Open ddworken opened 4 years ago
This PR adds a new feature to the SSH CA project: The ability to define realms of servers that are only available with approval from someone else on your team. An example config for this feature would be:
export TEAMS="team.ssh.staging,team.ssh.prod,team.ssh.root_everywhere" export TWO_MAN_TEAMS="team.ssh.root_everywhere" export TWO_MAN_APPROVERS="dworken, username1, username2"
Approval is done via reacting with a :+1: to a message posted by the bot. All approvers are logged to the SSH CA audit log.
An example interaction for this mode looks like:
This PR adds a new feature to the SSH CA project: The ability to define realms of servers that are only available with approval from someone else on your team. An example config for this feature would be:
Approval is done via reacting with a :+1: to a message posted by the bot. All approvers are logged to the SSH CA audit log.
An example interaction for this mode looks like: