"This resource kind is not supported by kubesec" when scanning files containing multiple seperated specs #287

huornlmj · 2022-03-01T12:27:58Z

Describe the bug
If a file contains multiple specifications separated by three hyphens (---), kubesec fails the scan with "This resource kind is not supported by kubesec".

To Reproduce
kubesec scan (a pod spec file containing multiple specs separated by triple hyphens)

Expected behaviour
A pass / fail result should be shown, with kubesec parsing each spec individually.

Additional context
A workaround is to manually separate the individual specs into individual files and scan them with kubesec. But only one of the resulting files is scannable by kubesec.

06kellyjac · 2022-09-07T10:53:50Z

kubesec itself is the tool at the core of it and outputs json by default, you can then parse the JSON to check if the output meets your requirements e.g. a score > 0, or criticals is empty etc
You can define and check these requirements either using some simple JSON parsing with jq and bash to check the values, or you could feed it into OPA and write rego polices.

controlplaneio/kubectl-kubesec#53 (comment)

huornlmj added the bug label Mar 1, 2022

06kellyjac mentioned this issue Sep 7, 2022

for configmap kubesec is not working #339

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

"This resource kind is not supported by kubesec" when scanning files containing multiple seperated specs #287

"This resource kind is not supported by kubesec" when scanning files containing multiple seperated specs #287

huornlmj commented Mar 1, 2022

06kellyjac commented Sep 7, 2022

"This resource kind is not supported by kubesec" when scanning files containing multiple seperated specs #287

"This resource kind is not supported by kubesec" when scanning files containing multiple seperated specs #287

Comments

huornlmj commented Mar 1, 2022

06kellyjac commented Sep 7, 2022