diff --git a/Containerfile b/Containerfile
index 9061482..87721d6 100644
--- a/Containerfile
+++ b/Containerfile
@@ -1,5 +1,5 @@
 FROM codycode/okd-tools:4.10.0
 RUN apk --no-cache add zsh jq git
-COPY check_all.sh .
-RUN chmod +x check_all.sh
+COPY check_all.sh git_askpass.sh .
+RUN chmod +x check_all.sh git_askpass.sh
 CMD ./check_all.sh
diff --git a/check_all.sh b/check_all.sh
index 40c22b0..1b7b1d9 100755
--- a/check_all.sh
+++ b/check_all.sh
@@ -2,6 +2,10 @@
 
 echo "Git Poll Check All v1.2"
 
+echo
+echo "Checking \"basic\" type projects"
+echo
+
 buildconfigs=$( oc get buildconfigs -A -l gitpoller.unstable.tech/type=basic -o json )
 
 jq ".items[]" -c <<< $buildconfigs | while read -r line; do;
@@ -21,4 +25,56 @@ jq ".items[]" -c <<< $buildconfigs | while read -r line; do;
   fi
 done
 
+echo
+echo "Checking \"secure\" type projects"
+echo
+
+buildconfigs=$( oc get buildconfigs -A -l gitpoller.unstable.tech/type=secure -o json )
+
+jq ".items[]" -c <<< $buildconfigs | while read -r line; do;
+  # jq <<< $line
+  name=$(jq -r ".metadata.name" <<< $line)
+  namespace=$(jq -r '.metadata.namespace' <<< $line)
+  gituri=$(jq -r ".spec.source.git.uri" <<< $line)
+  gitref=$(jq -r ".spec.source.git.ref // \"main\"" <<< $line)
+  GIT_TOKEN=""
+  sourceSecretName=$(jq -r ".spec.source.sourceSecret.name" <<< $line)
+  sourceSecret=$(oc get -n "$namespace" secret "$sourceSecretName" -o json)
+  # echo $sourceSecret
+  sourceSecretType=$(jq -r ".type" <<< $sourceSecret)
+  case $sourceSecretType in
+    "kubernetes.io/basic-auth")
+      GIT_TOKEN=$(jq -r '.data.password' <<< $sourceSecret | base64 -D)
+      gitUsername=$(jq -r '.data.username' <<< $sourceSecret)
+      if [[ "$gitUsername" != "" ]]; then
+        IFS=":" read -r gitProtocol gitUriFragment <<< $gituri
+        gituri="$gitProtocol://$gitUsername@${gitUriFragment:2}"
+        echo $gituri
+      fi
+      ;;
+    "kubernetes.io/ssh-auth")
+      keyfile=$(mktemp)
+      jq -r ".data.\"ssh-privatekey\"" <<< $sourceSecret | base64 -D > $keyfile
+      ;;
+    *)
+      echo "UNSUPPORTED buildConfig sourceSecret TYPE"
+      ;;
+  esac
+  echo $GIT_TOKEN
+  echo "$name = $gituri:$gitref"
+  ref=$(GIT_ASKPASS=$(pwd)/git_askpass.sh GIT_SSH_COMMAND="ssh -i $keyfile -o IdentitiesOnly=yes" GIT_TOKEN="$GIT_TOKEN" git ls-remote -h "$gituri" "refs/heads/$gitref" | cut -f1)
+  if [[ -v keyfile && -f $keyfile ]]; then
+    rm -f $keyfile #cleanup
+  fi
+  checkref=$(jq -r ".metadata.annotations.\"gitpoller.unstable.tech/lastref\"" <<< $line)
+  if [[ "$ref" != "$checkref" ]]; then
+    echo "Update needed for $namespace / $name"
+    oc start-build -n "$namespace" "$name" -w && oc annotate -n "$namespace" --overwrite buildconfig "$name" "gitpoller.unstable.tech/lastref=$ref"
+  else
+    echo "$namespace / $name is up to date"
+  fi
+done
+
+# echo $buildconfigs
+
 echo done
diff --git a/git_askpass.sh b/git_askpass.sh
new file mode 100755
index 0000000..8176846
--- /dev/null
+++ b/git_askpass.sh
@@ -0,0 +1,2 @@
+#!/usr/bin/env zsh
+echo $GIT_TOKEN