-
Notifications
You must be signed in to change notification settings - Fork 28
Getting Started
Mick Grove edited this page Aug 11, 2025
·
10 revisions
brew install kingfisherPre-built binaries are available on the Releases page.
Installation via UBI
macOS / Linux
curl --silent --location https://raw.githubusercontent.com/houseabsolute/ubi/master/bootstrap/bootstrap-ubi.sh | sh && \
ubi --project mongodb/kingfisher --in "$HOME/bin"Windows
powershell -exec bypass -c "Invoke-WebRequest -URI 'https://raw.githubusercontent.com/houseabsolute/ubi/master/bootstrap/bootstrap-ubi.ps1' -UseBasicParsing | Invoke-Expression" && ubi --project mongodb/kingfisher --in .Requires Docker for Linux builds and the appropriate host platform for macOS or Windows builds.
make linux #requires Docker
make darwin #requires a macOS host
./buildwin.bat -force #requires a Windows host with Visual Studio and ChocolateyCheck that Kingfisher was installed correctly and view the available commands:
kingfisher --version
kingfisher --helpThe --help output lists all available subcommands and flags. For deeper CLI
help on a specific command, run kingfisher <command> --help.
# GitHub Container Registry
docker run --rm ghcr.io/mongodb/kingfisher:latest --version
# Scan the current working directory
docker run --rm \
-v "$PWD":/src \
ghcr.io/mongodb/kingfisher:latest scan /src
# Scan while providing a GitHub token
docker run --rm \
-e KF_GITHUB_TOKEN=ghp_… \
-v "$PWD":/proj \
ghcr.io/mongodb/kingfisher:latest \
scan --git-url https://github.com/org/private_repo.gitkingfisher scan /path/to/code
After your first scan, explore the Usage section to learn how to scan additional targets such as Git repositories, S3 buckets, Docker images, Jira issues, and Slack messages. The Usage section also walks through managing baselines, writing custom rules, and other advanced workflows.