Add support for requesting groups during ssh request

GGonryun · GGonryun · commit 38bfeaa9f689 · 2024-04-03T13:48:07.000-07:00
diff --git a/src/commands/ssh.ts b/src/commands/ssh.ts
@@ -30,6 +30,7 @@ import yargs from "yargs";
 export type SshCommandArgs = {
   destination: string;
   command?: string;
+  requestGroup?: boolean;
   L?: string; // Port forwarding option
   N?: boolean; // No remote command
   arguments: string[];
@@ -88,6 +89,11 @@ export const sshCommand = (yargs: yargs.Argv) =>
           describe:
             "Do not execute a remote command. Useful for forwarding ports.",
         })
+        .option("request-group", {
+          type: "boolean",
+          describe:
+            "Request access to all other instances that share a group with the destination",
+        })
         // Match `p0 request --reason`
         .option("reason", {
           describe: "Reason access is needed",
@@ -163,6 +169,27 @@ const ssh = async (args: yargs.ArgumentsCamelCase<SshCommandArgs>) => {
   // Prefix is required because the backend uses it to determine that this is an AWS request
   const authn = await authenticate();
   await validateSshInstall(authn);
+
+  if (args.requestGroup) {
+    // When requesting for a group of a specific node first gain access to the group. Subsequent
+    // requests will detect that the node is a part of the group and can use the group permission
+    // to gain access to the node.
+    const response = await request(
+      {
+        ...pick(args, "$0", "_"),
+        arguments: ["ssh", "group", "--destination", args.destination],
+        wait: true,
+      },
+      authn,
+      { message: "approval-required" }
+    );
+    if (!response) {
+      print2("Did not receive access ID from server");
+      return;
+    }
+    await waitForProvisioning<AwsSsh>(authn, response.id);
+  }
+
   const response = await request<AwsSsh>(
     {
       ...pick(args, "$0", "_"),
