Merge pull request 'Build musl static binaries & update dependencies' (#15) from Armael/tricot:musl into main

Reviewed-on: Deuxfleurs/tricot#15

flake.lock

@@ -55,94 +55,47 @@
         "type": "github"
       }
     },
-    "flake-utils_2": {
-      "inputs": {
-        "systems": "systems"
-      },
-      "locked": {
-        "lastModified": 1710146030,
-        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1714030708,
-        "narHash": "sha256-JOGPOxa8N6ySzB7SQBsh0OVz+UXZriyahgvfNHMIY0Y=",
+        "lastModified": 1731094700,
+        "narHash": "sha256-lSiVjHP7sgnCt2hZabnq+tCLmBerDKmAdd2CS6BrBjw=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "b0d52b31f7f4d80f8bf38f0253652125579c35ff",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixpkgs-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1707091808,
-        "narHash": "sha256-LahKBAfGbY836gtpVNnWwBTIzN7yf/uYM/S0g393r0Y=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "9f2ee8c91ac42da3ae6c6a1d21555f283458247e",
+        "rev": "551ba0fa7653afb9d590db225c3bcbccf68931c0",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "9f2ee8c91ac42da3ae6c6a1d21555f283458247e",
+        "rev": "551ba0fa7653afb9d590db225c3bcbccf68931c0",
         "type": "github"
       }
     },
     "root": {
       "inputs": {
         "cargo2nix": "cargo2nix",
-        "nixpkgs": "nixpkgs_2"
+        "nixpkgs": "nixpkgs"
       }
     },
     "rust-overlay": {
       "inputs": {
-        "flake-utils": "flake-utils_2",
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": [
+          "cargo2nix",
+          "nixpkgs"
+        ]
       },
       "locked": {
-        "lastModified": 1707271822,
-        "narHash": "sha256-/DZsoPH5GBzOpVEGz5PgJ7vh8Q6TcrJq5u8FcBjqAfI=",
+        "lastModified": 1731032894,
+        "narHash": "sha256-dQSyYPmrQiPr+PGEd+K8038rubFGz7G/dNXVeaGWE0w=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "7a94fe7690d2bdfe1aab475382a505e14dc114a6",
+        "rev": "d52f2a4c103a0acf09ded857b9e2519ae2360e59",
         "type": "github"
       },
       "original": {
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "7a94fe7690d2bdfe1aab475382a505e14dc114a6",
-        "type": "github"
-      }
-    },
-    "systems": {
-      "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-systems",
-        "repo": "default",
+        "rev": "d52f2a4c103a0acf09ded857b9e2519ae2360e59",
         "type": "github"
       }
     }

flake.nix

@@ -1,16 +1,20 @@
 {
   description = "Tricot, a reverse proxy with consul integration";
 
-  # Nixpkgs 23.11 as of 2024-02-07, has rustc v1.73
+  # Nixpkgs 24.05 as of 2024-11-08, has rustc v1.77.2
   inputs.nixpkgs.url =
-    "github:NixOS/nixpkgs/9f2ee8c91ac42da3ae6c6a1d21555f283458247e";
+    "github:NixOS/nixpkgs/551ba0fa7653afb9d590db225c3bcbccf68931c0";
   inputs.cargo2nix = {
     # cargo2nix as of 2024-04-25
+    # NB: upgrading to a more recent commit of cargo2nix will not work (as of 2024-11-08),
+    # because the patch making openssl-sys cross-compilation work has been reverted.
+    # (patch: https://github.com/cargo2nix/cargo2nix/pull/237,
+    #  revert: https://github.com/cargo2nix/cargo2nix/commit/cfd086deb565314f3a11b5bb25807a3ce17315d4)
     url = "github:cargo2nix/cargo2nix/1efb03f2f794ad5eed17e807e858c4da001dbc3e";
 
-    # Rust overlay as of 2024-02-07
+    # Rust overlay as of 2024-11-08
     inputs.rust-overlay.url =
-      "github:oxalica/rust-overlay/7a94fe7690d2bdfe1aab475382a505e14dc114a6";
+      "github:oxalica/rust-overlay/d52f2a4c103a0acf09ded857b9e2519ae2360e59";
 
     inputs.nixpkgs.follows = "nixpkgs";
   };
@@ -27,7 +31,7 @@
       overlays = [ cargo2nix.overlays.default ];
     };
     packageFun = import ./Cargo.nix;
-    rustVersion = "1.68.0";
+    rustVersion = "1.77.2";
 
     compile = args: compileMode:
       let
@@ -45,5 +49,13 @@
     debug.x86_64-linux.tricot = compile { release = false; } "build";
     packages.x86_64-linux.tricot = compile { release = true; } "build";
     packages.x86_64-linux.default = self.packages.x86_64-linux.tricot;
+
+    docker = pkgs.dockerTools.buildImage {
+      name = "tricot";
+      config = {
+        contents = [ pkgs.cacert ];
+        Cmd = [ "${self.packages.x86_64-linux.default}/bin/tricot" ];
+      };
+    };
   };
 }

src/https.rs

@@ -41,21 +41,9 @@ pub struct HttpsConfig {
 struct HttpsMetrics {
 	requests_received: metrics::Counter<u64>,
 	requests_served: metrics::Counter<u64>,
-	requests_in_flight: metrics::UpDownCounter<i64>,
 	request_proxy_duration: metrics::Histogram<f64>,
 }
 
-struct InFlightGuard<'a, 'b> {
-	metrics: &'a HttpsMetrics,
-	tags: &'b [KeyValue],
-}
-
-impl<'a, 'b> Drop for InFlightGuard<'a, 'b> {
-	fn drop(&mut self) {
-		self.metrics.requests_in_flight.add(-1, self.tags)
-	}
-}
-
 pub async fn serve_https(
 	config: HttpsConfig,
 	cert_store: Arc<CertStore>,
@@ -74,10 +62,6 @@ pub async fn serve_https(
 			.u64_counter("https_requests_served")
 			.with_description("Total number of requests served over HTTPS")
 			.init(),
-		requests_in_flight: meter
-			.i64_up_down_counter("https_requests_in_flight")
-			.with_description("Current number of requests handled over HTTPS")
-			.init(),
 		request_proxy_duration: meter
 			.f64_histogram("https_request_proxy_duration")
 			.with_description("Duration between time when request was received, and time when backend returned status code and headers")
@@ -194,7 +178,9 @@ async fn handle_request(
 			.unwrap_or_default(),
 	);
 
-	metrics.requests_received.add(1, &[host_tag, method_tag.clone()]);
+	metrics
+		.requests_received
+		.add(1, &[host_tag, method_tag.clone()]);
 
 	let mut tags = vec![method_tag];
 	let resp = select_target_and_proxy(
@@ -286,17 +272,6 @@ async fn select_target_and_proxy(
 		);
 		proxy_to.calls_in_progress.fetch_add(1, Ordering::SeqCst);
 
-		let tags_in_flight = &tags.clone();
-		metrics.requests_in_flight.add(1, &tags_in_flight);
-		// The guard ensures that we decrement requests_in_flight in all cases where
-		// the current tasks ends, including the case where it gets canceled and
-		// doesn't run to completion (which may happen e.g. if it timeouts).
-		// (Crucially we create the guard before the first .await in this function.)
-		let _guard = InFlightGuard {
-			metrics: &metrics,
-			tags: &tags_in_flight,
-		};
-
 		// Forward to backend
 		debug!("{}{} -> {}", host, path, proxy_to);
 		trace!("Request: {:?}", req);

src/main.rs

@@ -132,6 +132,7 @@ async fn main() {
 	let opt = Opt::from_args();
 
 	info!("Starting Tricot");
+	println!("Starting Tricot");
 
 	let (exit_signal, provoke_exit) = watch_ctrl_c();
 	let exit_on_err = move |err: anyhow::Error| {