From df9f99d063883b95850699facc962f206fa671bf Mon Sep 17 00:00:00 2001
From: Valerij Fredriksen <valerijf@yahooinc.com>
Date: Fri, 9 Dec 2022 09:33:54 +0100
Subject: Limit EnclaveAccessMaintainer to PublicCD

---
 .../vespa/hosted/controller/maintenance/EnclaveAccessMaintainer.java   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/EnclaveAccessMaintainer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/EnclaveAccessMaintainer.java
index d9576f4e176..379d1b5fe39 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/EnclaveAccessMaintainer.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/EnclaveAccessMaintainer.java
@@ -1,6 +1,7 @@
 package com.yahoo.vespa.hosted.controller.maintenance;
 
 import com.yahoo.config.provision.CloudAccount;
+import com.yahoo.config.provision.SystemName;
 import com.yahoo.vespa.hosted.controller.Controller;
 import com.yahoo.vespa.hosted.controller.tenant.Tenant;
 
@@ -16,7 +17,7 @@ public class EnclaveAccessMaintainer extends ControllerMaintainer {
     private static final Logger logger = Logger.getLogger(EnclaveAccessMaintainer.class.getName());
 
     EnclaveAccessMaintainer(Controller controller, Duration interval) {
-        super(controller, interval);
+        super(controller, interval, null, Set.of(SystemName.PublicCd));
     }
 
     @Override
-- 
cgit v1.2.3


From f55c54ef2386fea0e8caaec31af05dcfe7f50059 Mon Sep 17 00:00:00 2001
From: Valerij Fredriksen <valerijf@yahooinc.com>
Date: Fri, 9 Dec 2022 15:58:11 +0100
Subject: Propagate success factor

---
 .../controller/api/integration/aws/EnclaveAccessService.java       | 7 +++++--
 .../hosted/controller/maintenance/EnclaveAccessMaintainer.java     | 3 +--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/EnclaveAccessService.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/EnclaveAccessService.java
index 52e8ba5adf8..9ce2ae0a6fc 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/EnclaveAccessService.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/EnclaveAccessService.java
@@ -9,7 +9,10 @@ import java.util.Set;
  */
 public interface EnclaveAccessService {
 
-    /** Ensures the given enclave accounts have access to resources they require to function. */
-    void allowAccessFor(Set<CloudAccount> accounts);
+    /**
+     * Ensures the given enclave accounts have access to resources they require to function.
+     * @return the degree to which the run was successful - a number between 0 (no success), to 1 (complete success)
+     */
+    double allowAccessFor(Set<CloudAccount> accounts);
 
 }
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/EnclaveAccessMaintainer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/EnclaveAccessMaintainer.java
index 379d1b5fe39..bce4abcb14b 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/EnclaveAccessMaintainer.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/maintenance/EnclaveAccessMaintainer.java
@@ -23,8 +23,7 @@ public class EnclaveAccessMaintainer extends ControllerMaintainer {
     @Override
     protected double maintain() {
         try {
-            controller().serviceRegistry().enclaveAccessService().allowAccessFor(externalAccounts());
-            return 1;
+            return controller().serviceRegistry().enclaveAccessService().allowAccessFor(externalAccounts());
         }
         catch (RuntimeException e) {
             logger.log(WARNING, "Failed sharing AMIs", e);
-- 
cgit v1.2.3


From e85735fa57e9e0bd6f9b131875f03a5a5eb77914 Mon Sep 17 00:00:00 2001
From: Valerij Fredriksen <valerijf@yahooinc.com>
Date: Fri, 9 Dec 2022 16:12:24 +0100
Subject: Follow interface

---
 .../controller/api/integration/aws/MockEnclaveAccessService.java       | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/MockEnclaveAccessService.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/MockEnclaveAccessService.java
index 81163404007..1cfc05bba7e 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/MockEnclaveAccessService.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/MockEnclaveAccessService.java
@@ -15,8 +15,9 @@ public class MockEnclaveAccessService implements EnclaveAccessService {
     public Set<CloudAccount> currentAccounts() { return currentAccounts; }
 
     @Override
-    public void allowAccessFor(Set<CloudAccount> accounts) {
+    public double allowAccessFor(Set<CloudAccount> accounts) {
         currentAccounts = new TreeSet<>(accounts);
+        return 1;
     }
 
 }
-- 
cgit v1.2.3