Move GCP proxy code to the old [] proxy's location

1. Moved code for the GCP proxy to where the [] proxy code used to live.
3. Corrected reference to the GCP proxy location.
4. Misc changes to make ErrorProne and various tools happy.

+diekmann to LGTM terraform whitelist change.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=213630560

java/google/registry/proxy/handler/HealthCheckHandler.java

@@ -16,6 +16,7 @@ package google.registry.proxy.handler;
 
 import io.netty.buffer.ByteBuf;
 import io.netty.buffer.Unpooled;
+import io.netty.channel.ChannelFuture;
 import io.netty.channel.ChannelHandlerContext;
 import io.netty.channel.ChannelInboundHandlerAdapter;
 import java.nio.charset.StandardCharsets;
@@ -35,7 +36,7 @@ public class HealthCheckHandler extends ChannelInboundHandlerAdapter {
   public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {
     ByteBuf buf = (ByteBuf) msg;
     if (buf.equals(checkRequest)) {
-      ctx.writeAndFlush(checkResponse);
+      ChannelFuture unusedFuture = ctx.writeAndFlush(checkResponse);
     }
     buf.release();
   }

java/google/registry/proxy/terraform/modules/gke/cluster.tf

@@ -3,8 +3,8 @@ locals {
 }
 
 resource "google_container_cluster" "proxy_cluster" {
-  name               = "proxy-cluster-${var.proxy_cluster_region}"
+  name = "proxy-cluster-${var.proxy_cluster_region}"
-  zone               = "${local.proxy_cluster_zone}"
+  zone = "${local.proxy_cluster_zone}"
 
   timeouts {
     update = "30m"

java/google/registry/proxy/terraform/modules/networking/dns.tf

@@ -0,0 +1,31 @@
+resource "google_dns_record_set" "proxy_epp_a_record" {
+  name         = "epp${var.suffix}.${var.proxy_domain_name}"
+  type         = "A"
+  ttl          = 300
+  managed_zone = "${var.proxy_domain}"
+  rrdatas      = ["${google_compute_global_address.proxy_ipv4_address.address}"]
+}
+
+resource "google_dns_record_set" "proxy_epp_aaaa_record" {
+  name         = "epp${var.suffix}.${var.proxy_domain_name}"
+  type         = "AAAA"
+  ttl          = 300
+  managed_zone = "${var.proxy_domain}"
+  rrdatas      = ["${google_compute_global_address.proxy_ipv6_address.address}"]
+}
+
+resource "google_dns_record_set" "proxy_whois_a_record" {
+  name         = "whois${var.suffix}.${var.proxy_domain_name}"
+  type         = "A"
+  ttl          = 300
+  managed_zone = "${var.proxy_domain}"
+  rrdatas      = ["${google_compute_global_address.proxy_ipv4_address.address}"]
+}
+
+resource "google_dns_record_set" "proxy_whois_aaaa_record" {
+  name         = "whois${var.suffix}.${var.proxy_domain_name}"
+  type         = "AAAA"
+  ttl          = 300
+  managed_zone = "${var.proxy_domain}"
+  rrdatas      = ["${google_compute_global_address.proxy_ipv6_address.address}"]
+}

java/google/registry/proxy/terraform/modules/networking/input.tf

@@ -0,0 +1,20 @@
+# Instance groups that the load balancer forwards traffic to.
+variable "proxy_instance_groups" {
+  type = "map"
+}
+
+# Suffix (such as "-canary") added to the resource names.
+variable "suffix" {
+  default = ""
+}
+
+# Node ports exposed by the proxy.
+variable "proxy_ports" {
+  type = "map"
+}
+
+# DNS zone for the proxy domain.
+variable "proxy_domain" {}
+
+# domain name of the zone.
+variable "proxy_domain_name" {}

java/google/registry/proxy/terraform/modules/networking/loadbalancer.tf

@@ -0,0 +1,230 @@
+resource "google_compute_global_address" "proxy_ipv4_address" {
+  name       = "proxy-ipv4-address${var.suffix}"
+  ip_version = "IPV4"
+}
+
+resource "google_compute_global_address" "proxy_ipv6_address" {
+  name       = "proxy-ipv6-address${var.suffix}"
+  ip_version = "IPV6"
+}
+
+resource "google_compute_firewall" "proxy_firewall" {
+  name    = "proxy-firewall${var.suffix}"
+  network = "default"
+
+  allow {
+    protocol = "tcp"
+
+    ports = [
+      "${var.proxy_ports["epp"]}",
+      "${var.proxy_ports["whois"]}",
+      "${var.proxy_ports["health_check"]}",
+      "${var.proxy_ports["http-whois"]}",
+      "${var.proxy_ports["https-whois"]}",
+    ]
+  }
+
+  source_ranges = [
+    "130.211.0.0/22",
+    "35.191.0.0/16",
+  ]
+
+  target_tags = [
+    "proxy-cluster",
+  ]
+}
+
+resource "google_compute_health_check" "proxy_health_check" {
+  name = "proxy-health-check${var.suffix}"
+
+  tcp_health_check {
+    port     = "${var.proxy_ports["health_check"]}"
+    request  = "HEALTH_CHECK_REQUEST"
+    response = "HEALTH_CHECK_RESPONSE"
+  }
+}
+
+resource "google_compute_health_check" "proxy_http_health_check" {
+  name = "proxy-http-health-check${var.suffix}"
+
+  http_health_check {
+    host         = "health-check.invalid"
+    port         = "${var.proxy_ports["http-whois"]}"
+    request_path = "/"
+  }
+}
+
+resource "google_compute_url_map" "proxy_url_map" {
+  name            = "proxy-url-map${var.suffix}"
+  default_service = "${google_compute_backend_service.http_whois_backend_service.self_link}"
+}
+
+resource "google_compute_backend_service" "epp_backend_service" {
+  name        = "epp-backend-service${var.suffix}"
+  protocol    = "TCP"
+  timeout_sec = 3600
+  port_name   = "epp${var.suffix}"
+
+  backend {
+    group = "${var.proxy_instance_groups["americas"]}"
+  }
+
+  backend {
+    group = "${var.proxy_instance_groups["emea"]}"
+  }
+
+  backend {
+    group = "${var.proxy_instance_groups["apac"]}"
+  }
+
+  health_checks = [
+    "${google_compute_health_check.proxy_health_check.self_link}",
+  ]
+}
+
+resource "google_compute_backend_service" "whois_backend_service" {
+  name        = "whois-backend-service${var.suffix}"
+  protocol    = "TCP"
+  timeout_sec = 60
+  port_name   = "whois${var.suffix}"
+
+  backend {
+    group = "${var.proxy_instance_groups["americas"]}"
+  }
+
+  backend {
+    group = "${var.proxy_instance_groups["emea"]}"
+  }
+
+  backend {
+    group = "${var.proxy_instance_groups["apac"]}"
+  }
+
+  health_checks = [
+    "${google_compute_health_check.proxy_health_check.self_link}",
+  ]
+}
+
+resource "google_compute_backend_service" "https_whois_backend_service" {
+  name        = "https-whois-backend-service${var.suffix}"
+  protocol    = "TCP"
+  timeout_sec = 60
+  port_name   = "https-whois${var.suffix}"
+
+  backend {
+    group = "${var.proxy_instance_groups["americas"]}"
+  }
+
+  backend {
+    group = "${var.proxy_instance_groups["emea"]}"
+  }
+
+  backend {
+    group = "${var.proxy_instance_groups["apac"]}"
+  }
+
+  health_checks = [
+    "${google_compute_health_check.proxy_health_check.self_link}",
+  ]
+}
+
+resource "google_compute_backend_service" "http_whois_backend_service" {
+  name        = "http-whois-backend-service${var.suffix}"
+  protocol    = "HTTP"
+  timeout_sec = 60
+  port_name   = "http-whois${var.suffix}"
+
+  backend {
+    group = "${var.proxy_instance_groups["americas"]}"
+  }
+
+  backend {
+    group = "${var.proxy_instance_groups["emea"]}"
+  }
+
+  backend {
+    group = "${var.proxy_instance_groups["apac"]}"
+  }
+
+  health_checks = [
+    "${google_compute_health_check.proxy_http_health_check.self_link}",
+  ]
+}
+
+resource "google_compute_target_tcp_proxy" "epp_tcp_proxy" {
+  name            = "epp-tcp-proxy${var.suffix}"
+  proxy_header    = "PROXY_V1"
+  backend_service = "${google_compute_backend_service.epp_backend_service.self_link}"
+}
+
+resource "google_compute_target_tcp_proxy" "whois_tcp_proxy" {
+  name            = "whois-tcp-proxy${var.suffix}"
+  proxy_header    = "PROXY_V1"
+  backend_service = "${google_compute_backend_service.whois_backend_service.self_link}"
+}
+
+resource "google_compute_target_tcp_proxy" "https_whois_tcp_proxy" {
+  name            = "https-whois-tcp-proxy${var.suffix}"
+  backend_service = "${google_compute_backend_service.https_whois_backend_service.self_link}"
+}
+
+resource "google_compute_target_http_proxy" "http_whois_http_proxy" {
+  name    = "http-whois-tcp-proxy${var.suffix}"
+  url_map = "${google_compute_url_map.proxy_url_map.self_link}"
+}
+
+resource "google_compute_global_forwarding_rule" "epp_ipv4_forwarding_rule" {
+  name       = "epp-ipv4-forwarding-rule${var.suffix}"
+  ip_address = "${google_compute_global_address.proxy_ipv4_address.address}"
+  target     = "${google_compute_target_tcp_proxy.epp_tcp_proxy.self_link}"
+  port_range = "700"
+}
+
+resource "google_compute_global_forwarding_rule" "epp_ipv6_forwarding_rule" {
+  name       = "epp-ipv6-forwarding-rule${var.suffix}"
+  ip_address = "${google_compute_global_address.proxy_ipv6_address.address}"
+  target     = "${google_compute_target_tcp_proxy.epp_tcp_proxy.self_link}"
+  port_range = "700"
+}
+
+resource "google_compute_global_forwarding_rule" "whois_ipv4_forwarding_rule" {
+  name       = "whois-ipv4-forwarding-rule${var.suffix}"
+  ip_address = "${google_compute_global_address.proxy_ipv4_address.address}"
+  target     = "${google_compute_target_tcp_proxy.whois_tcp_proxy.self_link}"
+  port_range = "43"
+}
+
+resource "google_compute_global_forwarding_rule" "whois_ipv6_forwarding_rule" {
+  name       = "whois-ipv6-forwarding-rule${var.suffix}"
+  ip_address = "${google_compute_global_address.proxy_ipv6_address.address}"
+  target     = "${google_compute_target_tcp_proxy.whois_tcp_proxy.self_link}"
+  port_range = "43"
+}
+
+resource "google_compute_global_forwarding_rule" "https_whois_ipv4_forwarding_rule" {
+  name       = "https-whois-ipv4-forwarding-rule${var.suffix}"
+  ip_address = "${google_compute_global_address.proxy_ipv4_address.address}"
+  target     = "${google_compute_target_tcp_proxy.https_whois_tcp_proxy.self_link}"
+  port_range = "443"
+}
+
+resource "google_compute_global_forwarding_rule" "https_whois_ipv6_forwarding_rule" {
+  name       = "https-whois-ipv6-forwarding-rule${var.suffix}"
+  ip_address = "${google_compute_global_address.proxy_ipv6_address.address}"
+  target     = "${google_compute_target_tcp_proxy.https_whois_tcp_proxy.self_link}"
+  port_range = "443"
+}
+
+resource "google_compute_global_forwarding_rule" "http_whois_ipv4_forwarding_rule" {
+  name       = "http-whois-ipv4-forwarding-rule${var.suffix}"
+  ip_address = "${google_compute_global_address.proxy_ipv4_address.address}"
+  target     = "${google_compute_target_http_proxy.http_whois_http_proxy.self_link}"
+  port_range = "80"
+}
+
+resource "google_compute_global_forwarding_rule" "http_whois_ipv6_forwarding_rule" {
+  name       = "http-whois-ipv6-forwarding-rule${var.suffix}"
+  ip_address = "${google_compute_global_address.proxy_ipv6_address.address}"
+  target     = "${google_compute_target_http_proxy.http_whois_http_proxy.self_link}"
+  port_range = "80"
+}

java/google/registry/proxy/terraform/modules/networking/output.tf

@@ -0,0 +1,7 @@
+output "proxy_ipv4_address" {
+  value = "${google_compute_global_address.proxy_ipv4_address.address}"
+}
+
+output "proxy_ipv6_address" {
+  value = "${google_compute_global_address.proxy_ipv6_address.address}"
+}

javatests/google/registry/proxy/BUILD

@@ -18,9 +18,9 @@ java_library(
         "@io_netty_tcnative_boringssl_static",
     ],
     deps = [
+        "//java/google/registry/proxy",
         "//java/google/registry/util",
         "//javatests/google/registry/testing",
-        "//proxy/java/google/registry/proxy",
         "@com_beust_jcommander",
         "@com_google_dagger",
         "@com_google_guava",

javatests/google/registry/proxy/quota/QuotaConfigTest.java

@@ -1,4 +1,4 @@
-// Copyright 2017 The Nomulus Authors. All Rights Reserved.
+// Copyright 2018 The Nomulus Authors. All Rights Reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -49,7 +49,7 @@ public class QuotaConfigTest {
   @Test
   public void testSuccess_regularConfig() {
     quotaConfig = loadQuotaConfig("quota_config_regular.yaml");
-    assertThat(quotaConfig.getRefreshPeriod()).isEqualTo(Duration.standardSeconds(3600));
+    assertThat(quotaConfig.getRefreshPeriod()).isEqualTo(Duration.standardHours(1));
     validateQuota("abc", 10, 60);
     validateQuota("987lol", 500, 10);
     validateQuota("no_match", 100, 60);
@@ -58,7 +58,7 @@ public class QuotaConfigTest {
   @Test
   public void testSuccess_onlyDefault() {
     quotaConfig = loadQuotaConfig("quota_config_default.yaml");
-    assertThat(quotaConfig.getRefreshPeriod()).isEqualTo(Duration.standardSeconds(3600));
+    assertThat(quotaConfig.getRefreshPeriod()).isEqualTo(Duration.standardHours(1));
     validateQuota("abc", 100, 60);
     validateQuota("987lol", 100, 60);
     validateQuota("no_match", 100, 60);