Add Kingfisher secret scanner CronJob #317

Merged

eblume merged 2 commits from feature/kingfisher-cronjob into main

2026-03-28 21:39:56 -07:00

Author	SHA1	Message	Date
Erich Blume	b682128b84	Scope Kingfisher scan to eblume user only Mirror repos clone via forge.eblu.me (Fly.io roundtrip) instead of forge.ops.eblu.me (direct tailnet). Until we add a clone URL rewrite option, skip mirrors to avoid unnecessary external bandwidth. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 21:32:45 -07:00
Erich Blume	c0c83f52fe	Add Kingfisher secret scanner CronJob Weekly scan of all Forgejo repos (Sunday 4am) using MongoDB's Kingfisher tool. Produces HTML and JSON reports on sifaka NFS. Uses official container image with Forgejo API token via ExternalSecret from 1Password. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-28 21:12:12 -07:00

Author

SHA1

Message

Date

Erich Blume

b682128b84

Scope Kingfisher scan to eblume user only

Mirror repos clone via forge.eblu.me (Fly.io roundtrip) instead of
forge.ops.eblu.me (direct tailnet). Until we add a clone URL rewrite
option, skip mirrors to avoid unnecessary external bandwidth.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-28 21:32:45 -07:00

Erich Blume

c0c83f52fe

Add Kingfisher secret scanner CronJob

Weekly scan of all Forgejo repos (Sunday 4am) using MongoDB's
Kingfisher tool. Produces HTML and JSON reports on sifaka NFS.
Uses official container image with Forgejo API token via
ExternalSecret from 1Password.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-28 21:12:12 -07:00