control 'kube-1.0' do
title 'CVE-2018-1002105'
impact 1.0
version = command('kubectl version --short').stdout.match(/Server Version: v(.*)/)[1]
case version
when /1.[0-9]\./
describe 'Kube version 1.0.x - 1.9.x' do
it 'should be greater or equal to 1.10.0' do
expect(version).to be >= '1.10.0'

Chef Node Attributes in InSpec

Chef, InSpec, Node Attributes, what are they!?!

Chef and InSpec are open source products made by Chef Software and each fulfill separate needs in their respective problem spaces. That doesn't mean they shouldn't be used together though. Pairing configuration management (Chef) and infrastructure/application testing (InSpec) is a wonderful thing. It is made even more delightful when the same company (and in most cases the same humans) work on the tools to pair them.

That being said, convenience and in some cases developer intuition can lead to unintended and sometimes dangerous consequences. This blog post was created to highlight those consequences.

Chef Node Attributes

-----> Installing Chef Omnibus (install only if missing)
Downloading package from
Download complete.
Successfully verified C:\Users\azure\AppData\Local\Temp\chef-client-14.11.21-1-x64.msi
Installing Chef Omnibus package C:\Users\azure\AppData\Local\Temp\chef-client-14.11.21-1-x64.msi
$$$$$$ Get-PlatformVersion$env:http_proxy : The term 'Get-PlatformVersion$env:http_proxy' is not recognized as the name of a
$$$$$$ cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify
$$$$$$ that the path is correct and try again.
$$$$$$ At C:\windows\temp\winrm-elevated-shell-d5dd57c3-963f-41b1-bc7d-f6f6890ed2bf.ps1:181 char:21
$$$$$$ + $platform_version = Get-PlatformVersion$env:http_proxy = "http://np1p ...
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).
{ config, pkgs, ... }:
imports =
[ # Include the results of the hardware scan.
{ config, pkgs, ... }:
imports =
[ # Include the results of the hardware scan.
home-manager.users.jerry = {
