feat: add docker build options for forwarder with native root store

.github/workflows/docker_build_push.yml

@@ -51,6 +51,43 @@ jobs:
               jqtype/rpxy:s2n
               ghcr.io/junkurihara/rust-rpxy:s2n
 
+          - target: "native-roots"
+            dockerfile: ./docker/Dockerfile
+            platforms: linux/amd64,linux/arm64
+            build-args: |
+              "CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,native-roots"
+            tags-suffix: "-native-roots"
+            # Aliases must be used only for release builds
+            aliases: |
+              jqtype/rpxy:native-roots
+              ghcr.io/junkurihara/rust-rpxy:native-roots
+
+          - target: "slim-native-roots"
+            dockerfile: ./docker/Dockerfile-slim
+            build-args: |
+              "CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,native-roots"
+            build-contexts: |
+              messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl
+              messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl
+            platforms: linux/amd64,linux/arm64
+            tags-suffix: "-slim-native-roots"
+            # Aliases must be used only for release builds
+            aliases: |
+              jqtype/rpxy:slim-native-roots
+              ghcr.io/junkurihara/rust-rpxy:slim-native-roots
+
+          - target: "s2n-native-roots"
+            dockerfile: ./docker/Dockerfile
+            build-args: |
+              "CARGO_FEATURES=--no-default-features --features=http3-s2n,cache,native-roots"
+              "ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++"
+            platforms: linux/amd64,linux/arm64
+            tags-suffix: "-s2n-native-roots"
+            # Aliases must be used only for release builds
+            aliases: |
+              jqtype/rpxy:s2n-native-roots
+              ghcr.io/junkurihara/rust-rpxy:s2n-native-roots
+
     steps:
       - name: Checkout
         uses: actions/checkout@v4

docker/Dockerfile-slim

@@ -4,6 +4,8 @@ FROM --platform=$BUILDPLATFORM messense/rust-musl-cross:${TARGETARCH}-musl AS bu
 LABEL maintainer="Jun Kurihara"
 
 ARG TARGETARCH
+ARG CARGO_FEATURES
+ENV CARGO_FEATURES ${CARGO_FEATURES}
 
 RUN if [ $TARGETARCH = "amd64" ]; then \
   echo "x86_64" > /arch; \
@@ -23,7 +25,7 @@ COPY . /tmp/
 ENV RUSTFLAGS "-C link-arg=-s"
 
 RUN echo "Building rpxy from source" && \
-  cargo build --release --target $(cat /arch)-unknown-linux-musl && \
+  cargo build --release --target $(cat /arch)-unknown-linux-musl ${CARGO_FEATURES} && \
   musl-strip --strip-all /tmp/target/$(cat /arch)-unknown-linux-musl/release/rpxy && \
   cp /tmp/target/$(cat /arch)-unknown-linux-musl/release/rpxy /tmp/target/release/rpxy
 

docker/docker-compose-slim.yml

@@ -9,15 +9,17 @@ services:
       - 127.0.0.1:8080:8080/tcp
       - 127.0.0.1:8443:8443/udp
       - 127.0.0.1:8443:8443/tcp
-    # build: # Uncomment if you build yourself
-    #   context: ../
-    #   additional_contexts:
-    #     - messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl
-    #     - messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl
-    #   dockerfile: ./docker/Dockerfile-slim # based on alpine and build x86_64-unknown-linux-musl
-    #   platforms: # Choose your platforms
-    #     - "linux/amd64"
-    #     # - "linux/arm64"
+    build: # Uncomment if you build yourself
+      context: ../
+      additional_contexts:
+        - messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl
+        - messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl
+      # args: # Uncomment when build with native cert store
+      #   - "CARGO_FEATURES=--no-default-features --features=http3-quinn,native-roots"
+      dockerfile: ./docker/Dockerfile-slim # based on alpine and build x86_64-unknown-linux-musl
+      platforms: # Choose your platforms
+        # - "linux/amd64"
+        - "linux/arm64"
     environment:
       - LOG_LEVEL=debug
       - LOG_TO_FILE=true

docker/docker-compose.yml

@@ -9,15 +9,17 @@ services:
       - 127.0.0.1:8080:8080/tcp
       - 127.0.0.1:8443:8443/udp
       - 127.0.0.1:8443:8443/tcp
-    # build: # Uncomment if you build yourself
-    #   context: ../
-    #   args: # Uncomment when build quic-s2n version
-    #     - "CARGO_FEATURES=--no-default-features --features http3-s2n"
-    #     - "ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++"
-    #   dockerfile: ./docker/Dockerfile # based on ubuntu 22.04 and build x86_64-unknown-linux-gnu
-    #   platforms: # Choose your platforms
-    #     - "linux/amd64"
-    #     # - "linux/arm64"
+    build: # Uncomment if you build yourself
+      context: ../
+      # args: # Uncomment when build quic-s2n version
+      #   - "CARGO_FEATURES=--no-default-features --features=http3-s2n"
+      #   - "ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++"
+      # args: # Uncomment when build with native cert store
+      #   - "CARGO_FEATURES=--no-default-features --features=http3-quinn,native-roots"
+      dockerfile: ./docker/Dockerfile # based on ubuntu 22.04 and build x86_64-unknown-linux-gnu
+      platforms: # Choose your platforms
+        # - "linux/amd64"
+        - "linux/arm64"
     environment:
       - LOG_LEVEL=debug
       - LOG_TO_FILE=true

rpxy-lib/src/handler/forwarder.rs

@@ -1,8 +1,6 @@
 #[cfg(feature = "cache")]
 use super::cache::{get_policy_if_cacheable, RpxyCache};
-#[cfg(feature = "cache")]
-use crate::log::*;
-use crate::{error::RpxyError, globals::Globals, CryptoSource};
+use crate::{error::RpxyError, globals::Globals, log::*, CryptoSource};
 use async_trait::async_trait;
 #[cfg(feature = "cache")]
 use bytes::Buf;