⚓ T216815 Upgrade Thumbor to Buster

Status	Subtype	Assigned	Task
			· · ·
Resolved		None	T247045 Migrate all of production metal and VMs to Buster or later
Resolved		Vlad.shapik	T252719 Upgrade thumbor to Thumbor 7 and python3
Resolved		hnowlan	T193352 Update librsvg to ≥2.42.3 (2.44.10)
Resolved		None	T106516 Greyscale pngs without gAMA chunk rendered with incorrect contrast [or setting the gamma in GIMP exports to PNG]
Open		None	T192309 Thumbnails for specific TIFF pages have small rendering errors, ugly edges, glow missing
Resolved		None	T188885 Thumbnail missing for PDF file (when in PDF/A format?)
Resolved	BUG REPORT	hnowlan	T281027 Unicode-Character 🤣 not rendered in SVG
Open	Feature	None	T290345 Create thumbnail for animated WebP files
Resolved	BUG REPORT	TheDJ	T296562 Support thumbnailing AV1-encoded webm files
Resolved	BUG REPORT	• brooke	T244570 Fix missing thumbnail for MPEG (.mpg) videos
Resolved		None	T216892 Santali font shown as square boxes in thumbnail version of a specific SVG file
Resolved		hnowlan	T216815 Upgrade Thumbor to Buster
Invalid		None	T212941 Investigate systemd hardening to replace Firejail for Thumbor
Resolved		fgiunchedi	T212946 Stream Thumbor logs to logstash
Resolved		• Gilles	T187765 Replace the Nginx fronting Thumbor with Haproxy
Resolved		jijiki	T221562 Build Thumbor packages for buster
			· · ·

AntiCompositeNumber added a parent task: T106516: Greyscale pngs without gAMA chunk rendered with incorrect contrast [or setting the gamma in GIMP exports to PNG].May 21 2020, 1:25 AM

AntiCompositeNumber added a parent task: T192309: Thumbnails for specific TIFF pages have small rendering errors, ugly edges, glow missing.May 21 2020, 5:30 AM

AntiCompositeNumber added a parent task: T188885: Thumbnail missing for PDF file (when in PDF/A format?).May 29 2020, 7:51 PM

Is there still work that needs to be done to prepare for this, or is it just waiting for someone to get around to handling the necessary configuration changes, testing, and deployment?

It's waiting for someone to do it. @jijiki when she gets back from leave, possibly?

jijiki moved this task from Incoming 🐫 to 🔦Unused2 on the serviceops board.Aug 17 2020, 11:48 PM

Aklapper mentioned this in T125710: systemLanguage process issues in SVG.php.Aug 25 2020, 6:34 PM

jijiki moved this task from Radar 📻 to Thumbor on the User-jijiki board.Sep 8 2020, 10:23 AM

AntiCompositeNumber mentioned this in T263003: Lack of some fonts leads to Unicode characters embedded in SVG files on Commons to be shown as boxes in PNG thumbnails.Sep 16 2020, 7:21 PM

AntiCompositeNumber mentioned this in T40010: RFC: Re-evaluate librsvg as SVG renderer on Wikimedia wikis.Nov 26 2020, 1:35 AM

RLazarus mentioned this in T270209: Image fails to load with CORS violation.Dec 18 2020, 9:33 PM

JoKalliauer awarded a token.Apr 24 2021, 5:40 PM

AntiCompositeNumber added a parent task: T281027: Unicode-Character 🤣 not rendered in SVG.Apr 26 2021, 6:49 PM

AntiCompositeNumber mentioned this in T281027: Unicode-Character 🤣 not rendered in SVG.

Glrx subscribed.Apr 27 2021, 5:51 PM

JoKalliauer mentioned this in T283083: [Session] RFC: Re-evaluate librsvg as SVG renderer on Wikimedia wikis .May 22 2021, 4:35 PM

• 4nn1l2 subscribed.May 24 2021, 2:53 AM

ReaperDawn subscribed.May 26 2021, 4:31 AM

RobH mentioned this in T273914: (Need By: TBD) rack/setup/install thumbor100[56].Jun 22 2021, 6:04 PM

• dpifke subscribed.Jun 23 2021, 11:34 PM

JoKalliauer updated the task description. (Show Details)Jun 30 2021, 3:24 PM

JoKalliauer mentioned this in T35245: SVG files: text (and tspan) elements misplaced when rasterizing to PNG thumbnails/previews (multi-valued x/y, dx/dy attributes).Jun 30 2021, 6:54 PM

According to https://www.mediawiki.org/w/index.php?title=Topic:Wbuk08w1anifjyak#flow-post-wbunuhciop2u1yl8 and https://wikitech.wikimedia.org/wiki/Operating_system_upgrade_policy#Policy_proposal Thumbor is currently on Debian Stretch (currently oldstable)
I recommend to rename the description from

After successfully upgrading Thumbor to stretch, we can proceed with the upgrade to Debian buster.

to

Upgrade Thumbor from Debian stretch to Debian buster, accoding to Operating system upgrade policy#Policy proposal.

AntiCompositeNumber mentioned this in T290345: Create thumbnail for animated WebP files.Sep 3 2021, 7:13 PM

AntiCompositeNumber added a parent task: T290345: Create thumbnail for animated WebP files.

Jdforrester-WMF mentioned this in T210704: Migrate node-based services in production to node10.Sep 10 2021, 5:02 PM

Legoktm mentioned this in T294148: Replace deployment-imagescaler03 (stretch) with deployment-imagescaler04 (buster).Oct 26 2021, 10:47 PM

AntiCompositeNumber mentioned this in T294484: <Code Stewardship Review> Thumbor.Oct 28 2021, 3:53 AM

Husky subscribed.Oct 30 2021, 1:07 PM

AntiCompositeNumber added a parent task: T296562: Support thumbnailing AV1-encoded webm files.Dec 1 2021, 1:13 AM

AntiCompositeNumber mentioned this in T296562: Support thumbnailing AV1-encoded webm files.

Stretch was supposed to be phased out by June 2021 per https://wikitech.wikimedia.org/wiki/Operating_system_upgrade_policy, and will be EOL in less than 6 months (June 30, 2022) per https://wiki.debian.org/LTS. Is any work being done on this?

In T216815#7610660, @Ahecht wrote:

Is any work being done on this?

At the moment, no. Thumbor currently has no maintainer, see T294484.

Xeriphas1994 subscribed.Feb 8 2022, 8:22 PM

JoKalliauer updated the task description. (Show Details)Feb 23 2022, 5:29 PM

JoKalliauer added a subscriber: greg.

hnowlan subscribed.Mar 11 2022, 5:37 PM

• WDoranWMF renamed this task from Upgrade Thumbor to Buster to Upgrade Thumbor to Bullseye.Mar 15 2022, 6:12 PM

• WDoranWMF added a parent task: T294484: <Code Stewardship Review> Thumbor.

• WDoranWMF updated the task description. (Show Details)

• WDoranWMF removed a parent task: T294484: <Code Stewardship Review> Thumbor.

Aklapper mentioned this in T302419: Images on the front page need special handling to make sure they can render..Mar 22 2022, 2:18 PM

Krinkle updated the task description. (Show Details)Aug 11 2022, 8:28 PM

Note that unlike most other packages, there is an especially sensitive dependency on the behaviour of librsvg which is the component of Thumbor responsible for converting SVGs to PNGs.

I don't have a succint summary, but there's a lot of backstory worth reading up on in these three tasks:

@jijiki wrote at T193352#4990600

Update: After looking into it, it looks like backporting ≥2.42.3 in Debian stretch brings a long list of dependencies. This task is blocked until we upgrade Thumbor to Buster

In T40010#6650224, @AntiCompositeNumber wrote:

Backporting software because it is not available for the current OS version is one thing. Intentionally running old software when new, stable version are available in the repos is another, and it goes against good practice.

We'll get a new version of librsvg sooner rather than later, whenever T216815: Upgrade Thumbor to Buster gets done (probably before mid-2021).

[…]

In T265549#8145732, @Glrx wrote:

[…] it is no longer just a matter of installing the latest librsvg. The latest version will choke if hyphenated langtags (e.g., sr-latn, zh-hant, ku-arab) are passed to librsvg via the $LANG environment variable.

In T265549#8147272, @Glrx wrote:

I do not know PHP or Python, but here are the changes needed to wiki configuration, SVGHandler.php, and Thumbor's svg.py.

https://commons.wikimedia.org/wiki/User:Glrx#MediaWiki_upgrades

They are breaking changes. They need the Rust version of librsvg/rsvg-convert. If used with the old version of librsvg, I expect the new command line arg would cause an exception.

MediaWiki could be made compatible by having rsvg and rsvglang entries and testing for a "$lang" substring in the conversion string.

Thumbor is hardwired, so making it compatible with both versions would be more complicated. However, it would be good to allow Thumbor to use both rsvg-convert or resvg.

TheDJ mentioned this in T167420: Thumbnails for specific PDF file rendered half of their proper width on File: page (thumbnail file itself is correct).Aug 17 2022, 1:06 PM

jijiki closed subtask T212941: Investigate systemd hardening to replace Firejail for Thumbor as Invalid.Oct 3 2022, 11:30 AM

jijiki moved this task from 🔦Unused2 to 🛎 Services & Oids on the serviceops board.Oct 3 2022, 1:35 PM

Aklapper mentioned this in T319377: SVG <use> element with href attribute not displayed.Oct 5 2022, 4:22 PM

TheDJ added a subtask: T244570: Fix missing thumbnail for MPEG (.mpg) videos.Oct 13 2022, 10:19 AM

TheDJ removed a subtask: T244570: Fix missing thumbnail for MPEG (.mpg) videos.

TheDJ added a parent task: T244570: Fix missing thumbnail for MPEG (.mpg) videos.

Vgutierrez mentioned this in T278641: Migrate deployment-prep away from Debian Stretch to Buster/Bullseye.Nov 8 2022, 6:15 AM

Huh, is anyone tasked with this? This is one of the few cases that's keeping Stretch alive in cloud-vps and prod.

In T216815#8472047, @Andrew wrote:

Huh, is anyone tasked with this? This is one of the few cases that's keeping Stretch alive in cloud-vps and prod.

See Thumbor Migration. Work is continuing in T233196, last I heard there was a mostly-working version in staging.

VirginiaPoundstone added a project: Thumbor Migration.Jan 4 2023, 9:15 PM

In T216815#8472047, @Andrew wrote:

Huh, is anyone tasked with this? This is one of the few cases that's keeping Stretch alive in cloud-vps and prod.

@Andrew I'm the new product manager working on Thumbor Migration. This seems critical, but I don't have enough context (Thumbor has been full of surprises). From this December news, it looks like Stretch was deprecated from cloud-vps. Please point me to docs/tasks/tools that describe how Stretch and Thumbor work together. Thank you, in advance!

@hnowlan for awareness.

@VirginiaPoundstone, as far as I'm aware, it's not so much that Thumbor is dependent on features of Debian 9 (Stretch) and is incompatible with Debian 10 (Buster) or 11 (Bullseye), it's that currently running on Stretch requires us to use obsolete and buggy versions of other libraries such as librsvg. lt's mostly a matter of setting up and configuring Thumbor on a Bullseye instance, although there are some modifications that would be needed to support the latest versions of librsvg, as documented at T265549.

@Ahecht: If supporting the latest version of librsvg is difficult, some Users prefer (i) resvg (faster and less regressions than updating librsvg) or (ii) Inkscape (slower but better know by the community), as documented at T40010.

Inkscape offers AppImages, which run portable on any Debian-Version without any dependencies, so you could run multiple Inkscape-version in parallel, so up- and downgrading Debian and/or Inkscape would be much easier, that it is currently.

resvg only exists in bullseye https://packages.debian.org/search?suite=all&searchon=names&keywords=resvg and even long-term support has ended for stretch in summer of 2022, so it's just EOL. Afaict keeping this on stretch is not really an option.

@Dzahn: Thanks and packing resvg from https://github.com/RazrFalcon/resvg/ might be out of scope?

JoKalliauer mentioned this in T282864: update https://apt-browser.toolforge.org/stretch-wikimedia/component/thumbor/ .Jan 20 2023, 3:54 PM

hnowlan renamed this task from Upgrade Thumbor to Bullseye to Upgrade Thumbor to Buster.Jan 20 2023, 5:08 PM

hnowlan updated the task description. (Show Details)

Volker_E mentioned this in T179154: Have a way to export and update Wikimedia Design System (Codex, OOUI) icons on Commons.Feb 20 2023, 10:33 AM

Scap updates on Thumbor hosts are currently failing since Scap requires Python 3.7. I would like to disable any Scap deployments until this ticket is completed (or alternatively Python3 is updated on the hosts)

So far the only Scap deployment I've found that seems related to Thumbor is this: https://gerrit.wikimedia.org/r/plugins/gitiles/operations/puppet/+/refs/heads/production/modules/threedtopng/manifests/deploy.pp#14

Can you confirm that's the right config or whether there are other deployments I've missed? Or point me to someone who would know?

Hi @hnowlan and @MoritzMuehlenhoff I've tentatively created a patch to try to address the problem with Scap updates and added you as reviewers: https://gerrit.wikimedia.org/r/c/operations/puppet/+/894542

Apologies if you were the wrong persons to assign to this, I'm still trying to find someone who knows about the thumbor deployments.

@jnuche, once we figure out T328033 and thus are able to complete T233196, thumbor will have nothing to do with scap. It's probably not worth solving this one only to ditch that work a few weeks down the line.

@akosiaris thanks for the feedback.

Just to clarify, we can work around the issue currently, but it makes the frequent Scap self-update process more error-prone. If the patch I created (or a small variation of it) fixes the issue, I think it's worth merging it.

In T216815#8672370, @jnuche wrote:

@akosiaris thanks for the feedback.

Just to clarify, we can work around the issue currently, but it makes the frequent Scap self-update process more error-prone. If the patch I created (or a small variation of it) fixes the issue, I think it's worth merging it.

Patch was merged, but putting it in writing too, disabling scap for thumbor and 3dtopng is fine.

hnowlan closed this task as Resolved.May 17 2023, 3:47 PM

hnowlan claimed this task.

Jdforrester-WMF updated the task description. (Show Details)May 17 2023, 3:50 PM

hnowlan updated the task description. (Show Details)May 17 2023, 3:52 PM

Izno removed a subtask: T216892: Santali font shown as square boxes in thumbnail version of a specific SVG file.Aug 8 2023, 11:05 PM

Izno added a parent task: T216892: Santali font shown as square boxes in thumbnail version of a specific SVG file.