Allow prompting for a custom reason on regular role requests

[programmerq]

What would you like Teleport to do?

Enhance the functionality of the request_prompt field in role configurations. The request_prompt field should not only provide a prompt for roles with the request_access: reason option set, but also define a custom message instructing users what they need to include with their access request.

For example, given the following role:

expand: `request_prompt: Please enter the Ticket ID`

kind: role
metadata:
  name: example_role
spec:
  allow:
    request:
      roles:
      - example_role
  deny: {}
  options:
    request_prompt: Please enter the Ticket ID
version: v6

The web UI would output the reason in some way so the user can know what is expected of them.

It might even be ideal to prompt the user to rerun with --request-reason when requesting a role via tsh request create that has a prompt, but the user did not specify the reason.

What problem does this solve?

Currently, the request_prompt field is designed to prompt a message when the role also has the request_access: reason option set. The only time this comes up is when using the waiting room / Advanced RBAC feature where the request is created at login.

More specific user-guidance is still helpful for cases where the user is creating a request manually. It will reduce confusion on Teleport end users.

If a workaround exists, please include it.

There isn't really a good workaround-- The user would just need to know that their Teleport admins require a certain piece of information in the request reason field that is currently marked "(optional)" in the web ui.

[ravicious]

Duplicate of #9184? Though this ticket has much more in depth explanation.

[programmerq]

It looks like that one is similar, but might be more about prepopulating a reason in the field based on a template. This issue is more about having a request reason/prompt for access requests outside the context of the waiting room feature.

[zmb3]

@kopiczko did you end up addressing this in your recent work? I feel like I recall seeing that you were sending the reason prompt up to the web UI now.

[kopiczko]

This was the issue I was regarding request reasons I was working on recently #20164. It was about marking reason as required for certain requests, but I wasn't touching request_prompt functionality.