent starts with previous state stored in state file (i.e. it was just upgraded from an old agent that uses state file):
-//    (1) Try to load from boltdb, get nothing;
-//    (2) Try to load from state file, get something;
-//    (3) Save loaded data to boltdb;
-//    (4) Return loaded data.
+//  3. Agent starts with previous state stored in state file (i.e. it was just upgraded from an old agent that uses state file):
+//     (1) Try to load from boltdb, get nothing;
+//     (2) Try to load from state file, get something;
+//     (3) Save loaded data to boltdb;
+//     (4) Return loaded data.
 func (agent *ecsAgent) loadData(containerChangeEventStream *eventstream.EventStream,
 	credentialsManager credentials.Manager,
 	state dockerstate.TaskEngineState,

agent/config/conditional.go

@@ -71,7 +71,7 @@ type BooleanDefaultFalse struct {
 	Value Conditional
 }
 
-/// Enabled is a convenience function for when consumers don't care if the value is implicit or explicit
+// / Enabled is a convenience function for when consumers don't care if the value is implicit or explicit
 func (b BooleanDefaultFalse) Enabled() bool {
 	return b.Value == ExplicitlyEnabled
 }

agent/config/doc.go

@@ -15,7 +15,7 @@
 Package config handles loading configuration data, warning on missing data,
 and setting sane defaults.
 
-Configuration Sources
+# Configuration Sources
 
 Configuration data is loaded from two sources currently: the environment and
 a json config file.

agent/credentials/instancecreds/instancecreds_linux.go

@@ -25,10 +25,10 @@ import (
 // GetCredentials returns the instance credentials chain. This is the default chain
 // credentials plus the "rotating shared credentials provider", so credentials will
 // be checked in this order:
-//    1. Env vars (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY).
-//    2. Shared credentials file (https://docs.aws.amazon.com/ses/latest/DeveloperGuide/create-shared-credentials-file.html) (file at ~/.aws/credentials containing access key id and secret access key).
-//    3. EC2 role credentials. This is an IAM role that the user specifies when they launch their EC2 container instance (ie ecsInstanceRole (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html)).
-//    4. Rotating shared credentials file located at /rotatingcreds/credentials
+//  1. Env vars (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY).
+//  2. Shared credentials file (https://docs.aws.amazon.com/ses/latest/DeveloperGuide/create-shared-credentials-file.html) (file at ~/.aws/credentials containing access key id and secret access key).
+//  3. EC2 role credentials. This is an IAM role that the user specifies when they launch their EC2 container instance (ie ecsInstanceRole (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html)).
+//  4. Rotating shared credentials file located at /rotatingcreds/credentials
 func GetCredentials(isExternal bool) *credentials.Credentials {
 	mu.Lock()
 	if credentialChain == nil {

agent/credentials/instancecreds/instancecreds_unsupported.go

@@ -23,10 +23,10 @@ import (
 // GetCredentials returns the instance credentials chain. This is the default chain
 // credentials plus the "rotating shared credentials provider", so credentials will
 // be checked in this order:
-//    1. Env vars (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY).
-//    2. Shared credentials file (https://docs.aws.amazon.com/ses/latest/DeveloperGuide/create-shared-credentials-file.html) (file at ~/.aws/credentials containing access key id and secret access key).
-//    3. EC2 role credentials. This is an IAM role that the user specifies when they launch their EC2 container instance (ie ecsInstanceRole (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html)).
-//    4. Rotating shared credentials file located at /rotatingcreds/credentials
+//  1. Env vars (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY).
+//  2. Shared credentials file (https://docs.aws.amazon.com/ses/latest/DeveloperGuide/create-shared-credentials-file.html) (file at ~/.aws/credentials containing access key id and secret access key).
+//  3. EC2 role credentials. This is an IAM role that the user specifies when they launch their EC2 container instance (ie ecsInstanceRole (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html)).
+//  4. Rotating shared credentials file located at /rotatingcreds/credentials
 func GetCredentials(isExternal bool) *credentials.Credentials {
 	return nil
 }