Redflag/docs/historical/DEC20_CLEANUP_PLAN.md

# RedFlag v0.1.27 Cleanup Plan
**Date**: December 20, 2025
**Action Date**: December 20, 2025
**Status**: Implementation Ready

---

## Executive Summary

Based on definitive code forensics, we need to clean up the RedFlag repository to align with ETHOS principles and proper Go project conventions.

**Critical Finding**: Multiple development tools and misleading naming conventions clutter the repository with files that are either unused, duplicates, or improperly located.

**Impact**: These files create confusion, violate Go project conventions, and clutter the repository root without providing value.

---

## Definitive Findings (Evidence-Based)

### 1. Build Process Analysis

**Scripts/Build Files**:
- `scripts/build-secure-agent.sh` - **USED** (by Makefile, line 30)
- `scripts/generate-keypair.go` - **NOT USED** (manual utility, no references)
- `cmd/tools/keygen/main.go` - **NOT USED** (manual utility, no references)

**Findings**:
- The build process does NOT generate keys during compilation
- Keys are generated during initial server setup (web UI) and stored in environment
- Both Makefile targets do identical operations (no difference between "simple" and "secure")
- Agent build is just `go build` with no special flags or key embedding

### 2. Key Generation During Setup

**Setup Process**:
- **YES**, keys are generated during server initial setup at `/api/setup/generate-keys`
- **Location**: `aggregator-server/internal/api/handlers/setup.go:469`
```go
publicKey, privateKey, err := ed25519.GenerateKey(rand.Reader)
```
- **Purpose**: Server setup page generates keys and user copies them to `.env`
- **Semi-manual**: It's the **only** manual step in entire setup process

### 3. Keygen Tool Purpose

**What it is**: Standalone utility to extract public key from private key
**Used**: **NOWHERE** - Not referenced anywhere in automated build/setup
**Should be removed**: Yes - clutters cmd/ structure without providing value

### 4. Repository Structure Issues

**Current**:
```
Root:
├── scripts/
│   └── generate-keypair.go (UNUSED - should be removed)
└── cmd/tools/
    └── keygen/main.go (UNUSED - should be removed)
```

**Problems**:
1. Root-level `cmd/tools/` creates unnecessary subdirectory depth
2. `generate-keypair.go` clutters root with unused file
3. Files not following Go conventions

---

## Actions Required

### REMOVE (4 items)

**1. REMOVE `/home/casey/Projects/RedFlag/scripts/generate-keypair.go`**
- **Reason**: Not used anywhere in codebase (definitive find - no references)
- **Impact**: None - nothing references this file

**2. REMOVE `/home/casey/Projects/RedFlag/cmd/tools/` directory**
- **Reason**: Contains only `keygen/main.go` which is not used
- **Impact**: Removes unused utility that clutters cmd/ structure

**3. REMOVE `/home/casey/Projects/RedFlag/cmd/tools/` (empty after removal)**

**4. REMOVE `/home/casey/Projects/RedFlag/scripts/generate-keypair.go`** already done above

### MODIFY (1 file)

**5. MODIFY `/home/casey/Projects/RedFlag/scripts/build-secure-agent.sh`**
**Reason**: Uses emojis (🔨, ✅, ℹ️) - violates ETHOS #5
**Changes**:
- Remove line 13: 🔨 emoji
- Remove line 19: ✅ emoji
- Remove line 21: ℹ️ emoji
- Replace with: `[INFO] [build] Building agent...` etc.

### KEEP (2 items)

**6. KEEP `/home/casey/Projects/RedFlag/scripts/`**
- **Reason**: Contains `build-secure-agent.sh` which is actually used (referenced in Makefile)
- **Note**: Should only contain shell scripts, not Go utilities

**7. KEEP `/home/casey/Projects/RedFlag/scripts/build-secure-agent.sh`**
- **Reason**: Actually used in Makefile line 30
- **Note**: Must be fixed per item #5

---

## Post-Cleanup Repository Structure

### Root Level (Clean)
```
RedFlag/
├── aggregator-agent/          (Agent code - production)
├── aggregator-server/         (Server code - production)
├── aggregator-web/           (Web dashboard - production)
├── cmd/                      (CLI tools - production only)
├── scripts/                  (Build scripts ONLY)
│   └── build-secure-agent.sh (USED by Makefile - MUST FIX)
├── docs/                     (Documentation)
├── Makefile                  (Build orchestration)
├── .gitignore               (Comprehensive)
├── docker-compose.yml       (Docker orchestration)
├── LICENSE                  (MIT)
├── README.md                (Updated plan)
└── DEC20_CLEANUP_PLAN.md    (This document)
```

**Key Principles**:
- Only production code in root
- Build scripts in `scripts/`
- CLI tools in `cmd/` (if used)
- No development artifacts
- ETHOS compliant throughout

---

## Implementation Steps

### Step 1: Remove Unused Files
```bash
cd /home/casey/Projects/RedFlag

# Remove from git tracking (keep locally with --cached)
git rm --cached scripts/generate-keypair.go
git rm --cached -r cmd/tools/
```

### Step 2: Fix build-secure-agent.sh Ethos Violations
```bash
# Edit scripts/build-secure-agent.sh
# Remove lines 13, 19, 21 (remove emojis)
# Replace with proper logging format
```

### Step 3: Commit and Push
```bash
git commit -m "cleanup: Remove unused files, fix ETHOS violations"
git push https://Fimeg:YOUR_TOKEN@codeberg.org/Fimeg/RedFlag.git feature/agent-subsystems-logging --force
```

---

## Verification Plan

1. **Check no references remain**:
   ```bash
   git ls-tree -r HEAD | grep -E "(generate-keypair|cmd/tools)" || echo "Clean"
   ```

2. **Verify build still works**:
   ```bash
   make -f aggregator-server/Makefile build-agent-simple
   ```

3. **Verify .gitignore updated**:
   ```bash
   git check-attr .gitignore
   ```

---

## Next Steps

**After Cleanup**:
1. Test v0.1.27 functionality (migrations, rapid scanning)
2. Tag release v0.1.27
3. Update documentation to reflect cleanup
4. Continue with v0.1.28 roadmap

**Timeline**: Complete today, December 20, 2025

---

**Prepared by**: Casey Tunturi (RedFlag Author)
**Based on**: Definitive code forensics and ETHOS principles
**Status**: Ready for implementation