Add cache for deletion times of existing domains (#2840)

This should help in instances of popular domains dropping, since we
won't need to do an additional two database loads every time (assuming
the deletion time is in the future).

.gitignore

@@ -18,6 +18,13 @@ gjf.out
 # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
 hs_err_pid*
 
+# Environment-specific configuration files
+core/src/main/java/google/registry/config/files/nomulus-config-alpha.yaml
+core/src/main/java/google/registry/config/files/nomulus-config-crash.yaml
+core/src/main/java/google/registry/config/files/nomulus-config-production.yaml
+core/src/main/java/google/registry/config/files/nomulus-config-qa.yaml
+core/src/main/java/google/registry/config/files/nomulus-config-sandbox.yaml
+
 ######################################################################
 # Eclipse Ignores
 

core/src/main/java/google/registry/batch/BatchModule.java

@@ -29,9 +29,11 @@ import static google.registry.request.RequestParameters.extractRequiredParameter
 import static google.registry.request.RequestParameters.extractSetOfDatetimeParameters;
 
 import com.google.common.collect.ImmutableSet;
+import com.google.common.util.concurrent.RateLimiter;
 import dagger.Module;
 import dagger.Provides;
 import google.registry.request.Parameter;
+import jakarta.inject.Named;
 import jakarta.servlet.http.HttpServletRequest;
 import java.util.Optional;
 import org.joda.time.DateTime;
@@ -137,4 +139,18 @@ public class BatchModule {
   static boolean provideIsFast(HttpServletRequest req) {
     return extractBooleanParameter(req, PARAM_FAST);
   }
+
+  private static final int DEFAULT_MAX_QPS = 10;
+
+  @Provides
+  @Parameter("maxQps")
+  static int provideMaxQps(HttpServletRequest req) {
+    return extractOptionalIntParameter(req, "maxQps").orElse(DEFAULT_MAX_QPS);
+  }
+
+  @Provides
+  @Named("removeAllDomainContacts")
+  static RateLimiter provideRemoveAllDomainContactsRateLimiter(@Parameter("maxQps") int maxQps) {
+    return RateLimiter.create(maxQps);
+  }
 }

core/src/main/java/google/registry/batch/RemoveAllDomainContactsAction.java

@@ -30,6 +30,7 @@ import com.google.common.base.Ascii;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.flogger.FluentLogger;
+import com.google.common.util.concurrent.RateLimiter;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.flows.EppController;
 import google.registry.flows.EppRequestSource;
@@ -48,6 +49,7 @@ import google.registry.request.Response;
 import google.registry.request.auth.Auth;
 import google.registry.request.lock.LockHandler;
 import jakarta.inject.Inject;
+import jakarta.inject.Named;
 import java.util.List;
 import java.util.concurrent.Callable;
 import java.util.logging.Level;
@@ -79,6 +81,7 @@ public class RemoveAllDomainContactsAction implements Runnable {
   private final EppController eppController;
   private final String registryAdminClientId;
   private final LockHandler lockHandler;
+  private final RateLimiter rateLimiter;
   private final Response response;
   private final String updateDomainXml;
   private int successes = 0;
@@ -91,10 +94,12 @@ public class RemoveAllDomainContactsAction implements Runnable {
       EppController eppController,
       @Config("registryAdminClientId") String registryAdminClientId,
       LockHandler lockHandler,
+      @Named("removeAllDomainContacts") RateLimiter rateLimiter,
       Response response) {
     this.eppController = eppController;
     this.registryAdminClientId = registryAdminClientId;
     this.lockHandler = lockHandler;
+    this.rateLimiter = rateLimiter;
     this.response = response;
     this.updateDomainXml =
         readResourceUtf8(RemoveAllDomainContactsAction.class, "domain_remove_contacts.xml");
@@ -146,7 +151,10 @@ public class RemoveAllDomainContactsAction implements Runnable {
                           .setMaxResults(BATCH_SIZE)
                           .getResultList());
 
-      domainRepoIdsBatch.forEach(this::runDomainUpdateFlow);
+      for (String domainRepoId : domainRepoIdsBatch) {
+        rateLimiter.acquire();
+        runDomainUpdateFlow(domainRepoId);
+      }
     } while (!domainRepoIdsBatch.isEmpty());
     String msg =
         String.format(
@@ -159,12 +167,18 @@ public class RemoveAllDomainContactsAction implements Runnable {
   private void runDomainUpdateFlow(String repoId) {
     // Create a new transaction that the flow's execution will be enlisted in that loads the domain
     // transactionally. This way we can ensure that nothing else has modified the domain in question
-    // in the intervening period since the query above found it.
-    boolean success = tm().transact(() -> runDomainUpdateFlowInner(repoId));
-    if (success) {
-      successes++;
-    } else {
-      failures++;
+    // in the intervening period since the query above found it. If a single domain update fails
+    // permanently, log it and move on to not block processing all the other domains.
+    try {
+      boolean success = tm().transact(() -> runDomainUpdateFlowInner(repoId));
+      if (success) {
+        successes++;
+      } else {
+        failures++;
+      }
+    } catch (Throwable t) {
+      logger.atWarning().withCause(t).log(
+          "Failed updating domain with repoId %s; skipping.", repoId);
     }
   }
 

core/src/main/java/google/registry/config/files/README.md

@@ -0,0 +1,13 @@
+# Nomulus Environment Configuration
+
+The configuration files for the different Nomulus environments are not included in this repository. To configure and run a specific environment, you will need to create the corresponding YAML configuration file in this directory.
+
+The following is a list of the environment configuration files that you may need to create:
+
+*   `nomulus-config-alpha.yaml`
+*   `nomulus-config-crash.yaml`
+*   `nomulus-config-qa.yaml`
+*   `nomulus-config-sandbox.yaml`
+*   `nomulus-config-production.yaml`
+
+Please create the relevant file for the environment you intend to use and populate it with the necessary configuration details.

core/src/main/java/google/registry/config/files/nomulus-config-alpha.yaml

@@ -1 +0,0 @@
-# Add environment-specific configuration here.

core/src/main/java/google/registry/config/files/nomulus-config-crash.yaml

@@ -1 +0,0 @@
-# Add environment-specific configuration here.

core/src/main/java/google/registry/config/files/nomulus-config-production.yaml

@@ -1 +0,0 @@
-# Add environment-specific configuration here.

core/src/main/java/google/registry/config/files/nomulus-config-qa.yaml

@@ -1 +0,0 @@
-# Add environment-specific configuration here.

core/src/main/java/google/registry/config/files/nomulus-config-sandbox.yaml

@@ -1 +0,0 @@
-# Add environment-specific configuration here.

core/src/main/java/google/registry/flows/domain/DomainCreateFlow.java

@@ -18,7 +18,6 @@ import static com.google.common.collect.ImmutableSet.toImmutableSet;
 import static google.registry.dns.DnsUtils.requestDomainDnsRefresh;
 import static google.registry.flows.FlowUtils.persistEntityChanges;
 import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
-import static google.registry.flows.ResourceFlowUtils.verifyResourceDoesNotExist;
 import static google.registry.flows.domain.DomainFlowUtils.COLLISION_MESSAGE;
 import static google.registry.flows.domain.DomainFlowUtils.checkAllowedAccessToTld;
 import static google.registry.flows.domain.DomainFlowUtils.checkHasBillingAccount;
@@ -224,6 +223,7 @@ public final class DomainCreateFlow implements MutatingFlow {
   @Inject DomainCreateFlowCustomLogic flowCustomLogic;
   @Inject DomainFlowTmchUtils tmchUtils;
   @Inject DomainPricingLogic pricingLogic;
+  @Inject DomainDeletionTimeCache domainDeletionTimeCache;
 
   @Inject DomainCreateFlow() {}
 
@@ -239,13 +239,13 @@ public final class DomainCreateFlow implements MutatingFlow {
     validateRegistrarIsLoggedIn(registrarId);
     verifyRegistrarIsActive(registrarId);
     extensionManager.validate();
+    verifyDomainDoesNotExist();
     DateTime now = tm().getTransactionTime();
     DomainCommand.Create command = cloneAndLinkReferences((Create) resourceCommand, now);
     Period period = command.getPeriod();
     verifyUnitIsYears(period);
     int years = period.getValue();
     validateRegistrationPeriod(years);
-    verifyResourceDoesNotExist(Domain.class, targetId, now, registrarId);
     // Validate that this is actually a legal domain name on a TLD that the registrar has access to.
     InternetDomainName domainName = validateDomainName(command.getDomainName());
     String domainLabel = domainName.parts().getFirst();
@@ -649,6 +649,15 @@ public final class DomainCreateFlow implements MutatingFlow {
         .build();
   }
 
+  private void verifyDomainDoesNotExist() throws ResourceCreateContentionException {
+    Optional<DateTime> previousDeletionTime =
+        domainDeletionTimeCache.getDeletionTimeForDomain(targetId);
+    if (previousDeletionTime.isPresent()
+        && !tm().getTransactionTime().isAfter(previousDeletionTime.get())) {
+      throw new ResourceCreateContentionException(targetId);
+    }
+  }
+
   private static BillingEvent createEapBillingEvent(
       FeesAndCredits feesAndCredits, BillingEvent createBillingEvent) {
     return new BillingEvent.Builder()

core/src/main/java/google/registry/flows/domain/DomainDeletionTimeCache.java

@@ -0,0 +1,122 @@
+// Copyright 2025 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.flows.domain;
+
+import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
+
+import com.github.benmanes.caffeine.cache.CacheLoader;
+import com.github.benmanes.caffeine.cache.Caffeine;
+import com.github.benmanes.caffeine.cache.Expiry;
+import com.github.benmanes.caffeine.cache.LoadingCache;
+import com.google.common.collect.ImmutableSet;
+import google.registry.model.ForeignKeyUtils;
+import google.registry.model.domain.Domain;
+import java.util.Optional;
+import org.joda.time.DateTime;
+
+/**
+ * Functionally-static loading cache that keeps track of deletion (AKA drop) times for domains.
+ *
+ * <p>Some domain names may have many create requests issued shortly before (and directly after) the
+ * name is released due to a previous registrant deleting it. In those cases, caching the deletion
+ * time of the existing domain allows us to short-circuit the request and avoid any load on the
+ * database checking the existing domain (at least, in cases where the request hits a particular
+ * node more than once).
+ *
+ * <p>The cache is fairly short-lived (as we're concerned about many requests at basically the same
+ * time), and entries also expire when the drop actually happens. If the domain is re-created after
+ * a drop, the next load attempt will populate the cache with a deletion time of END_OF_TIME, which
+ * will be read from the cache by subsequent attempts.
+ *
+ * <p>We take advantage of the fact that Caffeine caches don't store nulls returned from the
+ * CacheLoader, so a null result (meaning the domain doesn't exist) won't affect future calls (this
+ * avoids a stale-cache situation where the cache "thinks" the domain doesn't exist, but it does).
+ * Put another way, if a domain really doesn't exist, we'll re-attempt the database load every time.
+ *
+ * <p>We don't explicitly set the cache inside domain create/delete flows, in case the transaction
+ * fails at commit time. It's better to have stale data, or to require an additional database load,
+ * than to have incorrect data.
+ *
+ * <p>Note: this should be injected as a singleton -- it's essentially static, but we have it as a
+ * non-static object for concurrent testing purposes.
+ */
+public class DomainDeletionTimeCache {
+
+  // Max expiry time is ten minutes
+  private static final int MAX_EXPIRY_MILLIS = 10 * 60 * 1000;
+  private static final int MAX_ENTRIES = 500;
+  private static final int NANOS_IN_ONE_MILLISECOND = 100000;
+
+  /**
+   * Expire after the max duration, or after the domain is set to drop (whichever comes first).
+   *
+   * <p>If the domain has already been deleted (the deletion time is <= now), the entry will
+   * immediately be expired/removed.
+   *
+   * <p>NB: the Expiry class requires the return value in <b>nanoseconds</b>, not milliseconds
+   */
+  private static final Expiry<String, DateTime> EXPIRY_POLICY =
+      new Expiry<>() {
+        @Override
+        public long expireAfterCreate(String key, DateTime value, long currentTime) {
+          long millisUntilDeletion = value.getMillis() - tm().getTransactionTime().getMillis();
+          return NANOS_IN_ONE_MILLISECOND
+              * Math.max(0L, Math.min(MAX_EXPIRY_MILLIS, millisUntilDeletion));
+        }
+
+        /** Reset the time entirely on update, as if we were creating the entry anew. */
+        @Override
+        public long expireAfterUpdate(
+            String key, DateTime value, long currentTime, long currentDuration) {
+          return expireAfterCreate(key, value, currentTime);
+        }
+
+        /** Reads do not change the expiry duration. */
+        @Override
+        public long expireAfterRead(
+            String key, DateTime value, long currentTime, long currentDuration) {
+          return currentDuration;
+        }
+      };
+
+  /** Attempt to load the domain's deletion time if the domain exists. */
+  private static final CacheLoader<String, DateTime> CACHE_LOADER =
+      (domainName) -> {
+        ForeignKeyUtils.MostRecentResource mostRecentResource =
+            ForeignKeyUtils.loadMostRecentResources(
+                    Domain.class, ImmutableSet.of(domainName), false)
+                .get(domainName);
+        return mostRecentResource == null ? null : mostRecentResource.deletionTime();
+      };
+
+  public static DomainDeletionTimeCache create() {
+    return new DomainDeletionTimeCache(
+        Caffeine.newBuilder()
+            .expireAfter(EXPIRY_POLICY)
+            .maximumSize(MAX_ENTRIES)
+            .build(CACHE_LOADER));
+  }
+
+  private final LoadingCache<String, DateTime> cache;
+
+  private DomainDeletionTimeCache(LoadingCache<String, DateTime> cache) {
+    this.cache = cache;
+  }
+
+  /** Returns the domain's deletion time, or null if it doesn't currently exist. */
+  public Optional<DateTime> getDeletionTimeForDomain(String domainName) {
+    return Optional.ofNullable(cache.get(domainName));
+  }
+}

core/src/main/java/google/registry/flows/domain/DomainDeletionTimeCacheModule.java

@@ -0,0 +1,30 @@
+// Copyright 2025 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.flows.domain;
+
+import dagger.Module;
+import dagger.Provides;
+import jakarta.inject.Singleton;
+
+/** Dagger module to provide the {@link DomainDeletionTimeCache}. */
+@Module
+public class DomainDeletionTimeCacheModule {
+
+  @Provides
+  @Singleton
+  public static DomainDeletionTimeCache provideDomainDeletionTimeCache() {
+    return DomainDeletionTimeCache.create();
+  }
+}

core/src/main/java/google/registry/model/ForeignKeyUtils.java

@@ -86,7 +86,7 @@ public final class ForeignKeyUtils {
    */
   public static <E extends EppResource> ImmutableMap<String, VKey<E>> load(
       Class<E> clazz, Collection<String> foreignKeys, final DateTime now) {
-    return load(clazz, foreignKeys, false).entrySet().stream()
+    return loadMostRecentResources(clazz, foreignKeys, false).entrySet().stream()
         .filter(e -> now.isBefore(e.getValue().deletionTime()))
         .collect(toImmutableMap(Entry::getKey, e -> VKey.create(clazz, e.getValue().repoId())));
   }
@@ -104,8 +104,9 @@ public final class ForeignKeyUtils {
    * same max {@code deleteTime}, usually {@code END_OF_TIME}, lest this method throws an error due
    * to duplicate keys.
    */
-  private static <E extends EppResource> ImmutableMap<String, MostRecentResource> load(
-      Class<E> clazz, Collection<String> foreignKeys, boolean useReplicaTm) {
+  public static <E extends EppResource>
+      ImmutableMap<String, MostRecentResource> loadMostRecentResources(
+          Class<E> clazz, Collection<String> foreignKeys, boolean useReplicaTm) {
     String fkProperty = RESOURCE_TYPE_TO_FK_PROPERTY.get(clazz);
     JpaTransactionManager tmToUse = useReplicaTm ? replicaTm() : tm();
     return tmToUse.reTransact(
@@ -148,7 +149,7 @@ public final class ForeignKeyUtils {
               ImmutableList<String> foreignKeys =
                   keys.stream().map(key -> (String) key.getKey()).collect(toImmutableList());
               ImmutableMap<String, MostRecentResource> existingKeys =
-                  ForeignKeyUtils.load(clazz, foreignKeys, true);
+                  ForeignKeyUtils.loadMostRecentResources(clazz, foreignKeys, true);
               // The above map only contains keys that exist in the database, so we re-add the
               // missing ones with Optional.empty() values for caching.
               return Maps.asMap(
@@ -234,7 +235,7 @@ public final class ForeignKeyUtils {
                 e -> VKey.create(clazz, e.getValue().get().repoId())));
   }
 
-  record MostRecentResource(String repoId, DateTime deletionTime) {
+  public record MostRecentResource(String repoId, DateTime deletionTime) {
 
     static MostRecentResource create(String repoId, DateTime deletionTime) {
       return new MostRecentResource(repoId, deletionTime);

core/src/main/java/google/registry/model/tmch/ClaimsListDao.java

@@ -15,7 +15,6 @@
 package google.registry.model.tmch;
 
 import static google.registry.config.RegistryConfig.getClaimsListCacheDuration;
-import static google.registry.persistence.transaction.QueryComposer.Comparator.EQ;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.util.DateTimeUtils.START_OF_TIME;
 
@@ -79,14 +78,11 @@ public class ClaimsListDao {
    */
   private static ClaimsList getUncached() {
     return tm().reTransact(
-            () -> {
-              Long revisionId =
-                  tm().query("SELECT MAX(revisionId) FROM ClaimsList", Long.class)
-                      .getSingleResult();
-              return tm().createQueryComposer(ClaimsList.class)
-                  .where("revisionId", EQ, revisionId)
-                  .first();
-            })
+            () ->
+                tm().query("FROM ClaimsList ORDER BY revisionId DESC", ClaimsList.class)
+                    .setMaxResults(1)
+                    .getResultStream()
+                    .findFirst())
         .orElse(ClaimsList.create(START_OF_TIME, ImmutableMap.of()));
   }
 

core/src/main/java/google/registry/module/RegistryComponent.java

@@ -30,6 +30,7 @@ import google.registry.export.DriveModule;
 import google.registry.export.sheet.SheetsServiceModule;
 import google.registry.flows.ServerTridProviderModule;
 import google.registry.flows.custom.CustomLogicFactoryModule;
+import google.registry.flows.domain.DomainDeletionTimeCacheModule;
 import google.registry.groups.DirectoryModule;
 import google.registry.groups.GmailModule;
 import google.registry.groups.GroupsModule;
@@ -66,6 +67,7 @@ import jakarta.inject.Singleton;
       CredentialModule.class,
       CustomLogicFactoryModule.class,
       DirectoryModule.class,
+      DomainDeletionTimeCacheModule.class,
       DriveModule.class,
       GmailModule.class,
       GroupsModule.class,

core/src/main/java/google/registry/module/backend/BackendComponent.java

@@ -26,6 +26,7 @@ import google.registry.export.DriveModule;
 import google.registry.export.sheet.SheetsServiceModule;
 import google.registry.flows.ServerTridProviderModule;
 import google.registry.flows.custom.CustomLogicFactoryModule;
+import google.registry.flows.domain.DomainDeletionTimeCacheModule;
 import google.registry.groups.DirectoryModule;
 import google.registry.groups.GmailModule;
 import google.registry.groups.GroupsModule;
@@ -56,6 +57,7 @@ import jakarta.inject.Singleton;
       CloudTasksUtilsModule.class,
       CredentialModule.class,
       CustomLogicFactoryModule.class,
+      DomainDeletionTimeCacheModule.class,
       DirectoryModule.class,
       DriveModule.class,
       GmailModule.class,

core/src/main/java/google/registry/module/frontend/FrontendComponent.java

@@ -22,6 +22,7 @@ import google.registry.config.CredentialModule;
 import google.registry.config.RegistryConfig.ConfigModule;
 import google.registry.flows.ServerTridProviderModule;
 import google.registry.flows.custom.CustomLogicFactoryModule;
+import google.registry.flows.domain.DomainDeletionTimeCacheModule;
 import google.registry.groups.DirectoryModule;
 import google.registry.groups.GmailModule;
 import google.registry.groups.GroupsModule;
@@ -50,6 +51,7 @@ import jakarta.inject.Singleton;
       CustomLogicFactoryModule.class,
       CloudTasksUtilsModule.class,
       DirectoryModule.class,
+      DomainDeletionTimeCacheModule.class,
       FrontendRequestComponentModule.class,
       GmailModule.class,
       GroupsModule.class,

core/src/main/java/google/registry/module/tools/ToolsComponent.java

@@ -23,6 +23,7 @@ import google.registry.config.RegistryConfig.ConfigModule;
 import google.registry.export.DriveModule;
 import google.registry.flows.ServerTridProviderModule;
 import google.registry.flows.custom.CustomLogicFactoryModule;
+import google.registry.flows.domain.DomainDeletionTimeCacheModule;
 import google.registry.groups.DirectoryModule;
 import google.registry.groups.GroupsModule;
 import google.registry.groups.GroupssettingsModule;
@@ -47,6 +48,7 @@ import jakarta.inject.Singleton;
       CustomLogicFactoryModule.class,
       CloudTasksUtilsModule.class,
       DirectoryModule.class,
+      DomainDeletionTimeCacheModule.class,
       DriveModule.class,
       GroupsModule.class,
       GroupssettingsModule.class,

core/src/main/java/google/registry/tools/CreateCdnsTld.java

@@ -47,6 +47,11 @@ final class CreateCdnsTld extends ConfirmingCommand {
   )
   String name;
 
+  @Parameter(
+      names = "--skip_sandbox_tld_check",
+      description = "In Sandbox, skip the dns_name format check.")
+  boolean skipSandboxTldCheck;
+
   @Inject
   @Config("projectId")
   String projectId;
@@ -61,10 +66,15 @@ final class CreateCdnsTld extends ConfirmingCommand {
   protected void init() {
     // Sandbox talks to production Cloud DNS.  As a result, we can't configure any domains with a
     // suffix that might be used by customers on the same nameserver set.  Limit the user to setting
-    // up *.test TLDs.
-    if (RegistryToolEnvironment.get() == RegistryToolEnvironment.SANDBOX
-        && !dnsName.endsWith(".test.")) {
-      throw new IllegalArgumentException("Sandbox TLDs must be of the form \"*.test.\"");
+    // up *.test TLDs unless the user declares that the name is approved.
+    //
+    // The name format check simply provides a user-friendly error message. If the user wrongly
+    // declares name approval, the request to the Cloud DNS API will still fail.
+    if (RegistryToolEnvironment.get() == RegistryToolEnvironment.SANDBOX) {
+      if (!skipSandboxTldCheck && !dnsName.endsWith(".test.")) {
+        throw new IllegalArgumentException(
+            "Sandbox TLDs must be approved or in the form \"*.test.\"");
+      }
     }
 
     managedZone =

core/src/main/java/google/registry/tools/GenerateAllocationTokensCommand.java

@@ -15,6 +15,7 @@
 package google.registry.tools;
 
 import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.collect.ImmutableList.toImmutableList;
 import static com.google.common.collect.ImmutableSet.toImmutableSet;
 import static com.google.common.collect.Sets.difference;
 import static google.registry.model.billing.BillingBase.RenewalPriceBehavior.DEFAULT;
@@ -46,6 +47,9 @@ import google.registry.model.domain.token.AllocationToken;
 import google.registry.model.domain.token.AllocationToken.RegistrationBehavior;
 import google.registry.model.domain.token.AllocationToken.TokenStatus;
 import google.registry.model.domain.token.AllocationToken.TokenType;
+import google.registry.model.registrar.Registrar;
+import google.registry.model.tld.Tld;
+import google.registry.model.tld.Tlds;
 import google.registry.persistence.VKey;
 import google.registry.tools.params.MoneyParameter;
 import google.registry.tools.params.TransitionListParameter.TokenStatusTransitions;
@@ -291,10 +295,12 @@ class GenerateAllocationTokensCommand implements Command {
         !ImmutableList.of("").equals(allowedClientIds),
         "Either omit --allowed_client_ids if all registrars are allowed, or include a"
             + " comma-separated list");
+    verifyAllRegistrarIdsExist(allowedClientIds);
 
     checkArgument(
         !ImmutableList.of("").equals(allowedTlds),
         "Either omit --allowed_tlds if all TLDs are allowed, or include a comma-separated list");
+    verifyAllTldsExist(allowedTlds);
 
     if (ImmutableList.of("").equals(allowedEppActions)) {
       allowedEppActions = ImmutableList.of();
@@ -326,6 +332,34 @@ class GenerateAllocationTokensCommand implements Command {
     }
   }
 
+  static void verifyAllRegistrarIdsExist(@Nullable List<String> allowedClientIds) {
+    // a null/empty list means that all registrars are allowed
+    if (isNullOrEmpty(allowedClientIds)) {
+      return;
+    }
+    ImmutableSet<String> allRegistrarIds =
+        Registrar.loadAllKeysCached().stream()
+            .map(VKey::getKey)
+            .map(Object::toString)
+            .collect(toImmutableSet());
+    ImmutableList<String> badRegistrarIds =
+        allowedClientIds.stream()
+            .filter(id -> !allRegistrarIds.contains(id))
+            .collect(toImmutableList());
+    checkArgument(badRegistrarIds.isEmpty(), "Unknown registrar ID(s) %s", badRegistrarIds);
+  }
+
+  static void verifyAllTldsExist(@Nullable List<String> allowedTlds) {
+    // a null/empty list means that all TLDs are allowed
+    if (isNullOrEmpty(allowedTlds)) {
+      return;
+    }
+    ImmutableSet<String> allTlds = Tlds.getTldsOfType(Tld.TldType.REAL);
+    ImmutableList<String> badTlds =
+        allowedTlds.stream().filter(tld -> !allTlds.contains(tld)).collect(toImmutableList());
+    checkArgument(badTlds.isEmpty(), "Unknown REAL TLD(s) %s", badTlds);
+  }
+
   private void verifyTokenStringsDoNotExist() {
     ImmutableSet<String> existingTokenStrings =
         getExistingTokenStrings(ImmutableSet.copyOf(tokenStrings));

core/src/main/java/google/registry/tools/UpdateAllocationTokensCommand.java

@@ -157,6 +157,9 @@ final class UpdateAllocationTokensCommand extends UpdateOrDeleteAllocationTokens
       endToken = true;
     }
 
+    GenerateAllocationTokensCommand.verifyAllRegistrarIdsExist(allowedClientIds);
+    GenerateAllocationTokensCommand.verifyAllTldsExist(allowedTlds);
+
     tokensToSave =
         tm().transact(
                 () ->

core/src/test/java/google/registry/batch/RemoveAllDomainContactsActionTest.java

@@ -23,9 +23,11 @@ import static google.registry.testing.DatabaseHelper.newDomain;
 import static google.registry.testing.DatabaseHelper.persistActiveContact;
 import static google.registry.testing.DatabaseHelper.persistResource;
 import static google.registry.util.DateTimeUtils.START_OF_TIME;
+import static org.mockito.Mockito.mock;
 
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.ImmutableSortedMap;
+import com.google.common.util.concurrent.RateLimiter;
 import google.registry.flows.DaggerEppTestComponent;
 import google.registry.flows.EppController;
 import google.registry.flows.EppTestComponent.FakesAndMocksModule;
@@ -51,6 +53,7 @@ class RemoveAllDomainContactsActionTest {
       new JpaTestExtensions.Builder().buildIntegrationTestExtension();
 
   private final FakeResponse response = new FakeResponse();
+  private final RateLimiter rateLimiter = mock(RateLimiter.class);
   private RemoveAllDomainContactsAction action;
 
   @BeforeEach
@@ -69,7 +72,7 @@ class RemoveAllDomainContactsActionTest {
             .eppController();
     action =
         new RemoveAllDomainContactsAction(
-            eppController, "NewRegistrar", new FakeLockHandler(true), response);
+            eppController, "NewRegistrar", new FakeLockHandler(true), rateLimiter, response);
   }
 
   @Test

core/src/test/java/google/registry/flows/EppTestComponent.java

@@ -25,6 +25,7 @@ import google.registry.config.RegistryConfig.ConfigModule;
 import google.registry.config.RegistryConfig.ConfigModule.TmchCaMode;
 import google.registry.flows.custom.CustomLogicFactory;
 import google.registry.flows.custom.TestCustomLogicFactory;
+import google.registry.flows.domain.DomainDeletionTimeCache;
 import google.registry.flows.domain.DomainFlowTmchUtils;
 import google.registry.monitoring.whitebox.EppMetric;
 import google.registry.request.RequestScope;
@@ -126,6 +127,11 @@ public interface EppTestComponent {
     ServerTridProvider provideServerTridProvider() {
       return new FakeServerTridProvider();
     }
+
+    @Provides
+    DomainDeletionTimeCache provideDomainDeletionTimeCache() {
+      return DomainDeletionTimeCache.create();
+    }
   }
 
   class FakeServerTridProvider implements ServerTridProvider {

core/src/test/java/google/registry/flows/domain/DomainCreateFlowTest.java

@@ -149,7 +149,6 @@ import google.registry.flows.domain.token.AllocationTokenFlowUtils.AlreadyRedeem
 import google.registry.flows.domain.token.AllocationTokenFlowUtils.NonexistentAllocationTokenException;
 import google.registry.flows.exceptions.ContactsProhibitedException;
 import google.registry.flows.exceptions.OnlyToolCanPassMetadataException;
-import google.registry.flows.exceptions.ResourceAlreadyExistsForThisClientException;
 import google.registry.flows.exceptions.ResourceCreateContentionException;
 import google.registry.model.billing.BillingBase;
 import google.registry.model.billing.BillingBase.Flag;
@@ -1238,8 +1237,8 @@ class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow, Domain
   void testFailure_alreadyExists() throws Exception {
     persistContactsAndHosts();
     persistActiveDomain(getUniqueIdFromCommand());
-    ResourceAlreadyExistsForThisClientException thrown =
-        assertThrows(ResourceAlreadyExistsForThisClientException.class, this::runFlow);
+    ResourceCreateContentionException thrown =
+        assertThrows(ResourceCreateContentionException.class, this::runFlow);
     assertAboutEppExceptions()
         .that(thrown)
         .marshalsToXml()

core/src/test/java/google/registry/flows/domain/DomainDeletionTimeCacheTest.java

@@ -0,0 +1,85 @@
+// Copyright 2025 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.flows.domain;
+
+import static com.google.common.truth.Truth.assertThat;
+import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
+import static google.registry.testing.DatabaseHelper.persistActiveDomain;
+import static google.registry.testing.DatabaseHelper.persistDomainAsDeleted;
+import static google.registry.util.DateTimeUtils.END_OF_TIME;
+
+import google.registry.model.domain.Domain;
+import google.registry.persistence.transaction.JpaTestExtensions;
+import google.registry.testing.DatabaseHelper;
+import google.registry.testing.FakeClock;
+import java.util.Optional;
+import org.joda.time.DateTime;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.RegisterExtension;
+
+/** Tests for {@link DomainDeletionTimeCache}. */
+public class DomainDeletionTimeCacheTest {
+
+  private final FakeClock clock = new FakeClock(DateTime.parse("2025-10-01T00:00:00.000Z"));
+  private final DomainDeletionTimeCache cache = DomainDeletionTimeCache.create();
+
+  @RegisterExtension
+  final JpaTestExtensions.JpaIntegrationTestExtension jpa =
+      new JpaTestExtensions.Builder().withClock(clock).buildIntegrationTestExtension();
+
+  @BeforeEach
+  void beforeEach() {
+    DatabaseHelper.createTld("tld");
+  }
+
+  @Test
+  void testDomainAvailable_null() {
+    assertThat(getDeletionTimeFromCache("nonexistent.tld")).isEmpty();
+  }
+
+  @Test
+  void testDomainNotAvailable_notDeleted() {
+    persistActiveDomain("active.tld");
+    assertThat(getDeletionTimeFromCache("active.tld")).hasValue(END_OF_TIME);
+  }
+
+  @Test
+  void testDomainAvailable_deletedInFuture() {
+    persistDomainAsDeleted(persistActiveDomain("domain.tld"), clock.nowUtc().plusDays(1));
+    assertThat(getDeletionTimeFromCache("domain.tld")).hasValue(clock.nowUtc().plusDays(1));
+  }
+
+  @Test
+  void testCache_returnsOldData() {
+    Domain domain = persistActiveDomain("domain.tld");
+    assertThat(getDeletionTimeFromCache("domain.tld")).hasValue(END_OF_TIME);
+    persistDomainAsDeleted(domain, clock.nowUtc().plusDays(1));
+    // Without intervention, the cache should have the old data
+    assertThat(getDeletionTimeFromCache("domain.tld")).hasValue(END_OF_TIME);
+  }
+
+  @Test
+  void testCache_returnsNewDataAfterDomainCreate() {
+    // Null deletion dates (meaning an avilable domain) shouldn't be cached
+    assertThat(getDeletionTimeFromCache("domain.tld")).isEmpty();
+    persistDomainAsDeleted(persistActiveDomain("domain.tld"), clock.nowUtc().plusDays(1));
+    assertThat(getDeletionTimeFromCache("domain.tld")).hasValue(clock.nowUtc().plusDays(1));
+  }
+
+  private Optional<DateTime> getDeletionTimeFromCache(String domainName) {
+    return tm().transact(() -> cache.getDeletionTimeForDomain(domainName));
+  }
+}

core/src/test/java/google/registry/module/frontend/FrontendTestComponent.java

@@ -20,6 +20,7 @@ import google.registry.config.CredentialModule;
 import google.registry.config.RegistryConfig;
 import google.registry.flows.ServerTridProviderModule;
 import google.registry.flows.custom.CustomLogicFactoryModule;
+import google.registry.flows.domain.DomainDeletionTimeCacheModule;
 import google.registry.groups.GmailModule;
 import google.registry.groups.GroupsModule;
 import google.registry.groups.GroupssettingsModule;
@@ -43,6 +44,7 @@ import jakarta.inject.Singleton;
       CredentialModule.class,
       CustomLogicFactoryModule.class,
       CloudTasksUtilsModule.class,
+      DomainDeletionTimeCacheModule.class,
       FrontendRequestComponent.FrontendRequestComponentModule.class,
       GmailModule.class,
       GroupsModule.class,

core/src/test/java/google/registry/tools/CreateCdnsTldTest.java

@@ -76,11 +76,37 @@ class CreateCdnsTldTest extends CommandTestCase<CreateCdnsTld> {
 
   @Test
   @MockitoSettings(strictness = Strictness.LENIENT)
-  void testSandboxTldRestrictions() {
+  void testSandboxTldRestrictions_Disallowed() {
     IllegalArgumentException thrown =
         assertThrows(
             IllegalArgumentException.class,
-            () -> runCommandInEnvironment(RegistryToolEnvironment.SANDBOX, "--dns_name=foobar."));
-    assertThat(thrown).hasMessageThat().contains("Sandbox TLDs must be of the form \"*.test.\"");
+            () ->
+                runCommandInEnvironment(
+                    RegistryToolEnvironment.SANDBOX,
+                    "--dns_name=foobar.",
+                    "--description=test run",
+                    "--force"));
+    assertThat(thrown)
+        .hasMessageThat()
+        .contains("Sandbox TLDs must be approved or in the form \"*.test.\"");
+  }
+
+  @Test
+  void testSandboxTldRestrictions_tldCheckSkipped() throws Exception {
+    runCommandInEnvironment(
+        RegistryToolEnvironment.SANDBOX,
+        "--dns_name=foobar.",
+        "--description=test run",
+        "--force",
+        "--skip_sandbox_tld_check");
+  }
+
+  @Test
+  void testSandboxTldRestrictions_testTld() throws Exception {
+    runCommandInEnvironment(
+        RegistryToolEnvironment.SANDBOX,
+        "--dns_name=abc.test.",
+        "--description=test run",
+        "--force");
   }
 }

core/src/test/java/google/registry/tools/GenerateAllocationTokensCommandTest.java

@@ -39,6 +39,7 @@ import google.registry.model.domain.fee.FeeQueryCommandExtensionItem.CommandName
 import google.registry.model.domain.token.AllocationToken;
 import google.registry.model.domain.token.AllocationToken.TokenStatus;
 import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
+import google.registry.testing.DatabaseHelper;
 import google.registry.testing.DeterministicStringGenerator;
 import google.registry.testing.DeterministicStringGenerator.Rule;
 import google.registry.util.StringGenerator.Alphabets;
@@ -56,6 +57,7 @@ class GenerateAllocationTokensCommandTest extends CommandTestCase<GenerateAlloca
 
   @BeforeEach
   void beforeEach() {
+    DatabaseHelper.createTlds("tld", "example");
     command.stringGenerator = new DeterministicStringGenerator(Alphabets.BASE_58);
   }
 
@@ -531,6 +533,26 @@ class GenerateAllocationTokensCommandTest extends CommandTestCase<GenerateAlloca
         .isEqualTo("For DEFAULT_PROMO tokens, must specify --token_status_transitions");
   }
 
+  @Test
+  void testFailure_badTld() {
+    assertThat(
+            assertThrows(
+                IllegalArgumentException.class,
+                () -> runCommand("--number", "10", "--allowed_tlds", "badtld")))
+        .hasMessageThat()
+        .isEqualTo("Unknown REAL TLD(s) [badtld]");
+  }
+
+  @Test
+  void testFailure_badRegistrar() {
+    assertThat(
+            assertThrows(
+                IllegalArgumentException.class,
+                () -> runCommand("--number", "10", "--allowed_client_ids", "badregistrar")))
+        .hasMessageThat()
+        .isEqualTo("Unknown registrar ID(s) [badregistrar]");
+  }
+
   private AllocationToken createToken(
       String token,
       @Nullable HistoryEntryId redemptionHistoryEntryId,

core/src/test/java/google/registry/tools/UpdateAllocationTokensCommandTest.java

@@ -40,14 +40,21 @@ import google.registry.model.domain.fee.FeeQueryCommandExtensionItem.CommandName
 import google.registry.model.domain.token.AllocationToken;
 import google.registry.model.domain.token.AllocationToken.RegistrationBehavior;
 import google.registry.model.domain.token.AllocationToken.TokenStatus;
+import google.registry.testing.DatabaseHelper;
 import org.joda.money.CurrencyUnit;
 import org.joda.money.Money;
 import org.joda.time.DateTime;
+import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 
 /** Unit tests for {@link UpdateAllocationTokensCommand}. */
 class UpdateAllocationTokensCommandTest extends CommandTestCase<UpdateAllocationTokensCommand> {
 
+  @BeforeEach
+  void beforeEach() {
+    DatabaseHelper.createTlds("tld", "example");
+  }
+
   @Test
   void testUpdateTlds_setTlds() throws Exception {
     AllocationToken token =
@@ -64,14 +71,24 @@ class UpdateAllocationTokensCommandTest extends CommandTestCase<UpdateAllocation
     assertThat(reloadResource(token).getAllowedTlds()).isEmpty();
   }
 
+  @Test
+  void testUpdateTlds_badTlds() {
+    persistResource(builderWithPromo().build());
+    assertThat(
+            assertThrows(
+                IllegalArgumentException.class, () -> runCommandForced("--allowed_tlds=badtld")))
+        .hasMessageThat()
+        .isEqualTo("Unknown REAL TLD(s) [badtld]");
+  }
+
   @Test
   void testUpdateClientIds_setClientIds() throws Exception {
     AllocationToken token =
         persistResource(
             builderWithPromo().setAllowedRegistrarIds(ImmutableSet.of("toRemove")).build());
-    runCommandForced("--prefix", "token", "--allowed_client_ids", "clientone,clienttwo");
+    runCommandForced("--prefix", "token", "--allowed_client_ids", "TheRegistrar,NewRegistrar");
     assertThat(reloadResource(token).getAllowedRegistrarIds())
-        .containsExactly("clientone", "clienttwo");
+        .containsExactly("TheRegistrar", "NewRegistrar");
   }
 
   @Test
@@ -83,6 +100,17 @@ class UpdateAllocationTokensCommandTest extends CommandTestCase<UpdateAllocation
     assertThat(reloadResource(token).getAllowedRegistrarIds()).isEmpty();
   }
 
+  @Test
+  void testUpdateClientIds_badClientId() {
+    persistResource(builderWithPromo().build());
+    assertThat(
+            assertThrows(
+                IllegalArgumentException.class,
+                () -> runCommandForced("--allowed_client_ids=badregistrar")))
+        .hasMessageThat()
+        .isEqualTo("Unknown registrar ID(s) [badregistrar]");
+  }
+
   @Test
   void testUpdateEppActions_setEppActions() throws Exception {
     AllocationToken token =

db/src/main/resources/sql/er_diagram/brief_er_diagram.html

@@ -261,11 +261,11 @@ td.section {
     </tr>
     <tr>
      <td class="property_name">generated on</td>
-     <td class="property_value">2025-09-05 16:11:29</td>
+     <td class="property_value">2025-09-29 21:19:42</td>
     </tr>
     <tr>
      <td class="property_name">last flyway file</td>
-     <td id="lastFlywayFile" class="property_value">V197__poc_rlock_drop_not_null.sql</td>
+     <td id="lastFlywayFile" class="property_value">V209__poll_message_hash.sql</td>
     </tr>
    </tbody>
   </table>
@@ -273,7 +273,7 @@ td.section {
   <p>&nbsp;</p>
   <svg viewBox="0.00 0.00 4903.00 3732.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" id="erDiagram" style="overflow: hidden; width: 100%; height: 800px">
    <g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 3728)">
-    <title>SchemaCrawler_Diagram</title> <polygon fill="white" stroke="transparent" points="-4,4 -4,-3728 4899,-3728 4899,4 -4,4" /> <text text-anchor="start" x="4655" y="-29.8" font-family="Helvetica,sans-Serif" font-size="14.00">generated by</text> <text text-anchor="start" x="4738" y="-29.8" font-family="Helvetica,sans-Serif" font-size="14.00">SchemaCrawler 16.27.1</text> <text text-anchor="start" x="4654" y="-10.8" font-family="Helvetica,sans-Serif" font-size="14.00">generated on</text> <text text-anchor="start" x="4738" y="-10.8" font-family="Helvetica,sans-Serif" font-size="14.00">2025-09-05 16:11:29</text> <polygon fill="none" stroke="#888888" points="4651,-4 4651,-44 4887,-44 4887,-4 4651,-4" /> <!-- allocationtoken_a08ccbef -->
+    <title>SchemaCrawler_Diagram</title> <polygon fill="white" stroke="transparent" points="-4,4 -4,-3728 4899,-3728 4899,4 -4,4" /> <text text-anchor="start" x="4655" y="-29.8" font-family="Helvetica,sans-Serif" font-size="14.00">generated by</text> <text text-anchor="start" x="4738" y="-29.8" font-family="Helvetica,sans-Serif" font-size="14.00">SchemaCrawler 16.27.1</text> <text text-anchor="start" x="4654" y="-10.8" font-family="Helvetica,sans-Serif" font-size="14.00">generated on</text> <text text-anchor="start" x="4738" y="-10.8" font-family="Helvetica,sans-Serif" font-size="14.00">2025-09-29 21:19:42</text> <polygon fill="none" stroke="#888888" points="4651,-4 4651,-44 4887,-44 4887,-4 4651,-4" /> <!-- allocationtoken_a08ccbef -->
     <g id="node1" class="node">
      <title>allocationtoken_a08ccbef</title> <polygon fill="#e9c2f2" stroke="transparent" points="481.5,-978 481.5,-997 667.5,-997 667.5,-978 481.5,-978" /> <text text-anchor="start" x="483.5" y="-984.8" font-family="Helvetica,sans-Serif" font-weight="bold" font-style="italic" font-size="14.00">public."AllocationToken"</text> <polygon fill="#e9c2f2" stroke="transparent" points="667.5,-978 667.5,-997 741.5,-997 741.5,-978 667.5,-978" /> <text text-anchor="start" x="702.5" y="-983.8" font-family="Helvetica,sans-Serif" font-size="14.00">[table]</text> <text text-anchor="start" x="483.5" y="-965.8" font-family="Helvetica,sans-Serif" font-weight="bold" font-style="italic" font-size="14.00">token</text> <text text-anchor="start" x="661.5" y="-964.8" font-family="Helvetica,sans-Serif" font-size="14.00"> </text> <text text-anchor="start" x="669.5" y="-964.8" font-family="Helvetica,sans-Serif" font-size="14.00">text not null</text> <text text-anchor="start" x="483.5" y="-945.8" font-family="Helvetica,sans-Serif" font-size="14.00">domain_name</text> <text text-anchor="start" x="661.5" y="-945.8" font-family="Helvetica,sans-Serif" font-size="14.00"> </text> <text text-anchor="start" x="669.5" y="-945.8" font-family="Helvetica,sans-Serif" font-size="14.00">text</text> <text text-anchor="start" x="483.5" y="-926.8" font-family="Helvetica,sans-Serif" font-size="14.00">redemption_domain_repo_id</text> <text text-anchor="start" x="661.5" y="-926.8" font-family="Helvetica,sans-Serif" font-size="14.00"> </text> <text text-anchor="start" x="669.5" y="-926.8" font-family="Helvetica,sans-Serif" font-size="14.00">text</text> <text text-anchor="start" x="483.5" y="-907.8" font-family="Helvetica,sans-Serif" font-size="14.00">token_type</text> <text text-anchor="start" x="661.5" y="-907.8" font-family="Helvetica,sans-Serif" font-size="14.00"> </text> <text text-anchor="start" x="669.5" y="-907.8" font-family="Helvetica,sans-Serif" font-size="14.00">text</text> <polygon fill="none" stroke="#888888" points="480.5,-901.5 480.5,-998.5 742.5,-998.5 742.5,-901.5 480.5,-901.5" />
     </g>

db/src/main/resources/sql/flyway.txt

@@ -195,3 +195,15 @@ V194__password_reset_request_registrar.sql
 V195__registrar_poc_id.sql
 V196__tld_expiry_access_period_enabled.sql
 V197__poc_rlock_drop_not_null.sql
+V198__billing_cancellation_hash.sql
+V199__billing_event_hash.sql
+V200__billing_recurrence_hash.sql
+V201__domain_hash.sql
+V202__delegation_signer_data_hash.sql
+V203__domain_history_hash.sql
+V204__domain_host_hash.sql
+V205__domain_transaction_record_hash.sql
+V206__grace_period_hash.sql
+V207__grace_period_history_hash.sql
+V208__host_hash.sql
+V209__poll_message_hash.sql

db/src/main/resources/sql/flyway/V198__billing_cancellation_hash.sql

@@ -0,0 +1,16 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS billingcancellation_billing_cancellation_id_hash ON "BillingCancellation" USING hash (billing_cancellation_id);

db/src/main/resources/sql/flyway/V199__billing_event_hash.sql

@@ -0,0 +1,16 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS billingevent_billing_event_id_hash ON "BillingEvent" USING hash (billing_event_id);

db/src/main/resources/sql/flyway/V200__billing_recurrence_hash.sql

@@ -0,0 +1,16 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS billingrecurrence_billing_recurrence_id_hash ON "BillingRecurrence" USING hash (billing_recurrence_id);

db/src/main/resources/sql/flyway/V201__domain_hash.sql

@@ -0,0 +1,17 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS domain_domain_name_hash ON "Domain" USING hash (domain_name);
+CREATE INDEX CONCURRENTLY IF NOT EXISTS domain_domain_repo_id_hash ON "Domain" USING hash (repo_id);

db/src/main/resources/sql/flyway/V202__delegation_signer_data_hash.sql

@@ -0,0 +1,16 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS delegationsignerdata_domain_repo_id_hash ON "DelegationSignerData" USING hash (domain_repo_id);

db/src/main/resources/sql/flyway/V203__domain_history_hash.sql

@@ -0,0 +1,17 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS domainhistory_domain_repo_id_hash ON "DomainHistory" USING hash (domain_repo_id);
+CREATE INDEX CONCURRENTLY IF NOT EXISTS domainhistory_history_revision_id_hash ON "DomainHistory" USING hash (history_revision_id);

db/src/main/resources/sql/flyway/V204__domain_host_hash.sql

@@ -0,0 +1,16 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS domainhost_domain_repo_id_hash ON "DomainHost" USING hash (domain_repo_id);

db/src/main/resources/sql/flyway/V205__domain_transaction_record_hash.sql

@@ -0,0 +1,17 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS domaintransactionrecord_id_hash ON "DomainTransactionRecord" USING hash (id);
+CREATE INDEX CONCURRENTLY IF NOT EXISTS domaintransactionrecord_domain_history_revision_id_hash ON "DomainTransactionRecord" USING hash (history_revision_id);

db/src/main/resources/sql/flyway/V206__grace_period_hash.sql

@@ -0,0 +1,17 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS graceperiod_grace_period_id_hash ON "GracePeriod" USING hash (grace_period_id);
+CREATE INDEX CONCURRENTLY IF NOT EXISTS graceperiod_domain_repo_id_hash ON "GracePeriod" USING hash (domain_repo_id);

db/src/main/resources/sql/flyway/V207__grace_period_history_hash.sql

@@ -0,0 +1,16 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS graceperiodhistory_grace_period_history_revision_id_hash ON "GracePeriodHistory" USING hash (grace_period_history_revision_id);

db/src/main/resources/sql/flyway/V208__host_hash.sql

@@ -0,0 +1,17 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS host_host_name_hash ON "Host" USING hash (host_name);
+CREATE INDEX CONCURRENTLY IF NOT EXISTS host_repo_id_hash ON "Host" USING hash (repo_id);

db/src/main/resources/sql/flyway/V209__poll_message_hash.sql

@@ -0,0 +1,16 @@
+-- Copyright 2025 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+-- Add hash indexes on columns that are commonly queried with a direct equals
+CREATE INDEX CONCURRENTLY IF NOT EXISTS pollmessage_poll_message_id_hash ON "PollMessage" USING hash (poll_message_id);

db/src/main/resources/sql/schema/nomulus.golden.sql

@@ -1924,6 +1924,48 @@ ALTER TABLE ONLY public."User"
 CREATE INDEX allocation_token_domain_name_idx ON public."AllocationToken" USING btree (domain_name);
 
 
+--
+-- Name: billingcancellation_billing_cancellation_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX billingcancellation_billing_cancellation_id_hash ON public."BillingCancellation" USING hash (billing_cancellation_id);
+
+
+--
+-- Name: billingevent_billing_event_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX billingevent_billing_event_id_hash ON public."BillingEvent" USING hash (billing_event_id);
+
+
+--
+-- Name: billingrecurrence_billing_recurrence_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX billingrecurrence_billing_recurrence_id_hash ON public."BillingRecurrence" USING hash (billing_recurrence_id);
+
+
+--
+-- Name: delegationsignerdata_domain_repo_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX delegationsignerdata_domain_repo_id_hash ON public."DelegationSignerData" USING hash (domain_repo_id);
+
+
+--
+-- Name: domain_domain_name_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX domain_domain_name_hash ON public."Domain" USING hash (domain_name);
+
+
+--
+-- Name: domain_domain_repo_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX domain_domain_repo_id_hash ON public."Domain" USING hash (repo_id);
+
+
 --
 -- Name: domain_history_to_ds_data_history_idx; Type: INDEX; Schema: public; Owner: -
 --
@@ -1938,6 +1980,76 @@ CREATE INDEX domain_history_to_ds_data_history_idx ON public."DomainDsDataHistor
 CREATE INDEX domain_history_to_transaction_record_idx ON public."DomainTransactionRecord" USING btree (domain_repo_id, history_revision_id);
 
 
+--
+-- Name: domainhistory_domain_repo_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX domainhistory_domain_repo_id_hash ON public."DomainHistory" USING hash (domain_repo_id);
+
+
+--
+-- Name: domainhistory_history_revision_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX domainhistory_history_revision_id_hash ON public."DomainHistory" USING hash (history_revision_id);
+
+
+--
+-- Name: domainhost_domain_repo_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX domainhost_domain_repo_id_hash ON public."DomainHost" USING hash (domain_repo_id);
+
+
+--
+-- Name: domaintransactionrecord_domain_history_revision_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX domaintransactionrecord_domain_history_revision_id_hash ON public."DomainTransactionRecord" USING hash (history_revision_id);
+
+
+--
+-- Name: domaintransactionrecord_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX domaintransactionrecord_id_hash ON public."DomainTransactionRecord" USING hash (id);
+
+
+--
+-- Name: graceperiod_domain_repo_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX graceperiod_domain_repo_id_hash ON public."GracePeriod" USING hash (domain_repo_id);
+
+
+--
+-- Name: graceperiod_grace_period_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX graceperiod_grace_period_id_hash ON public."GracePeriod" USING hash (grace_period_id);
+
+
+--
+-- Name: graceperiodhistory_grace_period_history_revision_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX graceperiodhistory_grace_period_history_revision_id_hash ON public."GracePeriodHistory" USING hash (grace_period_history_revision_id);
+
+
+--
+-- Name: host_host_name_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX host_host_name_hash ON public."Host" USING hash (host_name);
+
+
+--
+-- Name: host_repo_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX host_repo_id_hash ON public."Host" USING hash (repo_id);
+
+
 --
 -- Name: idx1dyqmqb61xbnj7mt7bk27ds25; Type: INDEX; Schema: public; Owner: -
 --
@@ -2617,6 +2729,13 @@ CREATE INDEX idxtmlqd31dpvvd2g1h9i7erw6aj ON public."AllocationToken" USING btre
 CREATE INDEX idxy98mebut8ix1v07fjxxdkqcx ON public."Host" USING btree (creation_time);
 
 
+--
+-- Name: pollmessage_poll_message_id_hash; Type: INDEX; Schema: public; Owner: -
+--
+
+CREATE INDEX pollmessage_poll_message_id_hash ON public."PollMessage" USING hash (poll_message_id);
+
+
 --
 -- Name: premiumlist_name_idx; Type: INDEX; Schema: public; Owner: -
 --

release/cloudbuild-release.yaml

@@ -42,6 +42,20 @@ steps:
     rm -rf .git && rm -rf nomulus-internal/.git
     cp -rf nomulus-internal/* .
     rm -rf nomulus-internal
+# Remove environment configs from .gitignore
+- name: 'gcr.io/cloud-builders/git'
+  entrypoint: /bin/bash
+  args:
+  - -c
+  - |
+    set -e
+    sed -i \
+        -e '\#core/src/main/java/google/registry/config/files/nomulus-config-alpha.yaml#d' \
+        -e '\#core/src/main/java/google/registry/config/files/nomulus-config-crash.yaml#d' \
+        -e '\#core/src/main/java/google/registry/config/files/nomulus-config-production.yaml#d' \
+        -e '\#core/src/main/java/google/registry/config/files/nomulus-config-qa.yaml#d' \
+        -e '\#core/src/main/java/google/registry/config/files/nomulus-config-sandbox.yaml#d' \
+        .gitignore
 # Build the builder image and pull the base images, them upload them to GCR.
 - name: 'gcr.io/cloud-builders/docker'
   entrypoint: /bin/bash