gbrodman
34103ec815
Convert gsutil to gcloud storage ( #2670 )
...
Use of gsutil is discouraged / deprecated, see https://cloud.google.com/storage/docs/gsutil
2025-02-07 21:01:19 +00:00
Lai Jiang
a63812160e
Upgrade to Gradle 8.12.1 ( #2671 )
2025-02-07 15:23:02 +00:00
gbrodman
9aaf7ee36a
Allow for no fee extension with free premium domains ( #2660 )
...
This isn't a situation we'll encounter often, but if the client has an
allocation token that's valid for premium domains that gives a 0 cost,
we shouldn't require them to include the fee extension when creating the
domain. We already don't require it for standard domains.
2025-02-06 20:40:24 +00:00
gbrodman
96a864dbd6
Add pg_stat_statements extension to allowed diffs ( #2662 )
...
This is similar to pgaudit in that it doesn't need to exist in the
golden file.
2025-02-06 20:39:59 +00:00
Lai Jiang
8a36fb5f1f
Update Cloud Scheduler and Cloud Tasks deployment process ( #2666 )
2025-02-06 18:53:50 +00:00
Pavlo Tkach
6c138420b0
Fix console nested routes a11y ( #2669 )
2025-02-05 20:45:21 +00:00
Lai Jiang
08570511f5
Update GCB scripts ( #2661 )
2025-02-04 19:27:44 +00:00
Pavlo Tkach
e62d970d34
Update console endpoints documentation ( #2665 )
2025-02-04 17:43:30 +00:00
Lai Jiang
067927b735
Fix GCB failures ( #2664 )
...
We start seeing failures such as this one:
https://pantheon.corp.google.com/cloud-build/builds;region=global/843b9bd7-9c09-4221-ae4c-6e2dd2918f04?inv=1&invt=Aborfg&project=domain-registry-alpha
It looks like the inclusion of gcompute-module which itself is a git
repo caused the problem. I don't understand why it wasn't an issue before.
My guess is that GCB started using a newer version of git which is more
strict about this.
TESTED=Tested the GCB build pipeline on alpha.
2025-02-04 17:12:43 +00:00
Pavlo Tkach
4ec2919ce3
Update console dependencies ( #2659 )
2025-01-31 21:40:37 +00:00
gbrodman
19422075fa
Remove nested transactions from domain (un)locking ( #2658 )
2025-01-31 16:47:44 +00:00
Pavlo Tkach
40b6984ffb
Improve console screen reader interaction ( #2656 )
2025-01-31 16:46:25 +00:00
Lai Jiang
6952e0f653
Fix a typo ( #2657 )
2025-01-31 02:44:28 +00:00
Lai Jiang
dcb55d27bb
Upload gateway related manifests to GCS ( #2655 )
2025-01-30 16:12:31 +00:00
Pavlo Tkach
765bd9834a
Add more accessible names to the console ( #2652 )
2025-01-29 20:19:00 +00:00
Lai Jiang
221088e738
Upload k8s manifests to GCS ( #2654 )
2025-01-29 17:07:10 +00:00
gbrodman
6649e00df7
Allow for particular flows to log all SQL statements executed ( #2653 )
...
We use this now for the DomainDeleteFlow in an attempt to figure out
what statements it's running (cross-referencing that with PSQL's own
statement logging to find slow statements).
2025-01-29 16:00:19 +00:00
gbrodman
2ceb52a7c4
Handle SPECIFIED renewal price w/token in check flow ( #2651 )
...
This is kinda nonsensical because this use case is trying to apply a
single use token multiple times in the same domain:check request --
like, trying to use a single-use token for both create, renew, and
transfer while having a $0 create price and a premium renewal price.
This change doesn't affect any actual business / costs, since SPECIFIED
token renewal prices were already set on the BillingRecurrence
2025-01-28 18:31:29 +00:00
Lai Jiang
120bcc33be
Update cloud build configs to build nomulus images ( #2650 )
...
Also do appropriate text replacements for each environment.
2025-01-28 16:03:26 +00:00
Pavlo Tkach
8987fd37c2
Improve console accessibility ( #2649 )
2025-01-26 00:47:53 +00:00
gbrodman
653e092ad4
Add TLD identifier to premium terms filename and header ( #2644 )
...
https://b.corp.google.com/issues/390053672
This makes it easier to identify what file you're looking at, at a
glance
2025-01-24 19:54:35 +00:00
gbrodman
5e97a8b412
Refactor console domain actions to exist in separate files ( #2638 )
...
This means that we're not storing everything in one file, otherwise it
quickly becomes unwieldy
2025-01-23 16:46:53 +00:00
Weimin Yu
229fcf3946
UrlConnectionException loses error info ( #2648 )
...
It does not get the error message for 400+ status codes.
It fails to get the status code if the response has neither data nor
error.
2025-01-23 16:27:03 +00:00
Lai Jiang
b775e4a178
Pull credentials from fleet for all clusters ( #2647 )
...
All clusters have switched to using private APIs.
2025-01-22 16:58:56 +00:00
Pavlo Tkach
e3c386a8a7
Add console bulk delete ( #2641 )
...
* Add bulk actions to console
* Add console bulk delete
* Add console bulk delete
2025-01-22 15:54:59 +00:00
Lai Jiang
799f0449ad
Only pull credential from the fleet on crash ( #2645 )
...
Only crash has the policy controller installed for now.
2025-01-21 18:40:52 +00:00
Lai Jiang
bf025445d5
Record http request parameters in log metadata ( #2642 )
...
This allows us to search for logs for a given path using a filter like
this:
jsonPayload.httpRequest.requestUrl="/_dr/blah"
TESTED=tested on crash
2025-01-16 17:27:53 +00:00
Lai Jiang
9f22f2e8ae
Pull nomulus cluster credentials from the fleet ( #2643 )
...
After private endpoint is enabled, we cannot pull the credentials
directly via `gcloud containers cluster get-credentials`.
2025-01-16 15:06:02 +00:00
gbrodman
45c8b81823
Map token renewal behavior directly onto BillingRecurrence ( #2635 )
...
Instead of using a separate RenewalPriceInfo object, just map the
behavior (if it exists) onto the BillingRecurrence with a special
carve-out, as always, for anchor tenants (note: this shouldn't matter
much since anchor tenants *should* use NONPREMIUM renewal tokens anyway,
but just in case, double-check).
This also fixes DomainPricingLogic to treat a multiyear create as a
one-year-create + n-minus-1-year-renewal for cases where either the
creation or the renewal (or both) are nonpremium.
2025-01-15 19:55:34 +00:00
Weimin Yu
4cfcc60655
Clean up keyring bindings ( #2640 )
...
Remove the config file's `keyring` section and the binding in java code.
2025-01-14 22:06:05 +00:00
Lai Jiang
e4ee63b8f3
Make Cloud Tasks Utils canary-aware ( #2639 )
2025-01-14 17:39:51 +00:00
Weimin Yu
f8407c74bc
Make SecretManagerkeyring the only allowed keyring ( #2636 )
...
Remove the support for custom keyrings. There is no pressing use case,
and can be error-prone.
2025-01-13 19:32:24 +00:00
gbrodman
693467a165
Remove duplicate transaction in updateAllocTokens ( #2637 )
2025-01-13 19:12:06 +00:00
Lai Jiang
cea3da01a0
Expose Web WHOIS redirects ( #2634 )
...
We are required to respond to HTTP(S) requests on port 80/443 on the
same domain where we serve port 43 WHOIS requests. The proxy already
does this by redirecting to the web WHOIS lookup page on the marketing
website.
This PR makes it so that requests to port 80/443 can be routed to the
proxy for redirect.
TESTED=tested on crash and the redirect works.
2025-01-10 17:25:16 +00:00
Weimin Yu
c2030e5859
Fix keyring in BEAM pipeline ( #2632 )
...
SecretManager based keyring not included in keyring bindings, resulting
in runtime failure.
We should simply keyring bindings. There is no use case for multiple
implementations. See b/388835696.
2025-01-09 20:01:32 +00:00
Lai Jiang
1cbbc660d2
Explicity specify deployment order for queues and scheduler tasks ( #2631 )
...
If we deploy Nomulus, we should do that before queues and the scheduler
tasks are updated.
2025-01-08 21:11:24 +00:00
Lai Jiang
e0bbff827e
Upgrade to Gradle 8.12 ( #2630 )
2025-01-08 18:43:10 +00:00
Weimin Yu
10925f2447
Enable nested transaction warning in production ( #2628 )
...
Knonw nested transact calls found in sandbox have been refactored away.
Enable logging in production to catch any missing cases. Logging is
throttled at 1 message per minute per VM.
2025-01-03 20:52:25 +00:00
Lai Jiang
7641b05f12
Expose EPP and WHOIS endpoints on reginal load balancers ( #2627 )
...
k8s does not have a way to expose a global load balancer with TCP
endpoints, and setting up node port-based routing is a chore, even with
Terraform (which is what we did with the standalone proxy).
We will use Cloud DNS's geolocation routing policy to ensure that
clients connect to the endpoint closest to them.
2024-12-26 15:25:02 +00:00
Weimin Yu
d130e74004
Use sql instance name in SecretManager ( #2625 )
2024-12-18 18:39:23 +00:00
Lai Jiang
c9c61e4f17
Write GKE metrics with the apprioate labels ( #2626 )
...
Also makes preperations to expose the sidecar proxy.
2024-12-18 16:15:54 +00:00
Lai Jiang
da8df1f4d9
Make GKE the default in alpha and qa ( #2624 )
2024-12-17 17:40:03 +00:00
Pavlo Tkach
f649d960c1
Add user email prefix to the console user create ( #2623 )
2024-12-13 19:47:21 +00:00
Weimin Yu
e5ebc5a2bb
Save Cloud SQL connection names in Keyring ( #2622 )
...
This eliminates the need to make a new release after database disaster
recovery.
2024-12-13 16:18:15 +00:00
Lai Jiang
f9d2839590
Add necessary changes to provision QA with Terraform ( #2618 )
...
Also programmatically determine backend service IDs.
2024-12-12 18:39:18 +00:00
gbrodman
c6a6bc7e25
Drop FKs referencing DomainHistory ( #2621 )
...
- We never delete rows from DomainHistory (and even if we do in the
future, they'll be old / the references won't matter)
- This is likely creating lock contention when lots of requests come
through at once for domains with many DomainHistory entries
2024-12-10 18:46:48 +00:00
gbrodman
fce126d426
Update Flyway versions to 11.x+ ( #2620 )
...
There are some breaking method changes in the 10.x.y versions and we're encountering exceptions when trying to run the flywayMigrate task thanks to those.
2024-12-10 03:02:02 +00:00
gbrodman
8e41278717
Include GP statuses in RDAP results ( #2606 )
...
We do this for WHOIS results so we should do it for RDAP results as well
(especially since they're mostly already included in the response
profile).
2024-12-09 19:55:16 +00:00
Lai Jiang
cb3738d540
Upgrade to Gradle 8.11.1 ( #2619 )
2024-12-09 18:29:57 +00:00
Pavlo Tkach
71afc25110
Fix console new user screen layout ( #2617 )
2024-12-05 18:17:52 +00:00
