mirror of
https://github.com/google/nomulus.git
synced 2025-06-18 02:14:49 +02:00
d8c1501213
This is the first in a series of CLs containing code from an old CL of Dai's that had never been completed, which compares zone data between Datastore and DNS. I had written a script to do this by calling two nomulus commands, but maybe it can be done directly in Java, which would be convenient. This CL is just the plumbing to check on the status of a Mapreduce. We will need this to know that we can proceed with the next step of comparing the output to the DNS data. Cloned from CL 134295050 by 'g4 patch'. Original change by dxy@dxy:zoneman-reader:1939:citc on 2016/09/26 10:34:22. Add a command for comparing zone data between DNS and datastore ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=167188979
204 lines
7 KiB
XML
204 lines
7 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<web-app xmlns="http://java.sun.com/xml/ns/javaee" version="2.5"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
|
|
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
|
|
<!-- Servlets -->
|
|
|
|
<!-- Servlet for injected tools actions -->
|
|
<servlet>
|
|
<display-name>ToolsServlet</display-name>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<servlet-class>google.registry.module.tools.ToolsServlet</servlet-class>
|
|
<load-on-startup>1</load-on-startup>
|
|
</servlet>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/verifyOte</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/createGroups</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/createPremiumList</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/list/*</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/deleteEntity</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/admin/updatePremiumList</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/loadtest</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- The nomulus command line tool uses this endpoint to write to Datastore. -->
|
|
<servlet>
|
|
<display-name>Remote API Servlet</display-name>
|
|
<servlet-name>RemoteApiServlet</servlet-name>
|
|
<servlet-class>com.google.apphosting.utils.remoteapi.RemoteApiServlet</servlet-class>
|
|
<load-on-startup>1</load-on-startup>
|
|
</servlet>
|
|
<servlet-mapping>
|
|
<servlet-name>RemoteApiServlet</servlet-name>
|
|
<url-pattern>/remote_api</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- ExecuteEppCommand uses this to execute remotely. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/epptool</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Mapreduce to re-save all EppResources. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/resaveAllEppResources</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Mapreduce to delete EppResources, children, and indices. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/killAllEppResources</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Mapreduce to delete all commit logs. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/killAllCommitLogs</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Restores commit logs. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/restoreCommitLogs</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- This path serves up the App Engine results page for mapreduce runs. -->
|
|
<servlet>
|
|
<servlet-name>mapreduce</servlet-name>
|
|
<servlet-class>com.google.appengine.tools.mapreduce.MapReduceServlet</servlet-class>
|
|
</servlet>
|
|
<servlet-mapping>
|
|
<servlet-name>mapreduce</servlet-name>
|
|
<url-pattern>/_dr/mapreduce/*</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Pipeline GUI servlets. -->
|
|
<servlet>
|
|
<servlet-name>pipeline</servlet-name>
|
|
<servlet-class>com.google.appengine.tools.pipeline.impl.servlets.PipelineServlet</servlet-class>
|
|
</servlet>
|
|
<servlet-mapping>
|
|
<servlet-name>pipeline</servlet-name>
|
|
<url-pattern>/_ah/pipeline/*</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Refreshes all active domains in DNS -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/refreshDnsForAllDomains</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Registrar detail report publishing action. -->
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/publishDetailReport</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/generateZoneFiles</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
|
|
<servlet-mapping>
|
|
<servlet-name>tools-servlet</servlet-name>
|
|
<url-pattern>/_dr/task/pollMapreduce</url-pattern>
|
|
</servlet-mapping>
|
|
|
|
<!-- Security config -->
|
|
<security-constraint>
|
|
<web-resource-collection>
|
|
<web-resource-name>Internal</web-resource-name>
|
|
<description>
|
|
Admin-only internal section. Requests for paths covered by the URL patterns below will be
|
|
checked for a logged-in user account that's allowed to access the AppEngine admin console
|
|
(NOTE: this includes Editor/Viewer permissions in addition to Owner and the new IAM
|
|
App Engine Admin role. See https://cloud.google.com/appengine/docs/java/access-control
|
|
specifically the "Access handlers that have a login:admin restriction" line.)
|
|
|
|
TODO(b/28219927): lift some of these restrictions so that we can allow OAuth authentication
|
|
for endpoints that need to be accessed by open-source automated processes.
|
|
</description>
|
|
|
|
<!-- Internal AppEngine endpoints. The '_ah' is short for app hosting. -->
|
|
<url-pattern>/_ah/*</url-pattern>
|
|
|
|
<!-- Registrar console (should not be available on non-default module). -->
|
|
<url-pattern>/registrar*</url-pattern>
|
|
|
|
<!-- Verbatim JavaScript sources (only visible to admins for debugging). -->
|
|
<url-pattern>/assets/sources/*</url-pattern>
|
|
|
|
</web-resource-collection>
|
|
<auth-constraint>
|
|
<role-name>admin</role-name>
|
|
</auth-constraint>
|
|
|
|
<!-- Repeated here since catch-all rule below is not inherited. -->
|
|
<user-data-constraint>
|
|
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
|
</user-data-constraint>
|
|
</security-constraint>
|
|
|
|
<!-- Require TLS on all requests. -->
|
|
<security-constraint>
|
|
<web-resource-collection>
|
|
<web-resource-name>Secure</web-resource-name>
|
|
<description>
|
|
Require encryption for all paths. http URLs will be redirected to https.
|
|
</description>
|
|
<url-pattern>/*</url-pattern>
|
|
</web-resource-collection>
|
|
<user-data-constraint>
|
|
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
|
|
</user-data-constraint>
|
|
</security-constraint>
|
|
|
|
<!-- See: https://code.google.com/p/objectify-appengine/wiki/Setup -->
|
|
<filter>
|
|
<filter-name>ObjectifyFilter</filter-name>
|
|
<filter-class>com.googlecode.objectify.ObjectifyFilter</filter-class>
|
|
</filter>
|
|
<filter-mapping>
|
|
<filter-name>ObjectifyFilter</filter-name>
|
|
<url-pattern>/*</url-pattern>
|
|
</filter-mapping>
|
|
|
|
<!-- Register types with Objectify. -->
|
|
<filter>
|
|
<filter-name>OfyFilter</filter-name>
|
|
<filter-class>google.registry.model.ofy.OfyFilter</filter-class>
|
|
</filter>
|
|
<filter-mapping>
|
|
<filter-name>OfyFilter</filter-name>
|
|
<url-pattern>/*</url-pattern>
|
|
</filter-mapping>
|
|
</web-app>
|