# RedFlag v0.1.27 Cleanup Plan **Date**: December 20, 2025 **Action Date**: December 20, 2025 **Status**: Implementation Ready --- ## Executive Summary Based on definitive code forensics, we need to clean up the RedFlag repository to align with ETHOS principles and proper Go project conventions. **Critical Finding**: Multiple development tools and misleading naming conventions clutter the repository with files that are either unused, duplicates, or improperly located. **Impact**: These files create confusion, violate Go project conventions, and clutter the repository root without providing value. --- ## Definitive Findings (Evidence-Based) ### 1. Build Process Analysis **Scripts/Build Files**: - `scripts/build-secure-agent.sh` - **USED** (by Makefile, line 30) - `scripts/generate-keypair.go` - **NOT USED** (manual utility, no references) - `cmd/tools/keygen/main.go` - **NOT USED** (manual utility, no references) **Findings**: - The build process does NOT generate keys during compilation - Keys are generated during initial server setup (web UI) and stored in environment - Both Makefile targets do identical operations (no difference between "simple" and "secure") - Agent build is just `go build` with no special flags or key embedding ### 2. Key Generation During Setup **Setup Process**: - **YES**, keys are generated during server initial setup at `/api/setup/generate-keys` - **Location**: `aggregator-server/internal/api/handlers/setup.go:469` ```go publicKey, privateKey, err := ed25519.GenerateKey(rand.Reader) ``` - **Purpose**: Server setup page generates keys and user copies them to `.env` - **Semi-manual**: It's the **only** manual step in entire setup process ### 3. Keygen Tool Purpose **What it is**: Standalone utility to extract public key from private key **Used**: **NOWHERE** - Not referenced anywhere in automated build/setup **Should be removed**: Yes - clutters cmd/ structure without providing value ### 4. Repository Structure Issues **Current**: ``` Root: ├── scripts/ │ └── generate-keypair.go (UNUSED - should be removed) └── cmd/tools/ └── keygen/main.go (UNUSED - should be removed) ``` **Problems**: 1. Root-level `cmd/tools/` creates unnecessary subdirectory depth 2. `generate-keypair.go` clutters root with unused file 3. Files not following Go conventions --- ## Actions Required ### REMOVE (4 items) **1. REMOVE `/home/casey/Projects/RedFlag/scripts/generate-keypair.go`** - **Reason**: Not used anywhere in codebase (definitive find - no references) - **Impact**: None - nothing references this file **2. REMOVE `/home/casey/Projects/RedFlag/cmd/tools/` directory** - **Reason**: Contains only `keygen/main.go` which is not used - **Impact**: Removes unused utility that clutters cmd/ structure **3. REMOVE `/home/casey/Projects/RedFlag/cmd/tools/` (empty after removal)** **4. REMOVE `/home/casey/Projects/RedFlag/scripts/generate-keypair.go`** already done above ### MODIFY (1 file) **5. MODIFY `/home/casey/Projects/RedFlag/scripts/build-secure-agent.sh`** **Reason**: Uses emojis (🔨, ✅, ℹ️) - violates ETHOS #5 **Changes**: - Remove line 13: 🔨 emoji - Remove line 19: ✅ emoji - Remove line 21: ℹ️ emoji - Replace with: `[INFO] [build] Building agent...` etc. ### KEEP (2 items) **6. KEEP `/home/casey/Projects/RedFlag/scripts/`** - **Reason**: Contains `build-secure-agent.sh` which is actually used (referenced in Makefile) - **Note**: Should only contain shell scripts, not Go utilities **7. KEEP `/home/casey/Projects/RedFlag/scripts/build-secure-agent.sh`** - **Reason**: Actually used in Makefile line 30 - **Note**: Must be fixed per item #5 --- ## Post-Cleanup Repository Structure ### Root Level (Clean) ``` RedFlag/ ├── aggregator-agent/ (Agent code - production) ├── aggregator-server/ (Server code - production) ├── aggregator-web/ (Web dashboard - production) ├── cmd/ (CLI tools - production only) ├── scripts/ (Build scripts ONLY) │ └── build-secure-agent.sh (USED by Makefile - MUST FIX) ├── docs/ (Documentation) ├── Makefile (Build orchestration) ├── .gitignore (Comprehensive) ├── docker-compose.yml (Docker orchestration) ├── LICENSE (MIT) ├── README.md (Updated plan) └── DEC20_CLEANUP_PLAN.md (This document) ``` **Key Principles**: - Only production code in root - Build scripts in `scripts/` - CLI tools in `cmd/` (if used) - No development artifacts - ETHOS compliant throughout --- ## Implementation Steps ### Step 1: Remove Unused Files ```bash cd /home/casey/Projects/RedFlag # Remove from git tracking (keep locally with --cached) git rm --cached scripts/generate-keypair.go git rm --cached -r cmd/tools/ ``` ### Step 2: Fix build-secure-agent.sh Ethos Violations ```bash # Edit scripts/build-secure-agent.sh # Remove lines 13, 19, 21 (remove emojis) # Replace with proper logging format ``` ### Step 3: Commit and Push ```bash git commit -m "cleanup: Remove unused files, fix ETHOS violations" git push https://Fimeg:YOUR_TOKEN@codeberg.org/Fimeg/RedFlag.git feature/agent-subsystems-logging --force ``` --- ## Verification Plan 1. **Check no references remain**: ```bash git ls-tree -r HEAD | grep -E "(generate-keypair|cmd/tools)" || echo "Clean" ``` 2. **Verify build still works**: ```bash make -f aggregator-server/Makefile build-agent-simple ``` 3. **Verify .gitignore updated**: ```bash git check-attr .gitignore ``` --- ## Next Steps **After Cleanup**: 1. Test v0.1.27 functionality (migrations, rapid scanning) 2. Tag release v0.1.27 3. Update documentation to reflect cleanup 4. Continue with v0.1.28 roadmap **Timeline**: Complete today, December 20, 2025 --- **Prepared by**: Casey Tunturi (RedFlag Author) **Based on**: Definitive code forensics and ETHOS principles **Status**: Ready for implementation