Enable Fee-1.0 extension in prod (#2975)

This extension has been in Sandbox for more than a month.

core/src/main/java/google/registry/model/common/FeatureFlag.java

@@ -68,6 +68,10 @@ public class FeatureFlag extends ImmutableObject implements Buildable {
     /** Feature flag name used for testing only. */
     TEST_FEATURE(FeatureStatus.INACTIVE),
 
+    /** True if Fee Extension 1.0 (RFC 8748) is enabled in production. */
+    // TODO(b/159033801) Delete this flag after 1.0 is hardened in prod.
+    FEE_EXTENSION_1_DOT_0_IN_PROD(FeatureStatus.INACTIVE),
+
     /** If we're not requiring the presence of contact data on domain EPP commands. */
     MINIMUM_DATASET_CONTACTS_OPTIONAL(FeatureStatus.INACTIVE),
 

core/src/main/java/google/registry/model/eppcommon/ProtocolDefinition.java

@@ -16,11 +16,14 @@ package google.registry.model.eppcommon;
 
 import static com.google.common.collect.ImmutableSet.toImmutableSet;
 import static com.google.common.collect.Maps.uniqueIndex;
+import static google.registry.model.common.FeatureFlag.FeatureName.FEE_EXTENSION_1_DOT_0_IN_PROD;
+import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.VerifyException;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
+import google.registry.model.common.FeatureFlag;
 import google.registry.model.domain.fee06.FeeCheckCommandExtensionV06;
 import google.registry.model.domain.fee06.FeeCheckResponseExtensionV06;
 import google.registry.model.domain.fee11.FeeCheckCommandExtensionV11;
@@ -58,7 +61,7 @@ public class ProtocolDefinition {
   /** Enum representing which environments should have which service extensions enabled. */
   private enum ServiceExtensionVisibility {
     ALL,
-    ONLY_IN_NON_PRODUCTION,
+    FEE_1_DOT_0_EXTENSION_VISIBILITY,
     NONE
   }
 
@@ -82,7 +85,7 @@ public class ProtocolDefinition {
     FEE_1_00(
         FeeCheckCommandExtensionStdV1.class,
         FeeCheckResponseExtensionStdV1.class,
-        ServiceExtensionVisibility.ONLY_IN_NON_PRODUCTION),
+        ServiceExtensionVisibility.FEE_1_DOT_0_EXTENSION_VISIBILITY),
     METADATA_1_0(MetadataExtension.class, null, ServiceExtensionVisibility.NONE);
 
     private final Class<? extends CommandExtension> commandExtensionClass;
@@ -138,8 +141,9 @@ public class ProtocolDefinition {
     public boolean isVisible() {
       return switch (visibility) {
         case ALL -> true;
-        case ONLY_IN_NON_PRODUCTION ->
-            !RegistryEnvironment.get().equals(RegistryEnvironment.PRODUCTION);
+        case FEE_1_DOT_0_EXTENSION_VISIBILITY ->
+            !RegistryEnvironment.get().equals(RegistryEnvironment.PRODUCTION)
+                || tm().transact(() -> FeatureFlag.isActiveNow(FEE_EXTENSION_1_DOT_0_IN_PROD));
         case NONE -> false;
       };
     }

core/src/main/java/google/registry/tools/RegistryToolEnvironment.java

@@ -91,7 +91,7 @@ public enum RegistryToolEnvironment {
 
   /** Sets up execution environment. Call this method before any classes are loaded. */
   @VisibleForTesting
-  void setup(SystemPropertySetter systemPropertySetter) {
+  public void setup(SystemPropertySetter systemPropertySetter) {
     instance = this;
     actualEnvironment.setup(systemPropertySetter);
     for (Map.Entry<String, String> entry : extraProperties.entrySet()) {

core/src/test/java/google/registry/flows/domain/ProductionSimulatingFeeExtensionsTest.java

@@ -15,15 +15,21 @@
 package google.registry.flows.domain;
 
 import static com.google.common.truth.Truth.assertThat;
+import static google.registry.model.common.FeatureFlag.FeatureName.FEE_EXTENSION_1_DOT_0_IN_PROD;
+import static google.registry.tools.RegistryToolEnvironment.PRODUCTION;
+import static google.registry.util.DateTimeUtils.START_OF_TIME;
 
 import google.registry.model.eppcommon.ProtocolDefinition;
+import google.registry.tools.CommandTestCase;
+import google.registry.tools.ConfigureFeatureFlagCommand;
 import google.registry.util.RegistryEnvironment;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 
 /** Class for testing the XML extension definitions loaded in the prod environment. */
-public class ProductionSimulatingFeeExtensionsTest {
+public class ProductionSimulatingFeeExtensionsTest
+    extends CommandTestCase<ConfigureFeatureFlagCommand> {
 
   private RegistryEnvironment previousEnvironment;
 
@@ -59,7 +65,7 @@ public class ProductionSimulatingFeeExtensionsTest {
   }
 
   @Test
-  void testProdEnvironment() {
+  void testProdEnvironment_feeExtensionFeatureNotSet() {
     RegistryEnvironment.PRODUCTION.setup();
     ProtocolDefinition.reloadServiceExtensionUris();
     // prod shouldn't have the fee extension version 1.0
@@ -72,4 +78,47 @@ public class ProductionSimulatingFeeExtensionsTest {
             "urn:ietf:params:xml:ns:fee-0.11",
             "urn:ietf:params:xml:ns:fee-0.12");
   }
+
+  @Test
+  void testProdEnvironment_feeExtensionFeatureActiveInTheFuture() throws Exception {
+    runCommandInEnvironment(
+        PRODUCTION,
+        FEE_EXTENSION_1_DOT_0_IN_PROD.name(),
+        "--force",
+        "--status_map",
+        String.format("%s=INACTIVE,%s=ACTIVE", START_OF_TIME, fakeClock.nowUtc().plusMillis(1)));
+    RegistryEnvironment.PRODUCTION.setup();
+    ProtocolDefinition.reloadServiceExtensionUris();
+    // prod shouldn't have the fee extension version 1.0
+    assertThat(ProtocolDefinition.getVisibleServiceExtensionUris())
+        .containsExactly(
+            "urn:ietf:params:xml:ns:launch-1.0",
+            "urn:ietf:params:xml:ns:rgp-1.0",
+            "urn:ietf:params:xml:ns:secDNS-1.1",
+            "urn:ietf:params:xml:ns:fee-0.6",
+            "urn:ietf:params:xml:ns:fee-0.11",
+            "urn:ietf:params:xml:ns:fee-0.12");
+  }
+
+  @Test
+  void testProdEnvironment_feeExtensionFeatureActiveInThePast() throws Exception {
+    runCommandInEnvironment(
+        PRODUCTION,
+        FEE_EXTENSION_1_DOT_0_IN_PROD.name(),
+        "--force",
+        "--status_map",
+        String.format("%s=INACTIVE,%s=ACTIVE", START_OF_TIME, fakeClock.nowUtc().minusMillis(1)));
+    RegistryEnvironment.PRODUCTION.setup();
+    ProtocolDefinition.reloadServiceExtensionUris();
+    // prod should have the fee extension version 1.0
+    assertThat(ProtocolDefinition.getVisibleServiceExtensionUris())
+        .containsExactly(
+            "urn:ietf:params:xml:ns:launch-1.0",
+            "urn:ietf:params:xml:ns:rgp-1.0",
+            "urn:ietf:params:xml:ns:secDNS-1.1",
+            "urn:ietf:params:xml:ns:fee-0.6",
+            "urn:ietf:params:xml:ns:fee-0.11",
+            "urn:ietf:params:xml:ns:fee-0.12",
+            "urn:ietf:params:xml:ns:epp:fee-1.0");
+  }
 }

core/src/test/java/google/registry/tools/CommandTestCase.java

@@ -94,7 +94,8 @@ public abstract class CommandTestCase<C extends Command> {
     System.setErr(oldStderr);
   }
 
-  void runCommandInEnvironment(RegistryToolEnvironment env, String... args) throws Exception {
+  protected void runCommandInEnvironment(RegistryToolEnvironment env, String... args)
+      throws Exception {
     env.setup(systemPropertyExtension);
     try {
       JCommander jcommander = new JCommander(command);

db/src/main/resources/sql/flyway.txt

@@ -218,3 +218,5 @@ V217__drop_contact_fks_pollmessage.sql
 V218__tld_drop_allowedregistrantcontactids.sql
 V219__domain_history_package_token_idx.sql
 V220__domain_package_token_idx.sql
+V221__remove_contact_history.sql
+V222__remove_contact.sql

db/src/main/resources/sql/flyway/V221__remove_contact_history.sql

@@ -0,0 +1,15 @@
+-- Copyright 2026 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+DROP TABLE IF EXISTS "ContactHistory";

db/src/main/resources/sql/flyway/V222__remove_contact.sql

@@ -0,0 +1,15 @@
+-- Copyright 2026 The Nomulus Authors. All Rights Reserved.
+--
+-- Licensed under the Apache License, Version 2.0 (the "License");
+-- you may not use this file except in compliance with the License.
+-- You may obtain a copy of the License at
+--
+--     http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+
+DROP TABLE IF EXISTS "Contact";

db/src/main/resources/sql/schema/db-schema.sql.generated

@@ -333,7 +333,7 @@
     );
 
     create table "FeatureFlag" (
-        feature_name text not null check (feature_name in ('TEST_FEATURE','MINIMUM_DATASET_CONTACTS_OPTIONAL','MINIMUM_DATASET_CONTACTS_PROHIBITED','INCLUDE_PENDING_DELETE_DATE_FOR_DOMAINS','PROHIBIT_CONTACT_OBJECTS_ON_LOGIN')),
+        feature_name text not null check (feature_name in ('TEST_FEATURE','FEE_EXTENSION_1_DOT_0_IN_PROD','MINIMUM_DATASET_CONTACTS_OPTIONAL','MINIMUM_DATASET_CONTACTS_PROHIBITED','INCLUDE_PENDING_DELETE_DATE_FOR_DOMAINS','PROHIBIT_CONTACT_OBJECTS_ON_LOGIN')),
         status hstore not null,
         primary key (feature_name)
     );

db/src/main/resources/sql/schema/nomulus.golden.sql

@@ -287,150 +287,6 @@ CREATE TABLE public."ConsoleUpdateHistory" (
 );
 
 
---
--- Name: Contact; Type: TABLE; Schema: public; Owner: -
---
-
-CREATE TABLE public."Contact" (
-    repo_id text NOT NULL,
-    creation_registrar_id text NOT NULL,
-    creation_time timestamp with time zone NOT NULL,
-    current_sponsor_registrar_id text NOT NULL,
-    deletion_time timestamp with time zone,
-    last_epp_update_registrar_id text,
-    last_epp_update_time timestamp with time zone,
-    statuses text[],
-    auth_info_repo_id text,
-    auth_info_value text,
-    contact_id text,
-    disclose_types_addr text[],
-    disclose_show_email boolean,
-    disclose_show_fax boolean,
-    disclose_mode_flag boolean,
-    disclose_types_name text[],
-    disclose_types_org text[],
-    disclose_show_voice boolean,
-    email text,
-    fax_phone_extension text,
-    fax_phone_number text,
-    addr_i18n_city text,
-    addr_i18n_country_code text,
-    addr_i18n_state text,
-    addr_i18n_street_line1 text,
-    addr_i18n_street_line2 text,
-    addr_i18n_street_line3 text,
-    addr_i18n_zip text,
-    addr_i18n_name text,
-    addr_i18n_org text,
-    addr_i18n_type text,
-    last_transfer_time timestamp with time zone,
-    addr_local_city text,
-    addr_local_country_code text,
-    addr_local_state text,
-    addr_local_street_line1 text,
-    addr_local_street_line2 text,
-    addr_local_street_line3 text,
-    addr_local_zip text,
-    addr_local_name text,
-    addr_local_org text,
-    addr_local_type text,
-    search_name text,
-    voice_phone_extension text,
-    voice_phone_number text,
-    transfer_poll_message_id_1 bigint,
-    transfer_poll_message_id_2 bigint,
-    transfer_client_txn_id text,
-    transfer_server_txn_id text,
-    transfer_gaining_registrar_id text,
-    transfer_losing_registrar_id text,
-    transfer_pending_expiration_time timestamp with time zone,
-    transfer_request_time timestamp with time zone,
-    transfer_status text,
-    update_timestamp timestamp with time zone,
-    transfer_history_entry_id bigint,
-    transfer_repo_id text,
-    transfer_poll_message_id_3 bigint,
-    last_update_time_via_epp timestamp with time zone
-);
-
-
---
--- Name: ContactHistory; Type: TABLE; Schema: public; Owner: -
---
-
-CREATE TABLE public."ContactHistory" (
-    history_revision_id bigint NOT NULL,
-    history_by_superuser boolean NOT NULL,
-    history_registrar_id text,
-    history_modification_time timestamp with time zone NOT NULL,
-    history_reason text,
-    history_requested_by_registrar boolean,
-    history_client_transaction_id text,
-    history_server_transaction_id text,
-    history_type text NOT NULL,
-    history_xml_bytes bytea,
-    auth_info_repo_id text,
-    auth_info_value text,
-    contact_id text,
-    disclose_types_addr text[],
-    disclose_show_email boolean,
-    disclose_show_fax boolean,
-    disclose_mode_flag boolean,
-    disclose_types_name text[],
-    disclose_types_org text[],
-    disclose_show_voice boolean,
-    email text,
-    fax_phone_extension text,
-    fax_phone_number text,
-    addr_i18n_city text,
-    addr_i18n_country_code text,
-    addr_i18n_state text,
-    addr_i18n_street_line1 text,
-    addr_i18n_street_line2 text,
-    addr_i18n_street_line3 text,
-    addr_i18n_zip text,
-    addr_i18n_name text,
-    addr_i18n_org text,
-    addr_i18n_type text,
-    last_transfer_time timestamp with time zone,
-    addr_local_city text,
-    addr_local_country_code text,
-    addr_local_state text,
-    addr_local_street_line1 text,
-    addr_local_street_line2 text,
-    addr_local_street_line3 text,
-    addr_local_zip text,
-    addr_local_name text,
-    addr_local_org text,
-    addr_local_type text,
-    search_name text,
-    transfer_poll_message_id_1 bigint,
-    transfer_poll_message_id_2 bigint,
-    transfer_client_txn_id text,
-    transfer_server_txn_id text,
-    transfer_gaining_registrar_id text,
-    transfer_losing_registrar_id text,
-    transfer_pending_expiration_time timestamp with time zone,
-    transfer_request_time timestamp with time zone,
-    transfer_status text,
-    voice_phone_extension text,
-    voice_phone_number text,
-    creation_registrar_id text,
-    creation_time timestamp with time zone,
-    current_sponsor_registrar_id text,
-    deletion_time timestamp with time zone,
-    last_epp_update_registrar_id text,
-    last_epp_update_time timestamp with time zone,
-    statuses text[],
-    contact_repo_id text NOT NULL,
-    update_timestamp timestamp with time zone,
-    transfer_history_entry_id bigint,
-    transfer_repo_id text,
-    transfer_poll_message_id_3 bigint,
-    last_update_time_via_epp timestamp with time zone
-);
-
-
 --
 -- Name: Cursor; Type: TABLE; Schema: public; Owner: -
 --
@@ -1596,22 +1452,6 @@ ALTER TABLE ONLY public."ConsoleUpdateHistory"
     ADD CONSTRAINT "ConsoleUpdateHistory_pkey" PRIMARY KEY (revision_id);
 
 
---
--- Name: ContactHistory ContactHistory_pkey; Type: CONSTRAINT; Schema: public; Owner: -
---
-
-ALTER TABLE ONLY public."ContactHistory"
-    ADD CONSTRAINT "ContactHistory_pkey" PRIMARY KEY (contact_repo_id, history_revision_id);
-
-
---
--- Name: Contact Contact_pkey; Type: CONSTRAINT; Schema: public; Owner: -
---
-
-ALTER TABLE ONLY public."Contact"
-    ADD CONSTRAINT "Contact_pkey" PRIMARY KEY (repo_id);
-
-
 --
 -- Name: Cursor Cursor_pkey; Type: CONSTRAINT; Schema: public; Owner: -
 --
@@ -2112,13 +1952,6 @@ CREATE INDEX idx1dyqmqb61xbnj7mt7bk27ds25 ON public."DomainTransactionRecord" US
 CREATE INDEX idx1iy7njgb7wjmj9piml4l2g0qi ON public."HostHistory" USING btree (history_registrar_id);
 
 
---
--- Name: idx1p3esngcwwu6hstyua6itn6ff; Type: INDEX; Schema: public; Owner: -
---
-
-CREATE INDEX idx1p3esngcwwu6hstyua6itn6ff ON public."Contact" USING btree (search_name);
-
-
 --
 -- Name: idx1rcgkdd777bpvj0r94sltwd5y; Type: INDEX; Schema: public; Owner: -
 --
@@ -2147,13 +1980,6 @@ CREATE INDEX idx3d1mucv7axrhud8w8jl4vsu62 ON public."RegistrarUpdateHistory" USI
 CREATE INDEX idx3y3k7m2bkgahm9sixiohgyrga ON public."Domain" USING btree (transfer_billing_event_id);
 
 
---
--- Name: idx3y752kr9uh4kh6uig54vemx0l; Type: INDEX; Schema: public; Owner: -
---
-
-CREATE INDEX idx3y752kr9uh4kh6uig54vemx0l ON public."Contact" USING btree (creation_time);
-
-
 --
 -- Name: idx4ytbe5f3b39trsd4okx5ijhs4; Type: INDEX; Schema: public; Owner: -
 --
@@ -2280,13 +2106,6 @@ CREATE INDEX idx8nr0ke9mrrx4ewj6pd2ag4rmr ON public."Domain" USING btree (creati
 CREATE INDEX idx9g3s7mjv1yn4t06nqid39whss ON public."AllocationToken" USING btree (token_type);
 
 
---
--- Name: idx9q53px6r302ftgisqifmc6put; Type: INDEX; Schema: public; Owner: -
---
-
-CREATE INDEX idx9q53px6r302ftgisqifmc6put ON public."ContactHistory" USING btree (history_type);
-
-
 --
 -- Name: idx_console_update_history_acting_user; Type: INDEX; Schema: public; Owner: -
 --
@@ -2364,13 +2183,6 @@ CREATE INDEX idxbgssjudpm428mrv0xfpvgifps ON public."GracePeriod" USING btree (b
 CREATE INDEX idxbjacjlm8ianc4kxxvamnu94k5 ON public."UserUpdateHistory" USING btree (history_acting_user);
 
 
---
--- Name: idxbn8t4wp85fgxjl8q4ctlscx55; Type: INDEX; Schema: public; Owner: -
---
-
-CREATE INDEX idxbn8t4wp85fgxjl8q4ctlscx55 ON public."Contact" USING btree (current_sponsor_registrar_id);
-
-
 --
 -- Name: idxcclyb3n5gbex8u8m9fjlujitw; Type: INDEX; Schema: public; Owner: -
 --
@@ -2455,13 +2267,6 @@ CREATE INDEX idxhlqqd5uy98cjyos72d81x9j95 ON public."DelegationSignerData" USING
 CREATE INDEX idxhmv411mdqo5ibn4vy7ykxpmlv ON public."BillingEvent" USING btree (allocation_token);
 
 
---
--- Name: idxhp33wybmb6tbpr1bq7ttwk8je; Type: INDEX; Schema: public; Owner: -
---
-
-CREATE INDEX idxhp33wybmb6tbpr1bq7ttwk8je ON public."ContactHistory" USING btree (history_registrar_id);
-
-
 --
 -- Name: idxhteajcrxmq4o8rsys8kevyiqr; Type: INDEX; Schema: public; Owner: -
 --
@@ -2595,13 +2400,6 @@ CREATE INDEX idxm6k18dusy2lfi5y81k8g256sa ON public."RegistrarUpdateHistory" USI
 CREATE INDEX idxmk1d2ngdtfkg6odmw7l5ejisw ON public."DomainDsDataHistory" USING btree (domain_repo_id, domain_history_revision_id);
 
 
---
--- Name: idxn1f711wicdnooa2mqb7g1m55o; Type: INDEX; Schema: public; Owner: -
---
-
-CREATE INDEX idxn1f711wicdnooa2mqb7g1m55o ON public."Contact" USING btree (deletion_time);
-
-
 --
 -- Name: idxn898pb9mwcg359cdwvolb11ck; Type: INDEX; Schema: public; Owner: -
 --
@@ -2630,20 +2428,6 @@ CREATE INDEX idxnjhib7v6fj7dhj5qydkefkl2u ON public."Domain" USING btree (lordn_
 CREATE INDEX idxnuyqo6hrtuvbcmuecf7vkfmle ON public."PollMessage" USING btree (domain_repo_id, domain_history_revision_id);
 
 
---
--- Name: idxo1xdtpij2yryh0skxe9v91sep; Type: INDEX; Schema: public; Owner: -
---
-
-CREATE INDEX idxo1xdtpij2yryh0skxe9v91sep ON public."ContactHistory" USING btree (creation_time);
-
-
---
--- Name: idxoqd7n4hbx86hvlgkilq75olas; Type: INDEX; Schema: public; Owner: -
---
-
-CREATE INDEX idxoqd7n4hbx86hvlgkilq75olas ON public."Contact" USING btree (contact_id);
-
-
 --
 -- Name: idxoqttafcywwdn41um6kwlt0n8b; Type: INDEX; Schema: public; Owner: -
 --
@@ -2756,13 +2540,6 @@ CREATE INDEX idxsfci08jgsymxy6ovh4k7r358c ON public."Domain" USING btree (billin
 CREATE INDEX idxsu1nam10cjes9keobapn5jvxj ON public."DomainHistory" USING btree (history_type);
 
 
---
--- Name: idxsudwswtwqnfnx2o1hx4s0k0g5; Type: INDEX; Schema: public; Owner: -
---
-
-CREATE INDEX idxsudwswtwqnfnx2o1hx4s0k0g5 ON public."ContactHistory" USING btree (history_modification_time);
-
-
 --
 -- Name: idxtmlqd31dpvvd2g1h9i7erw6aj; Type: INDEX; Schema: public; Owner: -
 --
@@ -2833,14 +2610,6 @@ CREATE INDEX spec11threatmatch_registrar_id_idx ON public."Spec11ThreatMatch" US
 CREATE INDEX spec11threatmatch_tld_idx ON public."Spec11ThreatMatch" USING btree (tld);
 
 
---
--- Name: Contact fk1sfyj7o7954prbn1exk7lpnoe; Type: FK CONSTRAINT; Schema: public; Owner: -
---
-
-ALTER TABLE ONLY public."Contact"
-    ADD CONSTRAINT fk1sfyj7o7954prbn1exk7lpnoe FOREIGN KEY (creation_registrar_id) REFERENCES public."Registrar"(registrar_id) DEFERRABLE INITIALLY DEFERRED;
-
-
 --
 -- Name: Domain fk2jc69qyg2tv9hhnmif6oa1cx1; Type: FK CONSTRAINT; Schema: public; Owner: -
 --
@@ -2881,14 +2650,6 @@ ALTER TABLE ONLY public."ClaimsEntry"
     ADD CONSTRAINT fk6sc6at5hedffc0nhdcab6ivuq FOREIGN KEY (revision_id) REFERENCES public."ClaimsList"(revision_id) DEFERRABLE INITIALLY DEFERRED;
 
 
---
--- Name: Contact fk93c185fx7chn68uv7nl6uv2s0; Type: FK CONSTRAINT; Schema: public; Owner: -
---
-
-ALTER TABLE ONLY public."Contact"
-    ADD CONSTRAINT fk93c185fx7chn68uv7nl6uv2s0 FOREIGN KEY (current_sponsor_registrar_id) REFERENCES public."Registrar"(registrar_id) DEFERRABLE INITIALLY DEFERRED;
-
-
 --
 -- Name: BillingCancellation fk_billing_cancellation_billing_event_id; Type: FK CONSTRAINT; Schema: public; Owner: -
 --
@@ -2953,30 +2714,6 @@ ALTER TABLE ONLY public."ConsoleUpdateHistory"
     ADD CONSTRAINT fk_console_update_history_acting_user FOREIGN KEY (acting_user) REFERENCES public."User"(email_address);
 
 
---
--- Name: ContactHistory fk_contact_history_registrar_id; Type: FK CONSTRAINT; Schema: public; Owner: -
---
-
-ALTER TABLE ONLY public."ContactHistory"
-    ADD CONSTRAINT fk_contact_history_registrar_id FOREIGN KEY (history_registrar_id) REFERENCES public."Registrar"(registrar_id) DEFERRABLE INITIALLY DEFERRED;
-
-
---
--- Name: Contact fk_contact_transfer_gaining_registrar_id; Type: FK CONSTRAINT; Schema: public; Owner: -
---
-
-ALTER TABLE ONLY public."Contact"
-    ADD CONSTRAINT fk_contact_transfer_gaining_registrar_id FOREIGN KEY (transfer_gaining_registrar_id) REFERENCES public."Registrar"(registrar_id) DEFERRABLE INITIALLY DEFERRED;
-
-
---
--- Name: Contact fk_contact_transfer_losing_registrar_id; Type: FK CONSTRAINT; Schema: public; Owner: -
---
-
-ALTER TABLE ONLY public."Contact"
-    ADD CONSTRAINT fk_contact_transfer_losing_registrar_id FOREIGN KEY (transfer_losing_registrar_id) REFERENCES public."Registrar"(registrar_id) DEFERRABLE INITIALLY DEFERRED;
-
-
 --
 -- Name: Domain fk_domain_billing_recurrence_id; Type: FK CONSTRAINT; Schema: public; Owner: -
 --
@@ -3257,14 +2994,6 @@ ALTER TABLE ONLY public."Domain"
     ADD CONSTRAINT fkjc0r9r5y1lfbt4gpbqw4wsuvq FOREIGN KEY (last_epp_update_registrar_id) REFERENCES public."Registrar"(registrar_id) DEFERRABLE INITIALLY DEFERRED;
 
 
---
--- Name: Contact fkmb7tdiv85863134w1wogtxrb2; Type: FK CONSTRAINT; Schema: public; Owner: -
---
-
-ALTER TABLE ONLY public."Contact"
-    ADD CONSTRAINT fkmb7tdiv85863134w1wogtxrb2 FOREIGN KEY (last_epp_update_registrar_id) REFERENCES public."Registrar"(registrar_id) DEFERRABLE INITIALLY DEFERRED;
-
-
 --
 -- Name: PremiumEntry fko0gw90lpo1tuee56l0nb6y6g5; Type: FK CONSTRAINT; Schema: public; Owner: -
 --

proxy/terraform/example_config.tf

@@ -12,7 +12,4 @@ module "proxy" {
   gcr_project_name         = "YOUR_GCR_PROJECT"
   proxy_domain_name        = "YOUR_PROXY_DOMAIN"
   proxy_certificate_bucket = "YOUR_CERTIFICATE_BUCKET"
-
-  # Uncomment to disable forwarding of whois HTTP interfaces.
-  # public_web_whois         = 0
 }

proxy/terraform/modules/networking.tf

@@ -9,7 +9,6 @@ module "proxy_networking" {
   proxy_ports           = var.proxy_ports
   proxy_domain          = google_dns_managed_zone.proxy_domain.name
   proxy_domain_name     = google_dns_managed_zone.proxy_domain.dns_name
-  public_web_whois      = var.public_web_whois
 }
 
 module "proxy_networking_canary" {
@@ -19,5 +18,4 @@ module "proxy_networking_canary" {
   proxy_ports           = var.proxy_ports_canary
   proxy_domain          = google_dns_managed_zone.proxy_domain.name
   proxy_domain_name     = google_dns_managed_zone.proxy_domain.dns_name
-  public_web_whois      = var.public_web_whois
 }

proxy/terraform/modules/networking/dns.tf

@@ -13,19 +13,3 @@ resource "google_dns_record_set" "proxy_epp_aaaa_record" {
   managed_zone = var.proxy_domain
   rrdatas      = [google_compute_global_address.proxy_ipv6_address.address]
 }
-
-resource "google_dns_record_set" "proxy_whois_a_record" {
-  name         = "whois${var.suffix}.${var.proxy_domain_name}"
-  type         = "A"
-  ttl          = 300
-  managed_zone = var.proxy_domain
-  rrdatas      = [google_compute_global_address.proxy_ipv4_address.address]
-}
-
-resource "google_dns_record_set" "proxy_whois_aaaa_record" {
-  name         = "whois${var.suffix}.${var.proxy_domain_name}"
-  type         = "AAAA"
-  ttl          = 300
-  managed_zone = var.proxy_domain
-  rrdatas      = [google_compute_global_address.proxy_ipv6_address.address]
-}

proxy/terraform/modules/networking/loadbalancer.tf

@@ -17,10 +17,7 @@ resource "google_compute_firewall" "proxy_firewall" {
 
     ports = [
       var.proxy_ports["epp"],
-      var.proxy_ports["whois"],
       var.proxy_ports["health_check"],
-      var.proxy_ports["http-whois"],
-      var.proxy_ports["https-whois"],
     ]
   }
 
@@ -44,21 +41,6 @@ resource "google_compute_health_check" "proxy_health_check" {
   }
 }
 
-resource "google_compute_health_check" "proxy_http_health_check" {
-  name = "proxy-http-health-check${var.suffix}"
-
-  http_health_check {
-    host         = "health-check.invalid"
-    port         = var.proxy_ports["http-whois"]
-    request_path = "/"
-  }
-}
-
-resource "google_compute_url_map" "proxy_url_map" {
-  name            = "proxy-url-map${var.suffix}"
-  default_service = google_compute_backend_service.http_whois_backend_service.self_link
-}
-
 resource "google_compute_backend_service" "epp_backend_service" {
   name        = "epp-backend-service${var.suffix}"
   protocol    = "TCP"
@@ -82,97 +64,12 @@ resource "google_compute_backend_service" "epp_backend_service" {
   ]
 }
 
-resource "google_compute_backend_service" "whois_backend_service" {
-  name        = "whois-backend-service${var.suffix}"
-  protocol    = "TCP"
-  timeout_sec = 60
-  port_name   = "whois${var.suffix}"
-
-  backend {
-    group = var.proxy_instance_groups["americas"]
-  }
-
-  backend {
-    group = var.proxy_instance_groups["emea"]
-  }
-
-  backend {
-    group = var.proxy_instance_groups["apac"]
-  }
-
-  health_checks = [
-    google_compute_health_check.proxy_health_check.self_link,
-  ]
-}
-
-resource "google_compute_backend_service" "https_whois_backend_service" {
-  name        = "https-whois-backend-service${var.suffix}"
-  protocol    = "TCP"
-  timeout_sec = 60
-  port_name   = "https-whois${var.suffix}"
-
-  backend {
-    group = var.proxy_instance_groups["americas"]
-  }
-
-  backend {
-    group = var.proxy_instance_groups["emea"]
-  }
-
-  backend {
-    group = var.proxy_instance_groups["apac"]
-  }
-
-  health_checks = [
-    google_compute_health_check.proxy_health_check.self_link,
-  ]
-}
-
-resource "google_compute_backend_service" "http_whois_backend_service" {
-  name        = "http-whois-backend-service${var.suffix}"
-  protocol    = "HTTP"
-  timeout_sec = 60
-  port_name   = "http-whois${var.suffix}"
-
-  backend {
-    group = var.proxy_instance_groups["americas"]
-  }
-
-  backend {
-    group = var.proxy_instance_groups["emea"]
-  }
-
-  backend {
-    group = var.proxy_instance_groups["apac"]
-  }
-
-  health_checks = [
-    google_compute_health_check.proxy_http_health_check.self_link,
-  ]
-}
-
 resource "google_compute_target_tcp_proxy" "epp_tcp_proxy" {
   name            = "epp-tcp-proxy${var.suffix}"
   proxy_header    = "PROXY_V1"
   backend_service = google_compute_backend_service.epp_backend_service.self_link
 }
 
-resource "google_compute_target_tcp_proxy" "whois_tcp_proxy" {
-  name            = "whois-tcp-proxy${var.suffix}"
-  proxy_header    = "PROXY_V1"
-  backend_service = google_compute_backend_service.whois_backend_service.self_link
-}
-
-resource "google_compute_target_tcp_proxy" "https_whois_tcp_proxy" {
-  name            = "https-whois-tcp-proxy${var.suffix}"
-  backend_service = google_compute_backend_service.https_whois_backend_service.self_link
-}
-
-resource "google_compute_target_http_proxy" "http_whois_http_proxy" {
-  name    = "http-whois-tcp-proxy${var.suffix}"
-  url_map = google_compute_url_map.proxy_url_map.self_link
-}
-
 resource "google_compute_global_forwarding_rule" "epp_ipv4_forwarding_rule" {
   name       = "epp-ipv4-forwarding-rule${var.suffix}"
   ip_address = google_compute_global_address.proxy_ipv4_address.address
@@ -186,49 +83,3 @@ resource "google_compute_global_forwarding_rule" "epp_ipv6_forwarding_rule" {
   target     = google_compute_target_tcp_proxy.epp_tcp_proxy.self_link
   port_range = "700"
 }
-
-resource "google_compute_global_forwarding_rule" "whois_ipv4_forwarding_rule" {
-  name       = "whois-ipv4-forwarding-rule${var.suffix}"
-  ip_address = google_compute_global_address.proxy_ipv4_address.address
-  target     = google_compute_target_tcp_proxy.whois_tcp_proxy.self_link
-  port_range = "43"
-}
-
-resource "google_compute_global_forwarding_rule" "whois_ipv6_forwarding_rule" {
-  name       = "whois-ipv6-forwarding-rule${var.suffix}"
-  ip_address = google_compute_global_address.proxy_ipv6_address.address
-  target     = google_compute_target_tcp_proxy.whois_tcp_proxy.self_link
-  port_range = "43"
-}
-
-resource "google_compute_global_forwarding_rule" "https_whois_ipv4_forwarding_rule" {
-  name       = "https-whois-ipv4-forwarding-rule${var.suffix}"
-  ip_address = google_compute_global_address.proxy_ipv4_address.address
-  target     = google_compute_target_tcp_proxy.https_whois_tcp_proxy.self_link
-  port_range = "443"
-  count      = var.public_web_whois
-}
-
-resource "google_compute_global_forwarding_rule" "https_whois_ipv6_forwarding_rule" {
-  name       = "https-whois-ipv6-forwarding-rule${var.suffix}"
-  ip_address = google_compute_global_address.proxy_ipv6_address.address
-  target     = google_compute_target_tcp_proxy.https_whois_tcp_proxy.self_link
-  port_range = "443"
-  count      = var.public_web_whois
-}
-
-resource "google_compute_global_forwarding_rule" "http_whois_ipv4_forwarding_rule" {
-  name       = "http-whois-ipv4-forwarding-rule${var.suffix}"
-  ip_address = google_compute_global_address.proxy_ipv4_address.address
-  target     = google_compute_target_http_proxy.http_whois_http_proxy.self_link
-  port_range = "80"
-  count      = var.public_web_whois
-}
-
-resource "google_compute_global_forwarding_rule" "http_whois_ipv6_forwarding_rule" {
-  name       = "http-whois-ipv6-forwarding-rule${var.suffix}"
-  ip_address = google_compute_global_address.proxy_ipv6_address.address
-  target     = google_compute_target_http_proxy.http_whois_http_proxy.self_link
-  port_range = "80"
-  count      = var.public_web_whois
-}

proxy/terraform/modules/networking/variables.tf

@@ -20,13 +20,3 @@ variable "proxy_domain" {
 variable "proxy_domain_name" {
   description = "Domain name of the zone."
 }
-
-variable "public_web_whois" {
-  type        = number
-  description = <<EOF
-    Set to 1 if the whois HTTP ports are external, 0 if not.  This is necessary
-    because our test projects are configured with
-    constraints/compute.restrictLoadBalancerCreationForTypes, which prohibits
-    forwarding external HTTP(s) connections.
-    EOF
-}

proxy/terraform/modules/variables.tf

@@ -8,7 +8,7 @@ variable "gcr_project_name" {
 
 variable "proxy_domain_name" {
   description = <<EOF
-    The base domain name of the proxy, without the whois. or epp. part.
+    The base domain name of the proxy, without the epp. part.
     EOF
 }
 
@@ -35,10 +35,7 @@ variable "proxy_ports" {
 
   default = {
     health_check = 30000
-    whois        = 30001
     epp          = 30002
-    http-whois   = 30010
-    https-whois  = 30011
   }
 }
 
@@ -48,20 +45,6 @@ variable "proxy_ports_canary" {
 
   default = {
     health_check = 31000
-    whois        = 31001
     epp          = 31002
-    http-whois   = 31010
-    https-whois  = 31011
   }
 }
-
-variable "public_web_whois" {
-  type        = number
-  default     = 1
-  description = <<EOF
-    Set to 1 if the whois HTTP ports are external, 0 if not.  This is necessary
-    because our test projects are configured with
-    constraints/compute.restrictLoadBalancerCreationForTypes, which prohibits
-    forwarding external HTTP(s) connections.
-    EOF
-}

proxy/terraform/update_named_ports.sh

@@ -18,9 +18,8 @@
 # the project, zone and instance group names, and then call gcloud to add the
 # named ports.
 
-PROD_PORTS="whois:30001,epp:30002,http-whois:30010,https-whois:30011"
-CANARY_PORTS="whois-canary:31001,epp-canary:31002,"\
-"http-whois-canary:31010,https-whois-canary:31011"
+PROD_PORTS="epp:30002"
+CANARY_PORTS="epp-canary:31002"
 
 while read line
 do