"This resource kind is not supported by kubesec" when scanning files containing multiple seperated specs

[huornlmj]

Describe the bug
If a file contains multiple specifications separated by three hyphens (---), kubesec fails the scan with "This resource kind is not supported by kubesec".

To Reproduce
kubesec scan (a pod spec file containing multiple specs separated by triple hyphens)

Expected behaviour
A pass / fail result should be shown, with kubesec parsing each spec individually.

Additional context
A workaround is to manually separate the individual specs into individual files and scan them with kubesec. But only one of the resulting files is scannable by kubesec.

[06kellyjac]

kubesec itself is the tool at the core of it and outputs json by default, you can then parse the JSON to check if the output meets your requirements e.g. a score > 0, or criticals is empty etc
You can define and check these requirements either using some simple JSON parsing with jq and bash to check the values, or you could feed it into OPA and write rego polices.

controlplaneio/kubectl-kubesec#53 (comment)