Search for plaintext secrets in inventory

[adrianchifor]

Maybe check the keys containing

*key*  *pass*  *token*  *secret*  *pin*  *security*  *crypto*

and check the value entropy.

We should ignore gpg references.

Can be integrated as part of kapitan lint

[uberspot]

For reference: https://github.com/Yelp/detect-secrets/ and https://github.com/dxa4481/truffleHog/ seem to already do the same and more advanced checks and can be added to CI/CD pipelines. I'd recommend closing the issue.