Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: kanbo...@packages.debian.org, j...@nahmias.net
Control: affects -1 + src:kanboard
Please unblock package kanboard
[ Reason ]
- Fix RC bug #1035598, caused by improper quoting in the test for
lighty-enable-mod
- Fix a few issues discovered with the debian patch to use the newer version
of symfony that is in bookworm, which break common use cases /
configurations (including the package default one).
- Fix an oversight in the default lighttpd configuration provided with
kanboard which doesn't exempt the jsonrpc API endpoint from redirection to
the login page.
- Add autopkgtests to cover the above issues.
[ Impact ]
RC bug will cause kanboard to be removed from bookworm.
[ Tests ]
I've added a basic autopkgtest to test the jsonrpc API endpoint using
the default (lighttpd) config.
Added an autopkgtest to specifically test the installation of kanboard
with apache.
Did NOT add a similar jsonrpc autopkgtest for running under apache, as
this would require shipping a default config for apache, which feels like
too much of a new feature and thus unsuitable for an unblock at this point
of the release cycle. However, if the RT would be willing to include this
I'd be happy to do so; otherwise, I plan to defer until trixie opens.
[ Risks ]
Kanboard is a leaf package.
Fixes are targetted and address important/RC issues.
Autopkgtests are included to cover the issues and insure against regressions.
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
[ Other info ]
unblock kanboard/1.2.26+ds-2
This is my first unblock request in quite some time. Any feedback you wish to
provide would be greatly appreciated!
Thanks for all you do to make Debian,
--Joe
diff -Nru kanboard-1.2.26+ds/debian/35-kanboard.conf
kanboard-1.2.26+ds/debian/35-kanboard.conf
--- kanboard-1.2.26+ds/debian/35-kanboard.conf 2022-07-22 12:48:59.000000000
-0400
+++ kanboard-1.2.26+ds/debian/35-kanboard.conf 2023-05-15 21:45:51.000000000
-0400
@@ -7,6 +7,7 @@
alias.url += ( "/kanboard/" => "/usr/share/kanboard/" )
index-file.names += ( "index.php" )
url.rewrite-once = (
+ "^/kanboard/jsonrpc\.php" => "",
"^/kanboard/assets/.+" => "",
"^/kanboard/favicon\..*$" => "",
"" => "/kanboard/index.php${qsa}",
diff -Nru kanboard-1.2.26+ds/debian/changelog
kanboard-1.2.26+ds/debian/changelog
--- kanboard-1.2.26+ds/debian/changelog 2023-01-14 19:54:15.000000000 -0500
+++ kanboard-1.2.26+ds/debian/changelog 2023-05-16 22:49:38.000000000 -0400
@@ -1,3 +1,23 @@
+kanboard (1.2.26+ds-2) unstable; urgency=medium
+
+ * properly test for lighty-enable-mod.
+ This fixes a bug in how the postinst/prerm maint scripts check whether
+ to enable kanboard for lighttpd, which caused it to fail when lighttpd
+ was not installed. (Closes: #1035598)
+ * adapt some more areas to the new Symfony EventDispatcher API
+ fix a couple of spots where we missed updating to the new dispatch() API:
+ - standard db-based Auth
+ - jsonrpc Auth
+ * do not redirect access to Kanboard's JSONRPC API.
+ It uses its own authentication and shouldn't be bounced to the standard
+ login page.
+ * add autopkgtest to ensure Kanboard JSONRPC API (minimally) works
+ * add apache install autopkgtest
+ * test(jsonrpc): make curl report errors in a cleaner way
+ * test(jsonrpc): add php-fpm as test dep
+
+ -- Joseph Nahmias <je...@debian.org> Tue, 16 May 2023 22:49:38 -0400
+
kanboard (1.2.26+ds-1) unstable; urgency=medium
* [1f43019] New upstream version 1.2.26+ds
diff -Nru kanboard-1.2.26+ds/debian/patches/adapt_to_newer_symfony.patch
kanboard-1.2.26+ds/debian/patches/adapt_to_newer_symfony.patch
--- kanboard-1.2.26+ds/debian/patches/adapt_to_newer_symfony.patch
2022-07-24 09:00:23.000000000 -0400
+++ kanboard-1.2.26+ds/debian/patches/adapt_to_newer_symfony.patch
2023-05-15 21:45:51.000000000 -0400
@@ -623,3 +623,41 @@
return false;
}
+--- a/app/Api/Middleware/AuthenticationMiddleware.php
++++ b/app/Api/Middleware/AuthenticationMiddleware.php
+@@ -7,6 +7,7 @@ use JsonRPC\Exception\AuthenticationFail
+ use JsonRPC\MiddlewareInterface;
+ use Kanboard\Auth\ApiAccessTokenAuth;
+ use Kanboard\Core\Base;
++use Symfony\Contracts\EventDispatcher\Event;
+
+ /**
+ * Class AuthenticationApiMiddleware
+@@ -28,7 +29,7 @@ class AuthenticationMiddleware extends B
+ */
+ public function execute($username, $password, $procedureName)
+ {
+- $this->dispatcher->dispatch('app.bootstrap');
++ $this->dispatcher->dispatch(new Event, 'app.bootstrap');
+ session_set('scope', 'API');
+
+ if ($this->isUserAuthenticated($username, $password)) {
+--- a/app/Middleware/BootstrapMiddleware.php
++++ b/app/Middleware/BootstrapMiddleware.php
+@@ -3,6 +3,7 @@
+ namespace Kanboard\Middleware;
+
+ use Kanboard\Core\Controller\BaseMiddleware;
++use Symfony\Contracts\EventDispatcher\Event;
+
+ /**
+ * Class BootstrapMiddleware
+@@ -18,7 +19,7 @@ class BootstrapMiddleware extends BaseMi
+ public function execute()
+ {
+ $this->sessionManager->open();
+- $this->dispatcher->dispatch('app.bootstrap');
++ $this->dispatcher->dispatch(new Event, 'app.bootstrap');
+ $this->sendHeaders();
+ $this->next();
+ }
diff -Nru kanboard-1.2.26+ds/debian/postinst kanboard-1.2.26+ds/debian/postinst
--- kanboard-1.2.26+ds/debian/postinst 2022-07-22 12:48:59.000000000 -0400
+++ kanboard-1.2.26+ds/debian/postinst 2023-05-15 21:45:51.000000000 -0400
@@ -20,7 +20,7 @@
case "$1" in
configure)
- if [ -x `command -v lighty-enable-mod` ]; then
+ if [ -x "$(command -v lighty-enable-mod)" ]; then
lighty-enable-mod kanboard || [ $? -eq 2 ]
invoke-rc.d lighttpd reload
fi
diff -Nru kanboard-1.2.26+ds/debian/prerm kanboard-1.2.26+ds/debian/prerm
--- kanboard-1.2.26+ds/debian/prerm 2022-07-22 12:48:59.000000000 -0400
+++ kanboard-1.2.26+ds/debian/prerm 2023-05-15 21:45:51.000000000 -0400
@@ -19,7 +19,7 @@
case "$1" in
remove)
- if [ -x `command -v lighty-disable-mod` ]; then
+ if [ -x "$(command -v lighty-disable-mod)" ]; then
lighty-disable-mod kanboard || [ $? -eq 2 ]
invoke-rc.d lighttpd reload
fi
diff -Nru kanboard-1.2.26+ds/debian/tests/check_version_via_jsonrpc_api.sh
kanboard-1.2.26+ds/debian/tests/check_version_via_jsonrpc_api.sh
--- kanboard-1.2.26+ds/debian/tests/check_version_via_jsonrpc_api.sh
1969-12-31 19:00:00.000000000 -0500
+++ kanboard-1.2.26+ds/debian/tests/check_version_via_jsonrpc_api.sh
2023-05-15 23:16:03.000000000 -0400
@@ -0,0 +1,24 @@
+#!/bin/sh
+set -e
+
+KBDB=/var/lib/kanboard/data/db.sqlite
+
+# Create the Kanboard [sqlite] database
+/usr/share/kanboard/cli db:migrate
+
+TOK=$(sqlite3 "$KBDB" "SELECT value FROM settings WHERE option = 'api_token';")
+printf 'Got JSONRPC API Token: "%s".\n' "$TOK"
+
+VER_API=$(curl --silent --show-error --fail --user "jsonrpc:$TOK" --data
'{"jsonrpc": "2.0", "method": "getVersion", "id": 1}'
http://localhost/kanboard/jsonrpc.php | jq --raw-output '.result')
+printf 'JSONRPC API returned Kanboard version "%s".\n' "$VER_API"
+
+VER_DPKG=$(dpkg-query --showformat='${Version}' --show kanboard)
+printf 'dpkg returned Kanboard version "%s".\n' "$VER_DPKG"
+
+if [ "$VER_API" = "$VER_DPKG" ]; then
+ printf 'Versions match; test PASSes.\n'
+ exit 0
+else
+ printf 'Versions do NOT match; test FAILs!\n'
+ exit 1
+fi
diff -Nru kanboard-1.2.26+ds/debian/tests/control
kanboard-1.2.26+ds/debian/tests/control
--- kanboard-1.2.26+ds/debian/tests/control 2023-01-14 19:53:22.000000000
-0500
+++ kanboard-1.2.26+ds/debian/tests/control 2023-05-16 22:09:23.000000000
-0400
@@ -2,7 +2,7 @@
Test-Command: /usr/share/kanboard/cli version
Depends: kanboard
-Features: test-name=smoke
+Features: test-name=smoke-cli
Restrictions: needs-root, superficial
Architecture: !armel !armhf !i386
@@ -16,3 +16,23 @@
pkg-php-tools (>= 1.41),
Restrictions: needs-root
Architecture: !armel !armhf !i386
+
+Test-Command: debian/tests/check_version_via_jsonrpc_api.sh
+Depends:
+ lighttpd,
+ kanboard,
+ php-fpm,
+ sqlite3,
+ curl,
+ jq,
+Features: test-name=smoke-jsonrpc-lighttpd
+Restrictions: needs-root, superficial
+Architecture: !armel !armhf !i386
+
+Test-Command: /usr/bin/true
+Depends:
+ apache2,
+ kanboard,
+Features: test-name=install-apache
+Restrictions: superficial
+Architecture: !armel !armhf !i386
