vtk 0.7.0 → 0.9.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ad99a9b7f12175a81330df9b6dd29e528e088a934d9ddb4d13532cdc82745b8a
-  data.tar.gz: 79949c6723be663c804e04e06f8ff8e6a13781b9eda335821fa28f1b73830200
+  metadata.gz: 10024b4fc2040cdd70705ce7c5260b16b6b8c5d27a9d2c8476634ce3799d0142
+  data.tar.gz: 0edb9d47c87a76ec6d4e2dc2bbfb37df1dfb3a15cf996dfee92530f3b2f917af
 SHA512:
-  metadata.gz: 5950052b41123adfda1fb86db4dcb8ba66387b8f743a0b8f80cbea87b20963c4e75e84077addd2f96be7a172305c63c1140869997ed932bf6d30a092f76c1235
-  data.tar.gz: f290f9c6a3be7c2dd31e45d70568da46ab22d214311e5dfb5845e6432d05f2a4416f62b1fd6ba837ceed49e7882f381130966f5facda0f7e0e01584dcf17420e
+  metadata.gz: 88ca8fd76885f2dd527d6ab23595f3fc6323b6fe8b22cd5ba1412cc3d9d5640d5662aa3c9065f0ff664e8e11a647244c2fe9832cbf58028990ed56b26f923084
+  data.tar.gz: 06e3698a16e959732bccea4305915043986cb2a7077eed050c76ecf0bfc99f9cd882e621e91f6715b9f4b16bd61dbfaa2f0312a915b9a7dc53f5caa2c4c652cc

data/.rubocop.yml

@@ -1,5 +1,8 @@
+inherit_from: .rubocop_todo.yml
+
 AllCops:
   NewCops: enable
+  TargetRubyVersion: 2.5
 
 Layout/LineLength:
   Max: 120

data/.rubocop_todo.yml

@@ -0,0 +1,12 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2021-08-06 20:18:41 UTC using RuboCop version 1.8.1.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 1
+# Configuration parameters: CountComments, CountAsOne.
+Metrics/ClassLength:
+  Max: 405

data/CHANGELOG.md

@@ -1,5 +1,37 @@
 # Changelog
 
+## [v0.9.1](https://github.com/department-of-veterans-affairs/vtk/tree/v0.9.1) (2021-08-06)
+
+[Full Changelog](https://github.com/department-of-veterans-affairs/vtk/compare/v0.9.0...v0.9.1)
+
+**Merged pull requests:**
+
+- VTK Socks Setup for Windows \(via WSL\) [\#19](https://github.com/department-of-veterans-affairs/vtk/pull/19) ([ericboehs](https://github.com/ericboehs))
+- Add ops-access-request label to new issue [\#18](https://github.com/department-of-veterans-affairs/vtk/pull/18) ([jeff2d2](https://github.com/jeff2d2))
+
+## [v0.9.0](https://github.com/department-of-veterans-affairs/vtk/tree/v0.9.0) (2021-08-02)
+
+[Full Changelog](https://github.com/department-of-veterans-affairs/vtk/compare/v0.8.0...v0.9.0)
+
+**Merged pull requests:**
+
+- SOCKS Setup Command [\#11](https://github.com/department-of-veterans-affairs/vtk/pull/11) ([ericboehs](https://github.com/ericboehs))
+- Command Analytics [\#8](https://github.com/department-of-veterans-affairs/vtk/pull/8) ([ericboehs](https://github.com/ericboehs))
+- Open Jenkins [\#1](https://github.com/department-of-veterans-affairs/vtk/pull/1) ([cvalarida](https://github.com/cvalarida))
+
+## [v0.8.0](https://github.com/department-of-veterans-affairs/vtk/tree/v0.8.0) (2021-03-01)
+
+[Full Changelog](https://github.com/department-of-veterans-affairs/vtk/compare/v0.7.0...v0.8.0)
+
+**Merged pull requests:**
+
+- Updating name [\#17](https://github.com/department-of-veterans-affairs/vtk/pull/17) ([alexpappasoddball](https://github.com/alexpappasoddball))
+- Made changes to how the arguments are handled [\#15](https://github.com/department-of-veterans-affairs/vtk/pull/15) ([thilton-oddball](https://github.com/thilton-oddball))
+
+## [v0.7.0](https://github.com/department-of-veterans-affairs/vtk/tree/v0.7.0) (2021-03-01)
+
+[Full Changelog](https://github.com/department-of-veterans-affairs/vtk/compare/v0.5.0...v0.7.0)
+
 ## [v0.5.0](https://github.com/department-of-veterans-affairs/vtk/tree/v0.5.0) (2021-02-19)
 
 [Full Changelog](https://github.com/department-of-veterans-affairs/vtk/compare/v0.4.0...v0.5.0)
@@ -72,10 +104,6 @@
 
 [Full Changelog](https://github.com/department-of-veterans-affairs/vtk/compare/79143038509757799edb2bb9be2f925b7d985221...oclif)
 
-**Merged pull requests:**
-
-- Open Jenkins [\#1](https://github.com/department-of-veterans-affairs/vtk/pull/1) ([cvalarida](https://github.com/cvalarida))
-
 
 
 \* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*

data/README.md

@@ -1,6 +1,6 @@
-# Platform Developer Toolkit
+# VFS Toolkit
 
-The purpose of this gem is to allow VFS engineers to quickly begin developing on VA.gov. It does this by providing a command line interface that allows the use of simple commands and parameters to do everything from setting up a development environment to building out a directory structure and creating necessary files for separating code into its own module.
+The purpose of this gem is to allow engineers to quickly begin developing on VA.gov. It does this by providing a command line interface that allows the use of simple commands and parameters to do everything from setting up a development environment to building out a directory structure and creating necessary files for separating code into its own module.
 
 *The following assumes you have Ruby 2.6.6 or higher installed*
 
@@ -35,6 +35,25 @@ This above command runs a custom rails generator. For more information see the [
 
 Handles connecting to VA network via SOCKS.
 
+---
+
+```
+$ vtk socks setup
+```
+
+The **setup subcommand** will do the following:
+- Download the recommended `.ssh/config` if missing.
+- Generate a VA SSH key if missing (and opens the access request form).
+- Add your VA SSH key to your ssh agent and keychain.
+- Test the SOCKS tunnel via SSH and HTTP
+- Configure your system to start the SOCKS tunnel on boot
+- Configure your system proxy for use on VA.gov domains (all other traffic bypasses the proxy).
+- Allow you to troubleshoot your SOCKS connection by running it again.
+
+**NOTE**: Running `vtk socks on` and/or `vtk socks off` is not necessary when using `vtk socks setup`.
+
+---
+
 ```
 $ vtk socks on
 ----> Connecting...

data/exe/vtk

@@ -6,7 +6,7 @@ $LOAD_PATH.unshift(lib_path) unless $LOAD_PATH.include?(lib_path)
 require 'vtk/cli'
 
 Signal.trap('INT') do
-  warn("\n#{caller.join("\n")}: interrupted")
+  warn("\n#{caller.join("\n")}: interrupted") if ENV['DEBUG']
   exit(1)
 end
 

data/lib/vtk/analytics.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'net/http'
+require 'open-uri'
+require 'uri'
+
+module Vtk
+  # Provides command analytics to VTK team
+  class Analytics
+    attr_reader :name, :args, :hostname
+
+    def initialize(name:, args: nil, hostname: nil)
+      @name = name
+      @args = args || ARGV.join('_')
+      @hostname = hostname || `hostname -f`.chomp
+    end
+
+    def log
+      return if ENV['CI'] || ENV['TEST'] || ENV['VTK_DISABLE_ANALYTICS']
+
+      Process.fork do
+        exit unless internet?
+
+        emit_point
+      rescue StandardError
+        false # Silently error
+      end
+    end
+
+    def emit_point
+      uri = URI.parse 'https://dev.va.gov/_vfs/vtk-analytics/record'
+      Net::HTTP.start uri.host, uri.port, use_ssl: uri.scheme == 'https' do |http|
+        request = Net::HTTP::Post.new uri, 'Content-Type' => 'application/json'
+        request.body = { series: [point] }.to_json
+        http.request request
+      end
+    end
+
+    def point
+      {
+        metric: 'vtk.command_executed',
+        type: 'count',
+        interval: 1,
+        tags: ["name:#{name}", "args:#{args}"],
+        host: hostname,
+        points: [[Time.now.utc.to_i, '1']]
+      }
+    end
+
+    def internet?
+      true if URI.open 'http://www.google.com/'
+    rescue SocketError
+      false
+    end
+  end
+end

data/lib/vtk/command.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'forwardable'
+require 'vtk/analytics'
 
 module Vtk
   # Command class that all command inherit from
@@ -9,6 +10,11 @@ module Vtk
 
     def_delegators :command, :run
 
+    def initialize
+      command_name = self.class.to_s.split('::').last(2).join('_').downcase
+      Vtk::Analytics.new(name: command_name).log
+    end
+
     # Execute this command
     #
     # @api public

data/lib/vtk/commands/socks.rb

@@ -8,6 +8,24 @@ module Vtk
     class Socks < Thor
       namespace :socks
 
+      desc 'setup', 'Configures local machine for VA SOCKS access'
+      method_option :help, aliases: '-h', type: :boolean,
+                           desc: 'Display usage information'
+      method_option :boot_script_path, type: :string, desc: 'Path to install boot script (e.g. ~/Library)'
+      method_option :ssh_key_path, type: :string, desc: 'Path to SSH key (e.g. ~/.ssh/id_rsa_vagov)'
+      method_option :ssh_config_path, type: :string, desc: 'Path to SSH config (e.g. ~/.ssh/config)'
+      method_option :port, aliases: '-p', type: :string,
+                           desc: 'Port that SOCKS server is running on'
+      method_option :skip_test, type: :boolean, desc: 'Skip testing SOCKS connection'
+      def setup(*)
+        if options[:help]
+          invoke :help, ['setup']
+        else
+          require_relative 'socks/setup'
+          Vtk::Commands::Socks::Setup.new(options).execute
+        end
+      end
+
       desc 'off', 'Disconnects from VA SOCKS'
       method_option :help, aliases: '-h', type: :boolean,
                            desc: 'Display usage information'

data/lib/vtk/commands/socks/on.rb

@@ -50,7 +50,7 @@ module Vtk
             return output.puts "\r----> Connected to SOCKS."
           end
 
-          output.puts "\r----> ERROR: Could not connect to SOCKS."
+          output.puts "\r----> ERROR: Could not connect to SOCKS. Try running `vtk socks setup` first."
           output.puts "----> Verbose Output from SSH log:\n\n"
 
           output.puts File.read '/tmp/socks.log'

data/lib/vtk/commands/socks/setup.rb

@@ -0,0 +1,531 @@
+# frozen_string_literal: true
+
+require_relative '../../command'
+require 'tty-prompt'
+require 'fileutils'
+require 'erb'
+
+module Vtk
+  module Commands
+    class Socks
+      # Sets up socks access to the VA network
+      class Setup < Vtk::Command
+        PROXY_URL = 'https://raw.githubusercontent.com/department-of-veterans-affairs/va.gov-team/master/' \
+          'scripts/socks/proxy.pac'
+
+        attr_reader :ssh_config_path, :input, :output, :boot_script_path, :ssh_key_path, :prompt, :port, :skip_test
+
+        def initialize(options)
+          @options = options
+          @prompt = TTY::Prompt.new interrupt: :exit
+          @port = options['port'] || '2001'
+          @boot_script_path = options['boot_script_path'] || "#{ENV['HOME']}/Library"
+          @ssh_key_path = options['ssh_key_path'] || "#{ENV['HOME']}/.ssh/id_rsa_vagov"
+          @ssh_config_path = options['ssh_config_path'] || "#{ENV['HOME']}/.ssh/config"
+          @skip_test = options['skip_test'] || false
+
+          super()
+        end
+
+        def execute(input: $stdin, output: $stdout)
+          define_stdin_out_vars input: input, output: output
+
+          setup_ssh_config
+          check_ssh_key
+          ssh_agent_add
+
+          unless @ssh_key_created
+            test_ssh_connection unless skip_test
+            configure_system_boot
+            configure_system_proxy
+          end
+
+          log "SOCKS setup complete. #{'Re-run `vtk socks setup` after your key is approved.' if @ssh_key_created}"
+        end
+
+        private
+
+        def define_stdin_out_vars(input:, output:)
+          @input = input
+          @output = output
+        end
+
+        def check_ssh_key
+          return true if key_exists? && private_and_public_keys_match?
+
+          @ssh_key_created = generate_key_and_open_key_access_request
+        end
+
+        def key_exists?
+          File.exist? ssh_key_path
+        end
+
+        def private_and_public_keys_match?
+          return true unless public_key_exists?
+
+          pub_key_from_private = `ssh-keygen -y -e -f #{ssh_key_path}`
+          pub_key_from_public = `ssh-keygen -y -e -f #{ssh_key_path}.pub`
+          return true if pub_key_from_private == pub_key_from_public
+
+          log "❌ ERROR: #{ssh_key_path}.pub is not the public key for #{ssh_key_path}."
+          exit 1
+        end
+
+        def public_key_exists?
+          File.exist? "#{ssh_key_path}.pub"
+        end
+
+        def generate_key_and_open_key_access_request
+          log 'VA key missing. Generating now...'
+          system "ssh-keygen -f #{ssh_key_path} #{'-N ""' if ENV['TEST']}"
+
+          if prompt.yes?(copy_and_open_gh)
+            copy_key_to_clipboard
+            open_command access_request_template_url
+          else
+            key_contents = File.read "#{ssh_key_path}.pub"
+            log "Copy this key & submit into the access request form (#{access_request_template_url}):\n#{key_contents}"
+          end
+        end
+
+        def copy_key_to_clipboard
+          ssh_key_contents = File.read "#{ssh_key_path}.pub"
+
+          if copy_command
+            IO.popen(copy_command, 'w') { |f| f << ssh_key_contents }
+          elsif wsl?
+            system %(powershell.exe Set-Clipboard -Value "'#{ssh_key_contents}'")
+          end
+        end
+
+        def copy_command
+          if macos?
+            'pbcopy'
+          elsif ubuntu_like? && !wsl?
+            system 'sudo apt-get install -y xsel' if `which xsel`.empty?
+            'xsel --clipboard'
+          end
+        end
+
+        def open_command(url)
+          if macos?
+            `open "#{url}"`
+          elsif wsl?
+            `powershell.exe Start '"#{url}"'`
+          elsif ubuntu_like?
+            `xdg-open "#{url}"`
+          end
+        end
+
+        def access_request_template_url
+          'https://github.com/department-of-veterans-affairs/va.gov-team/issues/new?' \
+            'assignees=&labels=external-request%2C+operations%2C+ops-access-request&' \
+            'template=Environment-Access-Request-Template.md&title=Access+for+%5Bindividual%5D'
+        end
+
+        def copy_and_open_gh
+          '----> An SSH key has been created. Would you like to copy the key to your clipboard and open the access ' \
+            'request issue in GitHub now?'
+        end
+
+        def setup_ssh_config
+          create_ssh_directory
+          install_ssh_config
+          configure_ssh_config_with_keychain
+          ssh_config_clean_up
+        end
+
+        def install_ssh_config
+          return true if ssh_config_configured?
+
+          if ssh_config_exists? && !prompt.yes?("----> #{pretty_ssh_config_path} incomplete. Backup and replace now?")
+            return false
+          end
+
+          log 'Installing SSH config...'
+
+          download_ssh_config unless File.exist? '/tmp/dova-devops'
+          backup_existing_ssh_config
+          FileUtils.cp '/tmp/dova-devops/ssh/config', ssh_config_path
+          FileUtils.chmod 0o600, "#{File.dirname ssh_config_path}/config"
+        end
+
+        def ssh_config_configured?
+          return false unless ssh_config_exists?
+
+          download_ssh_config
+          ssh_config_local = File.read ssh_config_path
+          ssh_config = File.read '/tmp/dova-devops/ssh/config'
+          ssh_config_local.include? ssh_config
+        end
+
+        def ssh_config_exists?
+          File.exist? ssh_config_path
+        end
+
+        def download_ssh_config
+          install_git
+
+          ssh_config_clean_up
+
+          ssh_agent_add
+          system 'git config --global credential.helper > /dev/null || ' \
+            "git config --global credential.helper 'cache --timeout=600'"
+          cloned = system(
+            "git clone --quiet#{' --depth 1' if macos?} --no-checkout --filter=blob:none #{repo_url} '/tmp/dova-devops'"
+          )
+          exit 1 unless cloned
+
+          `cd /tmp/dova-devops; git checkout master -- ssh/config`
+        end
+
+        def install_git
+          if macos?
+            install_brew
+          elsif ubuntu_like?
+            return true unless `which git`.empty?
+
+            system 'sudo apt-get install -y git'
+          end
+        end
+
+        def install_brew
+          return false unless macos?
+
+          installed = !`which brew`.empty?
+          return true if installed
+
+          log 'Homebrew not installed. Installing now...'
+          system '/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"'
+        end
+
+        def ssh_config_clean_up
+          FileUtils.rm_rf '/tmp/dova-devops'
+        end
+
+        def repo_url
+          @repo_url ||= begin
+            keyscan_github_com
+
+            if github_ssh_configured
+              'git@github.com:department-of-veterans-affairs/devops.git'
+            else
+              'https://github.com/department-of-veterans-affairs/devops.git'
+            end
+          end
+        end
+
+        def keyscan_github_com
+          return true if File.exist?('~/.ssh/known_hosts') && !`ssh-keygen -F github.com`.empty?
+
+          `ssh-keyscan -H github.com >> ~/.ssh/known_hosts 2> /dev/null`
+        end
+
+        def github_ssh_configured
+          !`ssh -T git@github.com 2>&1`.include?('Permission denied')
+        end
+
+        def backup_existing_ssh_config
+          return true unless ssh_config_exists?
+
+          if File.exist? "#{ssh_config_path}.bak"
+            log "!!! ERROR: Could not make backup of #{pretty_ssh_config_path} as #{pretty_ssh_config_path}.bak " \
+              'exists. Aborting.'
+            exit 1
+          end
+
+          FileUtils.mv ssh_config_path, "#{ssh_config_path}.bak"
+        end
+
+        def create_ssh_directory
+          ssh_dir = File.dirname ssh_config_path
+          FileUtils.mkdir_p ssh_dir
+          FileUtils.chmod 0o700, ssh_dir
+        end
+
+        def configure_ssh_config_with_keychain
+          return unless macos?
+          return if ssh_config_configured_with_keychain?
+
+          keychain_config = <<~CFG
+
+            # Maintain SSH keys in macOS Keychain
+            Host *
+              UseKeychain yes
+              AddKeysToAgent yes
+              IdentityFile #{pretty_ssh_key_path}
+          CFG
+
+          IO.write ssh_config_path, keychain_config, mode: 'a'
+        end
+
+        def ssh_config_configured_with_keychain?
+          return false unless ssh_config_exists?
+
+          ssh_config_local = File.readlines ssh_config_path
+          ssh_config_local.grep(/UseKeychain yes/).any?
+        end
+
+        def ssh_agent_add
+          FileUtils.chmod 0o600, ssh_key_path if key_exists?
+          FileUtils.chmod 0o600, "#{ssh_key_path}.pub" if public_key_exists?
+
+          if macos?
+            `ssh-add -AK 2> /dev/null; ssh-add -AK #{ssh_key_path} 2> /dev/null`
+          elsif ubuntu_like?
+            `[ -z "$SSH_AUTH_SOCK" ] && eval "$(ssh-agent -s)";
+              ssh-add 2> /dev/null; ssh-add #{ssh_key_path} 2> /dev/null`
+          end
+        end
+
+        def test_ssh_connection
+          output.print '----> Testing SOCKS SSH connection...'
+
+          add_ip_to_known_hosts
+
+          if proxy_running? || ssh_output.include?('This account is currently not available.')
+            output.puts ' ✅ DONE'
+          else
+            check_ssh_error ssh_output
+            exit 1
+          end
+        end
+
+        def ssh_output
+          `ssh -i #{ssh_key_path} -F #{ssh_config_path} -o ConnectTimeout=5 -q socks -D #{port} exit 2>&1`
+        end
+
+        def add_ip_to_known_hosts
+          jump_box_ip = `grep -A 2 'Host socks' ~/.ssh/config | grep ProxyCommand | awk '{print $6}'`.chomp
+          socks_ip = `grep -A 2 'Host socks' ~/.ssh/config | grep HostName | awk '{print $2}'`.chomp
+
+          return unless `ssh-keygen -F #{socks_ip}`.empty?
+
+          `ssh-keyscan -H #{jump_box_ip} >> ~/.ssh/known_hosts 2> /dev/null`
+          `ssh -i #{ssh_key_path} dsva@#{jump_box_ip} 'ssh-keyscan -H #{socks_ip}' >> ~/.ssh/known_hosts 2> /dev/null`
+        end
+
+        def check_ssh_error(ssh_output)
+          if ssh_output.include? 'Permission denied (publickey)'
+            output.puts '⚠️  WARN: SSH key is not approved yet. Once it is, re-run `vtk socks setup`.'
+            copy_key_to_clipboard if prompt.yes? 'Would you like to copy your VA public key to your clipboard again?'
+          else
+            ssh_command = "ssh -i #{ssh_key_path} -F #{ssh_config_path} -o ConnectTimeout=5 -vvv socks -D #{port} -N"
+            output.puts ' ❌ ERROR: SSH Connection to SOCKS server unsuccessful. Error message:'
+            output.puts ssh_command
+            output.puts `#{ssh_command}`
+          end
+        end
+
+        def configure_system_boot
+          log 'Configuring SOCKS tunnel to run on system boot...' do
+            if wsl?
+              wsl_configure_system_boot && wsl_start_socks_proxy
+            else
+              install_autossh && (install_launch_agent || install_systemd_service)
+            end
+          end
+        end
+
+        def wsl_configure_system_boot
+          return true if File.exist? socks_bat
+
+          IO.write socks_bat, 'wsl nohup bash -c "/usr/bin/ssh socks -N &" < nul > nul 2>&1', mode: 'a'
+        end
+
+        def socks_bat
+          "#{socks_bat_dir}/gov.va.socks.bat"
+        end
+
+        def socks_bat_dir
+          profile_path = `wslpath "$(wslvar USERPROFILE)"`.chomp
+          "#{profile_path}/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup"
+        end
+
+        def wsl_start_socks_proxy
+          return true if proxy_running?
+
+          system "cd '#{socks_bat_dir}'; cmd.exe /c gov.va.socks.bat > /dev/null"
+        end
+
+        def proxy_running?
+          system("lsof -i:#{port}", out: '/dev/null') || system('lsof -nP | grep ssh | grep -q sock')
+        end
+
+        def launch_agent_label
+          @launch_agent_label ||= begin
+            launch_agent_label = 'gov.va.socks'
+            launch_agent_label += "-test-#{rand 1000}" if ENV['TEST'] == 'test'
+            launch_agent_label
+          end
+        end
+
+        def install_autossh
+          installed = !`which autossh`.empty?
+          return true if installed
+
+          if macos?
+            system 'brew install autossh'
+          elsif ubuntu_like?
+            system 'sudo apt-get install -y autossh'
+          end
+        end
+
+        def install_launch_agent
+          return false unless macos?
+
+          unless File.exist? "#{boot_script_path}/LaunchAgents/gov.va.socks.plist"
+            FileUtils.mkdir_p "#{boot_script_path}/Logs/gov.va.socks"
+            FileUtils.mkdir_p "#{boot_script_path}/LaunchAgents"
+
+            write_launch_agent
+          end
+
+          system "launchctl unload #{boot_script_path}/LaunchAgents/gov.va.socks.plist 2> /dev/null"
+          system "launchctl load -w #{boot_script_path}/LaunchAgents/gov.va.socks.plist"
+        end
+
+        def write_launch_agent
+          erb_template = File.read File.realpath "#{__dir__}/../../templates/socks/setup/gov.va.socks.plist.erb"
+          erb = ERB.new erb_template
+          launch_agent_contents = erb.result(
+            launch_agent_variables.instance_eval { binding }
+          )
+          File.write "#{boot_script_path}/LaunchAgents/gov.va.socks.plist", launch_agent_contents
+        end
+
+        def launch_agent_variables
+          OpenStruct.new(
+            label: launch_agent_label,
+            autossh_path: `which autossh`.chomp,
+            port: @port,
+            boot_script_path: File.realpath(boot_script_path),
+            user: ENV['USER']
+          )
+        end
+
+        def install_systemd_service
+          return false unless ubuntu_like?
+
+          write_systemd_service unless File.exist? '/etc/systemd/system/va_gov_socks.service'
+
+          system 'sudo systemctl daemon-reload'
+          system 'sudo systemctl enable va_gov_socks'
+          system 'sudo systemctl start va_gov_socks'
+        end
+
+        def write_systemd_service
+          erb_template = File.read File.realpath "#{__dir__}/../../templates/socks/setup/va_gov_socks.service.erb"
+          erb = ERB.new erb_template
+          systemd_service_contents = erb.result(
+            systemd_service_variables.instance_eval { binding }
+          )
+          File.write '/tmp/va_gov_socks.service', systemd_service_contents
+          system 'sudo mv /tmp/va_gov_socks.service /etc/systemd/system/va_gov_socks.service'
+        end
+
+        def systemd_service_variables
+          OpenStruct.new(
+            autossh_path: `which autossh`.chomp,
+            port: @port,
+            ssh_key_path: ssh_key_path,
+            user: ENV['USER']
+          )
+        end
+
+        def configure_system_proxy
+          return log 'Skipping system proxy configuration as custom --port was used.' unless port == '2001'
+
+          if macos?
+            mac_configure_system_proxy
+          elsif wsl?
+            wsl_configure_system_proxy
+          elsif ubuntu_like?
+            ubuntu_configure_system_proxy
+          end
+        end
+
+        def mac_configure_system_proxy
+          return true if mac_system_proxy_already_configured?
+
+          log 'Configuring system proxy to use SOCKS tunnel...' do
+            network_interfaces.map do |network_interface|
+              system %(networksetup -setautoproxyurl "#{network_interface}" "#{PROXY_URL}")
+            end.all?
+          end
+        end
+
+        def ubuntu_configure_system_proxy
+          return true if `gsettings get org.gnome.system.proxy mode` == "'auto'\n"
+
+          log 'Configuring system proxy to use SOCKS tunnel...' do
+            `gsettings set org.gnome.system.proxy mode 'auto'` &&
+              `gsettings set org.gnome.system.proxy autoconfig-url "#{PROXY_URL}"`
+          end
+        end
+
+        def wsl_configure_system_proxy
+          log 'Configuring system proxy to use SOCKS tunnel...' do
+            reg_key = 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings'
+            `powershell.exe Set-ItemProperty -path "'#{reg_key}'" AutoConfigURL -Value "'#{PROXY_URL}'"`
+          end
+        end
+
+        def mac_system_proxy_already_configured?
+          network_interfaces.map do |network_interface|
+            output = `networksetup -getautoproxyurl "#{network_interface}"`
+            output == "URL: #{PROXY_URL}\nEnabled: Yes\n"
+          end.all?
+        end
+
+        def network_interfaces
+          @network_interfaces ||= begin
+            `networksetup -listallnetworkservices`.split("\n").drop(1).select do |network_interface|
+              `networksetup -getautoproxyurl "#{network_interface}"`.start_with?('URL: (null)')
+            end
+          end
+        end
+
+        def macos?
+          RUBY_PLATFORM.include? 'darwin'
+        end
+
+        def wsl?
+          @wsl ||= File.exist?('/proc/version') && File.open('/proc/version').grep(/Microsoft/i).any?
+        end
+
+        def ubuntu_like?
+          return false if `which apt-get`.empty? && `which gsettings`.empty?
+
+          true
+        end
+
+        def pretty_ssh_config_path
+          pretty_path ssh_config_path
+        end
+
+        def pretty_ssh_key_path
+          pretty_path ssh_key_path
+        end
+
+        def pretty_path(path)
+          path.gsub ENV['HOME'], '~'
+        end
+
+        def log(message)
+          if block_given?
+            output.print "----> #{message}"
+
+            return_value = yield
+
+            output.puts return_value ? ' ✅ DONE' : ' ❌ FAIL'
+
+            return_value
+          else
+            output.puts "----> #{message}"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vtk/templates/socks/setup/.gitkeep

@@ -0,0 +1 @@
+#

data/lib/vtk/templates/socks/setup/gov.va.socks.plist.erb

@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+  <dict>
+    <key>Label</key>
+    <string><%= label %></string>
+
+    <key>RunAtLoad</key>
+    <true/>
+
+    <key>ProgramArguments</key>
+    <array>
+      <string><%= autossh_path %></string>
+      <string>-v</string>
+      <string>-M</string>
+      <string>0</string>
+      <string>-D</string>
+      <string><%= port %></string>
+      <string>socks</string>
+      <string>-N</string>
+    </array>
+
+    <key>StandardOutPath</key>
+    <string><%= boot_script_path %>/Logs/gov.va.socks/autossh.stdout</string>
+
+    <key>StandardErrorPath</key>
+    <string><%= boot_script_path %>/Logs/gov.va.socks/autossh.stderr</string>
+
+    <key>User</key>
+    <string><%= user %></string>
+
+    <key>ThrottleInterval</key>
+    <integer>30</integer>
+  </dict>
+</plist>

data/lib/vtk/templates/socks/setup/va_gov_socks.service.erb

@@ -0,0 +1,12 @@
+[Unit]
+Description=VA SOCKS Tunnel
+After=network.target
+
+[Service]
+Environment="AUTOSSH_GATETIME=0"
+ExecStart=<%= autossh_path %> -v -M 0 -D <%= port %> -i <%= ssh_key_path %> socks -N
+Restart=always
+User=<%= user %>
+
+[Install]
+WantedBy=multi-user.target

data/lib/vtk/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Vtk
-  VERSION = '0.7.0'
+  VERSION = '0.9.2'
 end

data/vtk.gemspec

@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
   spec.summary       = 'A CLI for the platform'
   spec.description   = 'This is a platform CLI tool for VFS developer usage.'
   spec.homepage      = 'https://github.com/department-of-veterans-affairs/vtk'
-  spec.required_ruby_version = Gem::Requirement.new('>= 2.4.0')
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.5.0')
 
   spec.metadata['homepage_uri'] = spec.homepage
   spec.metadata['documentation_uri'] = spec.homepage
@@ -29,12 +29,14 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
 
   spec.add_dependency 'thor', '> 0.20.3'
+  spec.add_dependency 'tty-command', '~> 0.10.0'
+  spec.add_dependency 'tty-prompt', '~> 0.23.0'
 
   spec.add_development_dependency 'github_changelog_generator', '~> 1.15.0'
   spec.add_development_dependency 'pry', '~> 0.13.0'
   spec.add_development_dependency 'rake', '~> 13.0.0'
   spec.add_development_dependency 'rspec', '~> 3.10.0'
-  spec.add_development_dependency 'rubocop', '~> 1.6.0'
+  spec.add_development_dependency 'rubocop', '~> 1.8.0'
   spec.add_development_dependency 'rubocop-rake', '~> 0.5.0'
   spec.add_development_dependency 'rubocop-rspec', '~> 2.0.0'
 

metadata

@@ -1,16 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: vtk
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.9.2
 platform: ruby
 authors:
 - Eric Boehs
 - Lindsey Hattamer
 - Travis Hilton
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-03-01 00:00:00.000000000 Z
+date: 2021-08-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -26,6 +26,34 @@ dependencies:
     - - ">"
       - !ruby/object:Gem::Version
         version: 0.20.3
+- !ruby/object:Gem::Dependency
+  name: tty-command
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.10.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.10.0
+- !ruby/object:Gem::Dependency
+  name: tty-prompt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.23.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.23.0
 - !ruby/object:Gem::Dependency
   name: github_changelog_generator
   requirement: !ruby/object:Gem::Requirement
@@ -88,14 +116,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: 1.8.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.6.0
+        version: 1.8.0
 - !ruby/object:Gem::Dependency
   name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
@@ -139,6 +167,7 @@ files:
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
+- ".rubocop_todo.yml"
 - ".tool-versions"
 - CHANGELOG.md
 - Gemfile
@@ -150,6 +179,7 @@ files:
 - docs/design-doc.md
 - exe/vtk
 - lib/vtk.rb
+- lib/vtk/analytics.rb
 - lib/vtk/cli.rb
 - lib/vtk/command.rb
 - lib/vtk/commands/.gitkeep
@@ -162,8 +192,12 @@ files:
 - lib/vtk/commands/socks.rb
 - lib/vtk/commands/socks/off.rb
 - lib/vtk/commands/socks/on.rb
+- lib/vtk/commands/socks/setup.rb
 - lib/vtk/templates/.gitkeep
 - lib/vtk/templates/module/add/.gitkeep
+- lib/vtk/templates/socks/setup/.gitkeep
+- lib/vtk/templates/socks/setup/gov.va.socks.plist.erb
+- lib/vtk/templates/socks/setup/va_gov_socks.service.erb
 - lib/vtk/version.rb
 - vtk.gemspec
 homepage: https://github.com/department-of-veterans-affairs/vtk
@@ -174,7 +208,7 @@ metadata:
   documentation_uri: https://github.com/department-of-veterans-affairs/vtk
   source_code_uri: https://github.com/department-of-veterans-affairs/vtk
   changelog_uri: https://github.com/department-of-veterans-affairs/vtk/blob/master/CHANGELOG.md
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -182,15 +216,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.4.0
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.2.1
+signing_key:
 specification_version: 4
 summary: A CLI for the platform
 test_files: []