[🧹 CHORE]: Make SQS plugin check for IAM credentials for ECS

[nickdnk]

No duplicates 🥲.

• [X] I have searched for a similar issue.

What should be improved or cleaned up?

It seems the SQS plugin only checks for EC2, not for ECS Fargate, when it is considering dynamic IAM credentials. This means that when running in containers, you would have to provide an explicit access key instead of relying on the IAM role for the task.

In order to use ECS credentials, the endpoint is 169.254.170.2 (and not 169.254.169.254) followed by the contents of the ENV variable AWS_CONTAINER_CREDENTIALS_RELATIVE_URI or just AWS_CONTAINER_CREDENTIALS_FULL_URI, if available. I'm unsure why both these variables exist, but it may be some BC compatibility.

The current implementation checks only the EC2 endpoint (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html) at https://github.com/roadrunner-server/sqs/blob/master/sqsjobs/driver.go#L32

You can see how the PHP SDK makes this call when used inside AWS ECS containers: https://github.com/aws/aws-sdk-php/blob/master/src/Credentials/EcsCredentialProvider.php#L192

You probably don't even need to hit the endpoint to check. If these variables are not available, it is not running in ECS:

public static function shouldUseEcs() {
  //Check for relative uri. if not, then full uri.
  //fall back to server for each as getenv is not thread-safe.
  return !empty(getenv(EcsCredentialProvider::ENV_URI))
      || !empty($_SERVER[EcsCredentialProvider::ENV_URI])
      || !empty(getenv(EcsCredentialProvider::ENV_FULL_URI))
      || !empty($_SERVER[EcsCredentialProvider::ENV_FULL_URI]);
}

I put this under Chore as it's somewhere between a Feature Request (IAM credentials already supported) and a bug (doesn't work if in an ECS container).