Pavlo Tkach
ea1e8d5cc5
Add console gzip compression to js,css and html files ( #2696 )
2025-02-27 22:52:10 +00:00
Lai Jiang
7fb846c5b0
Add headers to record WHOIS client IPs ( #2695 )
...
The headers can be used by Cloud Armor to perform IP-based rate
limiting.
2025-02-27 22:15:13 +00:00
Lai Jiang
5180095cb6
Reduce log level to info when no email is found from the OIDC token ( #2694 )
...
This can happen on public endpoints (in pubapi) where the service is
behind IAP but all users (including not-logged-in ones) are allowed. IAP
will add an OIDC token with no email field in the request header.
2025-02-26 22:17:45 +00:00
Lai Jiang
9fe64bf9ec
Make ignoreLinesStartingWith varargs ( #2691 )
...
It still is a list, because we String::startsWith does not benefit from
the target being in a set.
2025-02-26 17:12:24 +00:00
Lai Jiang
0f3b62d5ce
Change the sleep time between proxy rollout ( #2689 )
2025-02-26 04:48:52 +00:00
Ben McIlwain
bd4701647b
Refactor logic out of domain create flow tests ( #2688 )
...
This removes logic from an inner helper method so that it becomes more clear
from callsites within each test exactly which behavior is expected from those
test conditions.
2025-02-25 19:54:56 +00:00
Lai Jiang
fb816d7a2c
Make it possible to ignore comment lines when comparing schemas ( #2690 )
...
We now pin to postgreSQL v17 when running tests, which means that minor
version might increase without our intervention. This causes (at least)
the comment in the golden schema to change, and failing the test as a
result.
This PR adds the ability to strip lines that we deem as comment from the
comparison, so we don't have to do trivial upgrades to the gold schema
whenever there's minor version upgrade.
2025-02-25 16:58:26 +00:00
gbrodman
8fbf363195
Remove unused dummy PGP file ( #2687 )
...
This was previously used as a dummy value for testing / compilation but
it's not used any more.
2025-02-24 21:45:26 +00:00
Lai Jiang
397f800614
Connect to GKE by default from the tool ( #2686 )
2025-02-24 19:01:05 +00:00
Lai Jiang
bcf42bd287
Use static IPs for EPP endpoints ( #2685 )
...
These IPs are now provisioned by Terraform. Also delete the
get-endpoints.py script as it is no longer necessary.
2025-02-24 16:38:47 +00:00
Pavlo Tkach
ed95d19b93
Provide prompt for user deletion UI ( #2684 )
2025-02-21 20:30:03 +00:00
Lai Jiang
97fc2c0b66
Add an annotation to the deployment ( #2683 )
...
This allows us to easily tell which tag was deployed.
Also set the gateway to use named address so they are stable, and so
that we can attach an IPv6 record to it. Auto-provisioned addresses are
IPv4 only.
2025-02-21 16:30:32 +00:00
Weimin Yu
00728c40ba
Abort schema verifier when pg_dump fails ( #2681 )
...
Failed pg_dump may not leave a file, failing the subsequent diffing and
causing the verifier to return success.
The verifier should abort in this case.
2025-02-20 17:35:47 +00:00
Lai Jiang
3f2a42ab8d
Expose EPP via saidcar proxy ( #2680 )
2025-02-19 18:57:25 +00:00
Lai Jiang
b73e342820
Update PostgreSQL version in builder image and tests ( #2667 )
2025-02-18 17:34:41 +00:00
Lai Jiang
df7fec7a3e
Update RDAP TOS link ( #2678 )
2025-02-18 17:00:26 +00:00
Lai Jiang
6f7ae1eabc
Redirect HTTP to HTTPS ( #2679 )
...
This opens up port 80 on the load balancer IP and upgrades all HTTP
request to HTTPS.
TESTED=tested on alpha.
2025-02-18 16:57:18 +00:00
Lai Jiang
eb978ebbd5
Let nomulus tool connect to sandbox GKE by default ( #2674 )
2025-02-16 18:10:03 +00:00
Pavlo Tkach
95831bc8b7
Add suspend / unsuspend to the console ( #2675 )
2025-02-14 20:41:19 +00:00
Lai Jiang
538260521b
Update Nomulus deployment script ( #2677 )
...
We only deploy to the us-central1 cluster in order to minimize database
locality issue.
2025-02-14 17:31:18 +00:00
Pavlo Tkach
612708f0a8
Fix console user creation role param ( #2676 )
2025-02-14 13:51:06 +00:00
Lai Jiang
e78de98060
Read GKE logs in ICANN reports ( #2673 )
...
GKE logs are routed to a different dataset and the table is different.
The structs to look for are also different (jsonPayload vs textPayload
or protoPayload).
TESTED=Ran the resulting query in crash.
2025-02-12 20:41:44 +00:00
Lai Jiang
c918258fb1
Make a best effort attempt to support multiple CPU architectures ( #2672 )
...
I obtained access to an IBM s390x VM so I thought I'd see how multi-arch
Nomulus is.
Our main application is in Java so it is already multi-arch, but several
tests use docker images that are by default x64. Luckily postgres has an
s390x port, but selenium does not. So I had to disable Screenshot tests
when the arch is not amd64.
2025-02-07 22:19:42 +00:00
gbrodman
34103ec815
Convert gsutil to gcloud storage ( #2670 )
...
Use of gsutil is discouraged / deprecated, see https://cloud.google.com/storage/docs/gsutil
2025-02-07 21:01:19 +00:00
Lai Jiang
a63812160e
Upgrade to Gradle 8.12.1 ( #2671 )
2025-02-07 15:23:02 +00:00
gbrodman
9aaf7ee36a
Allow for no fee extension with free premium domains ( #2660 )
...
This isn't a situation we'll encounter often, but if the client has an
allocation token that's valid for premium domains that gives a 0 cost,
we shouldn't require them to include the fee extension when creating the
domain. We already don't require it for standard domains.
2025-02-06 20:40:24 +00:00
gbrodman
96a864dbd6
Add pg_stat_statements extension to allowed diffs ( #2662 )
...
This is similar to pgaudit in that it doesn't need to exist in the
golden file.
2025-02-06 20:39:59 +00:00
Lai Jiang
8a36fb5f1f
Update Cloud Scheduler and Cloud Tasks deployment process ( #2666 )
2025-02-06 18:53:50 +00:00
Pavlo Tkach
6c138420b0
Fix console nested routes a11y ( #2669 )
2025-02-05 20:45:21 +00:00
Lai Jiang
08570511f5
Update GCB scripts ( #2661 )
2025-02-04 19:27:44 +00:00
Pavlo Tkach
e62d970d34
Update console endpoints documentation ( #2665 )
2025-02-04 17:43:30 +00:00
Lai Jiang
067927b735
Fix GCB failures ( #2664 )
...
We start seeing failures such as this one:
https://pantheon.corp.google.com/cloud-build/builds;region=global/843b9bd7-9c09-4221-ae4c-6e2dd2918f04?inv=1&invt=Aborfg&project=domain-registry-alpha
It looks like the inclusion of gcompute-module which itself is a git
repo caused the problem. I don't understand why it wasn't an issue before.
My guess is that GCB started using a newer version of git which is more
strict about this.
TESTED=Tested the GCB build pipeline on alpha.
2025-02-04 17:12:43 +00:00
Pavlo Tkach
4ec2919ce3
Update console dependencies ( #2659 )
2025-01-31 21:40:37 +00:00
gbrodman
19422075fa
Remove nested transactions from domain (un)locking ( #2658 )
2025-01-31 16:47:44 +00:00
Pavlo Tkach
40b6984ffb
Improve console screen reader interaction ( #2656 )
2025-01-31 16:46:25 +00:00
Lai Jiang
6952e0f653
Fix a typo ( #2657 )
2025-01-31 02:44:28 +00:00
Lai Jiang
dcb55d27bb
Upload gateway related manifests to GCS ( #2655 )
2025-01-30 16:12:31 +00:00
Pavlo Tkach
765bd9834a
Add more accessible names to the console ( #2652 )
2025-01-29 20:19:00 +00:00
Lai Jiang
221088e738
Upload k8s manifests to GCS ( #2654 )
2025-01-29 17:07:10 +00:00
gbrodman
6649e00df7
Allow for particular flows to log all SQL statements executed ( #2653 )
...
We use this now for the DomainDeleteFlow in an attempt to figure out
what statements it's running (cross-referencing that with PSQL's own
statement logging to find slow statements).
2025-01-29 16:00:19 +00:00
gbrodman
2ceb52a7c4
Handle SPECIFIED renewal price w/token in check flow ( #2651 )
...
This is kinda nonsensical because this use case is trying to apply a
single use token multiple times in the same domain:check request --
like, trying to use a single-use token for both create, renew, and
transfer while having a $0 create price and a premium renewal price.
This change doesn't affect any actual business / costs, since SPECIFIED
token renewal prices were already set on the BillingRecurrence
2025-01-28 18:31:29 +00:00
Lai Jiang
120bcc33be
Update cloud build configs to build nomulus images ( #2650 )
...
Also do appropriate text replacements for each environment.
2025-01-28 16:03:26 +00:00
Pavlo Tkach
8987fd37c2
Improve console accessibility ( #2649 )
2025-01-26 00:47:53 +00:00
gbrodman
653e092ad4
Add TLD identifier to premium terms filename and header ( #2644 )
...
https://b.corp.google.com/issues/390053672
This makes it easier to identify what file you're looking at, at a
glance
2025-01-24 19:54:35 +00:00
gbrodman
5e97a8b412
Refactor console domain actions to exist in separate files ( #2638 )
...
This means that we're not storing everything in one file, otherwise it
quickly becomes unwieldy
2025-01-23 16:46:53 +00:00
Weimin Yu
229fcf3946
UrlConnectionException loses error info ( #2648 )
...
It does not get the error message for 400+ status codes.
It fails to get the status code if the response has neither data nor
error.
2025-01-23 16:27:03 +00:00
Lai Jiang
b775e4a178
Pull credentials from fleet for all clusters ( #2647 )
...
All clusters have switched to using private APIs.
2025-01-22 16:58:56 +00:00
Pavlo Tkach
e3c386a8a7
Add console bulk delete ( #2641 )
...
* Add bulk actions to console
* Add console bulk delete
* Add console bulk delete
2025-01-22 15:54:59 +00:00
Lai Jiang
799f0449ad
Only pull credential from the fleet on crash ( #2645 )
...
Only crash has the policy controller installed for now.
2025-01-21 18:40:52 +00:00
Lai Jiang
bf025445d5
Record http request parameters in log metadata ( #2642 )
...
This allows us to search for logs for a given path using a filter like
this:
jsonPayload.httpRequest.requestUrl="/_dr/blah"
TESTED=tested on crash
2025-01-16 17:27:53 +00:00
