drop sqlite dependency

Dockerfile

@@ -7,18 +7,18 @@ RUN go mod download
 
 COPY . .
 
-RUN go build -o /go/bin/webauthn-oidc-idp -ldflags "\
+RUN CGO_ENABLED=0 go build -o /go/bin/webauthn-oidc-idp -ldflags "\
     -X 'github.com/prometheus/common/version.Branch=$(git describe --contains --all HEAD)' \
     -X 'github.com/prometheus/common/version.BuildUser=$(whoami)' \
-    -X 'github.com/prometheus/common/version.BuildDate=$(date --iso-8601=seconds)'" \
+    -X 'github.com/prometheus/common/version.BuildDate=$(date --utc --iso-8601=seconds)'" \
     ./...
 
 FROM debian:bookworm
 
 WORKDIR /app
 
 RUN apt-get update && \
-    apt-get install -y ca-certificates sqlite3
+    apt-get install -y ca-certificates
 
 COPY --from=build /go/bin/webauthn-oidc-idp /usr/bin/
 

config.go

@@ -12,11 +12,8 @@ import (
 )
 
 type config struct {
-	Database string `json:"databaseFile"`
-	// TODO(sr) rename databaseFile and delete config.SQLDatabse.
-	SQLDatabase string `json:"database"`
-
-	Issuer []issuerConfig `json:"issuers"`
+	Database string         `json:"database"`
+	Issuer   []issuerConfig `json:"issuers"`
 }
 
 type issuerConfig struct {

config.json

@@ -1,5 +1,5 @@
 {
-	"databaseFile": "db/dev.json",
+	"database": "db/dev.json",
 	"issuers": [
 		{
 			"url": "http://localhost:8085",

db.go

@@ -2,7 +2,6 @@ package main
 
 import (
 	"bytes"
-	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -337,50 +336,3 @@ func (db *DB) PutKeyset(ks Keyset, stored DBKeyset) error {
 		return nil
 	})
 }
-
-func migrateSQLToJSON(sqldb *storage, jsondb *DB) error {
-	ctx := context.Background()
-	users, err := sqldb.ListUsers(ctx)
-	if err != nil {
-		return fmt.Errorf("sql.ListUsers: %w", err)
-	}
-	for _, u := range users {
-		user, ok, err := sqldb.GetUserByID(ctx, u.ID, true)
-		if err != nil {
-			return fmt.Errorf("sql.GetUserByID: %w", err)
-		}
-		if !ok {
-			return fmt.Errorf("sql.GetUserByID: user %s not found", u.ID)
-		}
-		newUser := User{
-			ID:            user.ID,
-			Email:         user.Email,
-			FullName:      user.FullName,
-			EnrollmentKey: user.EnrollmentKey,
-			Credentials:   make(map[string]WebauthnCredential),
-		}
-		for _, cred := range user.Credentials {
-			newUser.Credentials[cred.Name] = WebauthnCredential{
-				Credential: cred.Credential,
-				Name:       cred.Name,
-				AddedAt:    time.Now(),
-			}
-		}
-		if err := jsondb.createMigratedUser(newUser); err != nil {
-			return fmt.Errorf("json.createMigratedUser: %w", err)
-		}
-	}
-	return nil
-}
-
-// createMigratedUser saves the given user as is in the database.
-// Do not use; it's temporary and will be deleted in the near future.
-func (db *DB) createMigratedUser(user User) error {
-	return db.f.Write(func(db *schema) error {
-		if len(db.Users) == 0 {
-			db.Users = make(map[string]User)
-		}
-		db.Users[user.ID] = user
-		return nil
-	})
-}

db_test.go

@@ -1,14 +1,12 @@
 package main
 
 import (
-	"context"
 	"os"
 	"path/filepath"
 	"slices"
 	"testing"
 
 	"github.com/go-webauthn/webauthn/webauthn"
-	"github.com/google/go-cmp/cmp"
 )
 
 func TestOpenDB(t *testing.T) {
@@ -163,38 +161,6 @@ func TestAuthenticatedUsers(t *testing.T) {
 	}
 }
 
-func TestMigrateSQLToJSON(t *testing.T) {
-	t.Parallel()
-	ctx := context.Background()
-
-	sqldb := newTestStorage(t)
-
-	user := &WebauthnUser{Email: "abc@def.com", Activated: true}
-	id, err := sqldb.CreateUser(ctx, user)
-	if err != nil {
-		t.Fatalf("sqldb.CreateUser: %v", err)
-	}
-	user.ID = id
-	err = sqldb.AddCredentialToUser(ctx, user.ID, webauthn.Credential{ID: []byte("ID")}, "test name")
-	if err != nil {
-		t.Fatalf("sqldb.AddCredentialToUser: %v", err)
-	}
-
-	jsondb := openTestDB(t)
-
-	if err := migrateSQLToJSON(sqldb, jsondb); err != nil {
-		t.Fatalf("migrateSQLToJSON: %v", err)
-	}
-
-	user2, err := jsondb.GetUserByID(user.ID)
-	if err != nil {
-		t.Fatalf("GetUserByID: %v", err)
-	}
-	if user2.ID != user.ID || user2.Email != user.Email {
-		t.Fatalf("user mismatch: %s", cmp.Diff(user2, user))
-	}
-}
-
 func openTestDB(t *testing.T) *DB {
 	t.Helper()
 

go.mod

@@ -7,12 +7,10 @@ require (
 	github.com/chromedp/cdproto v0.0.0-20240202021202-6d0b6a386732
 	github.com/chromedp/chromedp v0.9.5
 	github.com/go-webauthn/webauthn v0.10.1
-	github.com/google/go-cmp v0.6.0
 	github.com/google/uuid v1.6.0
 	github.com/justinas/nosurf v1.1.1
 	github.com/lstoll/cookiesession v0.0.0-20240302214249-23c5d01c3fb9
 	github.com/lstoll/oidc v1.0.0-alpha.1
-	github.com/mattn/go-sqlite3 v1.14.13
 	github.com/oklog/run v1.1.0
 	github.com/prometheus/client_golang v1.19.0
 	github.com/prometheus/common v0.50.0

go.sum

@@ -47,8 +47,6 @@ github.com/lstoll/oidc v1.0.0-alpha.1 h1:b40XAq3OOawRJazif1xilLN8PdwalJL+qvG1sS1
 github.com/lstoll/oidc v1.0.0-alpha.1/go.mod h1:ZQ/Awk92pRKZizlR6HD/TZpSLqvrMa/tlXDJod6mk0Q=
 github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
-github.com/mattn/go-sqlite3 v1.14.13 h1:1tj15ngiFfcZzii7yd82foL+ks+ouQcj8j/TPq3fk1I=
-github.com/mattn/go-sqlite3 v1.14.13/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
 github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA=

main.go

@@ -89,16 +89,6 @@ func main() {
 		fatalf("open database at %s: %v", cfg.Database, err)
 	}
 
-	if sqlfile := cfg.SQLDatabase; sqlfile != "" {
-		sqldb, err := newStorage(ctx, fmt.Sprintf("file:%s?cache=shared&mode=rwc&_journal_mode=WAL", sqlfile))
-		if err != nil {
-			fatalf("open sqlite database: %v", err)
-		}
-		if err := migrateSQLToJSON(sqldb, db); err != nil {
-			fatalf("migrate SQLite database %s to %s: %v", sqlfile, cfg.Database, err)
-		}
-	}
-
 	if *enroll {
 		if *email == "" {
 			fatal("required flag missing: email")