Fimeg/Redflag
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Redflag/docs/historical/DEC20_CLEANUP_PLAN.md

5.9 KiB
Raw Permalink Blame History

RedFlag v0.1.27 Cleanup Plan

Date: December 20, 2025 Action Date: December 20, 2025 Status: Implementation Ready

Executive Summary

Based on definitive code forensics, we need to clean up the RedFlag repository to align with ETHOS principles and proper Go project conventions.

Critical Finding: Multiple development tools and misleading naming conventions clutter the repository with files that are either unused, duplicates, or improperly located.

Impact: These files create confusion, violate Go project conventions, and clutter the repository root without providing value.

Definitive Findings (Evidence-Based)

1. Build Process Analysis

Scripts/Build Files:

  • scripts/build-secure-agent.sh - USED (by Makefile, line 30)
  • scripts/generate-keypair.go - NOT USED (manual utility, no references)
  • cmd/tools/keygen/main.go - NOT USED (manual utility, no references)

Findings:

  • The build process does NOT generate keys during compilation
  • Keys are generated during initial server setup (web UI) and stored in environment
  • Both Makefile targets do identical operations (no difference between "simple" and "secure")
  • Agent build is just go build with no special flags or key embedding

2. Key Generation During Setup

Setup Process:

  • YES, keys are generated during server initial setup at /api/setup/generate-keys
  • Location: aggregator-server/internal/api/handlers/setup.go:469
publicKey, privateKey, err := ed25519.GenerateKey(rand.Reader)
  • Purpose: Server setup page generates keys and user copies them to .env
  • Semi-manual: It's the only manual step in entire setup process

3. Keygen Tool Purpose

What it is: Standalone utility to extract public key from private key Used: NOWHERE - Not referenced anywhere in automated build/setup Should be removed: Yes - clutters cmd/ structure without providing value

4. Repository Structure Issues

Current:

Root:
├── scripts/
│   └── generate-keypair.go (UNUSED - should be removed)
└── cmd/tools/
    └── keygen/main.go (UNUSED - should be removed)

Problems:

  1. Root-level cmd/tools/ creates unnecessary subdirectory depth
  2. generate-keypair.go clutters root with unused file
  3. Files not following Go conventions

Actions Required

REMOVE (4 items)

1. REMOVE /home/casey/Projects/RedFlag/scripts/generate-keypair.go

  • Reason: Not used anywhere in codebase (definitive find - no references)
  • Impact: None - nothing references this file

2. REMOVE /home/casey/Projects/RedFlag/cmd/tools/ directory

  • Reason: Contains only keygen/main.go which is not used
  • Impact: Removes unused utility that clutters cmd/ structure

3. REMOVE /home/casey/Projects/RedFlag/cmd/tools/ (empty after removal)

4. REMOVE /home/casey/Projects/RedFlag/scripts/generate-keypair.go already done above

MODIFY (1 file)

5. MODIFY /home/casey/Projects/RedFlag/scripts/build-secure-agent.sh Reason: Uses emojis (🔨, , ) - violates ETHOS #5 Changes:

  • Remove line 13: 🔨 emoji
  • Remove line 19: emoji
  • Remove line 21: emoji
  • Replace with: [INFO] [build] Building agent... etc.

KEEP (2 items)

6. KEEP /home/casey/Projects/RedFlag/scripts/

  • Reason: Contains build-secure-agent.sh which is actually used (referenced in Makefile)
  • Note: Should only contain shell scripts, not Go utilities

7. KEEP /home/casey/Projects/RedFlag/scripts/build-secure-agent.sh

  • Reason: Actually used in Makefile line 30
  • Note: Must be fixed per item #5

Post-Cleanup Repository Structure

Root Level (Clean)

RedFlag/
├── aggregator-agent/          (Agent code - production)
├── aggregator-server/         (Server code - production)
├── aggregator-web/           (Web dashboard - production)
├── cmd/                      (CLI tools - production only)
├── scripts/                  (Build scripts ONLY)
│   └── build-secure-agent.sh (USED by Makefile - MUST FIX)
├── docs/                     (Documentation)
├── Makefile                  (Build orchestration)
├── .gitignore               (Comprehensive)
├── docker-compose.yml       (Docker orchestration)
├── LICENSE                  (MIT)
├── README.md                (Updated plan)
└── DEC20_CLEANUP_PLAN.md    (This document)

Key Principles:

  • Only production code in root
  • Build scripts in scripts/
  • CLI tools in cmd/ (if used)
  • No development artifacts
  • ETHOS compliant throughout

Implementation Steps

Step 1: Remove Unused Files

cd /home/casey/Projects/RedFlag

# Remove from git tracking (keep locally with --cached)
git rm --cached scripts/generate-keypair.go
git rm --cached -r cmd/tools/

Step 2: Fix build-secure-agent.sh Ethos Violations

# Edit scripts/build-secure-agent.sh
# Remove lines 13, 19, 21 (remove emojis)
# Replace with proper logging format

Step 3: Commit and Push

git commit -m "cleanup: Remove unused files, fix ETHOS violations"
git push https://Fimeg:YOUR_TOKEN@codeberg.org/Fimeg/RedFlag.git feature/agent-subsystems-logging --force

Verification Plan

  1. Check no references remain:

    git ls-tree -r HEAD | grep -E "(generate-keypair|cmd/tools)" || echo "Clean"

  2. Verify build still works:

    make -f aggregator-server/Makefile build-agent-simple

  3. Verify .gitignore updated:

    git check-attr .gitignore

Next Steps

After Cleanup:

  1. Test v0.1.27 functionality (migrations, rapid scanning)
  2. Tag release v0.1.27
  3. Update documentation to reflect cleanup
  4. Continue with v0.1.28 roadmap

Timeline: Complete today, December 20, 2025

Prepared by: Casey Tunturi (RedFlag Author) Based on: Definitive code forensics and ETHOS principles Status: Ready for implementation

Reference in New Issue View Git Blame Copy Permalink