Migrates zipkin-aws to v2 SDK; add v2 sender/instrumentation

[codefromthecrypt]

Summary

• Ports collectors (SQS, Kinesis), module/, and aws-junit from AWS SDK v1 to v2 in-place, keeping package names
• Adds new brave/instrumentation-awssdk-sqs module (v2 SQS messaging instrumentation)
• Adds new reporter/sender-awssdk-kinesis module (v2 Kinesis sender)
• Upgrades Kinesis Client Library from 1.x to 3.4.1

Testing

Build and verify:

$ ./mvnw -T1C -nsu verify
$ RELEASE_FROM_MAVEN_BUILD=true build-bin/docker/docker_build openzipkin/zipkin-aws:test
$ build-bin/docker/docker_test_image openzipkin/zipkin-aws:test

Elasticsearch smoke test (no real credentials)

Save as docker-compose-test-es.yaml:

services:
  fake-es:
    image: nginx:alpine
    networks:
      default:
        aliases:
          - fake-es.us-east-1.es.amazonaws.com
    command:
      - sh
      - -c
      - |
        apk add --no-cache openssl > /dev/null 2>&1
        openssl req -x509 -nodes -days 1 -newkey rsa:2048           -keyout /etc/ssl/key.pem -out /etc/ssl/cert.pem           -subj '/CN=fake-es.us-east-1.es.amazonaws.com' 2>/dev/null
        cat > /etc/nginx/conf.d/default.conf <<'CONF'
        server {
            listen 443 ssl;
            ssl_certificate /etc/ssl/cert.pem;
            ssl_certificate_key /etc/ssl/key.pem;
            location / {
                return 403 '{"Message":"User: anonymous is not authorized"}';
                default_type application/json;
            }
        }
        CONF
        nginx -g 'daemon off;'

  sut:
    image: openzipkin/zipkin-aws:test
    depends_on: [fake-es]
    ports: ["9411:9411"]
    environment:
      - STORAGE_TYPE=elasticsearch
      - ES_HOSTS=https://fake-es.us-east-1.es.amazonaws.com
      - ES_SSL_NO_VERIFY=true
      - AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
      - AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

$ docker compose -f docker-compose-test-es.yaml up -d
$ curl -s localhost:9411/health|jq .
{
  "status": "DOWN",
  "zipkin": {
    "status": "DOWN",
    "details": {
      "error": "Timed out computing health status..."
    }
  }
}

$ curl -s -w "%{http_code}" -X POST localhost:9411/api/v2/spans   -H "Content-Type: application/json"   -d '[{"traceId":"aaaa000000000001","id":"bbbb000000000001",
       "name":"test","timestamp":1000000,"duration":1000,
       "localEndpoint":{"serviceName":"smoketest"}}]'
202

$ docker compose -f docker-compose-test-es.yaml down

SQS collector smoke test (no real credentials)

Save as docker-compose-test-sqs.yaml:

services:
  sut:
    image: openzipkin/zipkin-aws:test
    ports: ["9411:9411"]
    environment:
      - STORAGE_TYPE=xray
      - SQS_QUEUE_URL=https://sqs.us-east-1.amazonaws.com/000000000000/zipkin
      - AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
      - AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
      - AWS_REGION=us-east-1

Server boots, v2 SqsClient loads correctly, expected 403 with fake credentials:

software.amazon.awssdk.services.sqs.model.SqsException: The security token included in the request
is invalid. (Service: Sqs, Status Code: 403, ...) (SDK Attempt Count: 1)

Kinesis collector smoke test (no real credentials)

Save as docker-compose-test-kinesis.yaml:

services:
  sut:
    image: openzipkin/zipkin-aws:test
    ports: ["9411:9411"]
    environment:
      - STORAGE_TYPE=xray
      - KINESIS_STREAM_NAME=zipkin
      - AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
      - AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
      - AWS_REGION=us-east-1

Server boots, KCL 3.x loads correctly, expected 400 with fake credentials:

software.amazon.kinesis.leases.exceptions.DependencyException:
software.amazon.awssdk.services.dynamodb.model.DynamoDbException: The security token included in the
request is invalid. (Service: DynamoDb, Status Code: 400, ...) (SDK Attempt Count: 1)

[codefromthecrypt]

fyi I bumped to 2.0.0-SNAPSHOT as the server impl is very different. However, this doesn't remove any 1.x client libs, just fills 2.x alts for ones we were missing

[codefromthecrypt]

thanks for the review @reta !