Home
Standards
Contribution
Script Documentation Spec

cloud/aws/ec2

list-instances.sh
start-instance.sh
stop-instance.sh
reboot-instance.sh
resize-instance.sh
tag-instance.sh
create-ami.sh
healthcheck.sh

cloud/aws/eks

create-cluster.sh
delete-cluster.sh
upgrade-cluster.sh
create-nodegroup.sh
scale-nodegroup.sh
delete-nodegroup.sh
kubeconfig-update.sh
cluster-healthcheck.sh

cloud/aws/iam

create-role.sh
attach-policy.sh
detach-policy.sh
rotate-access-keys.sh
audit-users.sh
least-privilege-report.sh

cloud/aws/rds

create-instance.sh
delete-instance.sh
snapshot-create.sh
snapshot-restore.sh
modify-instance.sh
rds-healthcheck.sh

cloud/aws/s3

create-bucket.sh
delete-bucket.sh
list-buckets.sh
sync-upload.sh
sync-download.sh
enable-versioning.sh
set-lifecycle.sh
public-access-block.sh

cloud/aws/vpc

create-vpc.sh
create-subnets.sh
create-nat-gateway.sh
create-route-tables.sh
delete-vpc-stack.sh
vpc-healthcheck.sh

cloud/gcp/compute

list-instances.sh
start-instance.sh
stop-instance.sh

cloud/gcp/gke

create-cluster.sh
delete-cluster.sh
cluster-healthcheck.sh

cloud/azure/vm

list-vms.sh
start-vm.sh
stop-vm.sh

cloud/azure/aks

create-cluster.sh
delete-cluster.sh
cluster-healthcheck.sh

databases/postgres

backup.sh
restore.sh
healthcheck.sh

databases/mysql

backup.sh
restore.sh
healthcheck.sh

git

branch-create.sh
branch-delete.sh
rebase-safe.sh
squash-branch.sh
tag-release.sh
generate-changelog.sh
validate-commit-msg.sh
pre-push-check.sh
repo-healthcheck.sh
clean-stale-branches.sh

setup/local

cleanup.sh
install-cli-tools.sh
setup-shell.sh
setup-ssh.sh
setup-gpg.sh
configure-git.sh
configure-kubectl.sh
configure-terraform.sh
verify-workstation.sh

setup/runner

bootstrap-linux-runner.sh
bootstrap-macos-runner.sh
cleanup.sh
configure.sh
install-docker.sh
install-k8s-tools.sh
install-cloud-clis.sh
runner-healthcheck.sh

setup/ci-agent

cleanup.sh
configure.sh

setup/kube-workstation

cleanup.sh
install.sh
verify.sh

setup/db-tools

cleanup.sh
configure.sh
verify.sh

setup/security-tools

cleanup.sh
verify.sh

shared/core

log-info.sh
log-warn.sh
log-error.sh
require-cmd.sh
require-env.sh
parse-args.sh
json-output.sh
tmpdir.sh
os-detect.sh
cleanup-trap.sh

shared/safety

retry.sh
with-timeout.sh
file-lock.sh
dry-run.sh
confirm-dangerous.sh
audit-event.sh

shared/logging

doc.sh
example.sh
test.sh

shared/validation

doc.sh
example.sh
test.sh

shared/retry

doc.sh
example.sh
test.sh

shared/timeout

doc.sh
example.sh
test.sh

shared/lock

doc.sh
example.sh
test.sh

cleanup.sh

Previous Next

Purpose

Clean stale temporary security artifacts (keys/certs/signature files) from a target directory.

Location

setup/security-tools/cleanup.sh

Preconditions

Required tools: bash, find
Required permissions: delete access to target directory
Required environment variables: none

Arguments

Flag	Required	Default	Description
`--temp-dir DIR`	No	`/tmp`	Temp directory to clean
`--days N`	No	`7`	Remove files older than N days
`--dry-run`	No	`false`	Print actions only

Usage

setup/security-tools/cleanup.sh --dry-run
setup/security-tools/cleanup.sh --temp-dir /var/tmp --days 3

Behavior

Removes matching key/cert/signature file patterns older than threshold.

Output

Dry-run listing or silent deletion.

Failure Modes

Permission denied while deleting files.

Security Notes

Helps reduce long-lived sensitive temp artifacts.

Testing

Verify with sample files in isolated temp directories.

verify.sh verify.sh

Home Standards Contribution Script Documentation Spec

cloud/aws/ec2

list-instances.sh start-instance.sh stop-instance.sh reboot-instance.sh resize-instance.sh tag-instance.sh create-ami.sh healthcheck.sh

cloud/aws/eks

create-cluster.sh delete-cluster.sh upgrade-cluster.sh create-nodegroup.sh scale-nodegroup.sh delete-nodegroup.sh kubeconfig-update.sh cluster-healthcheck.sh

cloud/aws/iam

create-role.sh attach-policy.sh detach-policy.sh rotate-access-keys.sh audit-users.sh least-privilege-report.sh

cloud/aws/rds

create-instance.sh delete-instance.sh snapshot-create.sh snapshot-restore.sh modify-instance.sh rds-healthcheck.sh

cloud/aws/s3

create-bucket.sh delete-bucket.sh list-buckets.sh sync-upload.sh sync-download.sh enable-versioning.sh set-lifecycle.sh public-access-block.sh

cloud/aws/vpc

create-vpc.sh create-subnets.sh create-nat-gateway.sh create-route-tables.sh delete-vpc-stack.sh vpc-healthcheck.sh

cloud/gcp/compute

list-instances.sh start-instance.sh stop-instance.sh

cloud/gcp/gke

create-cluster.sh delete-cluster.sh cluster-healthcheck.sh

cloud/azure/vm

list-vms.sh start-vm.sh stop-vm.sh

cloud/azure/aks

create-cluster.sh delete-cluster.sh cluster-healthcheck.sh

databases/postgres

backup.sh restore.sh healthcheck.sh

databases/mysql

backup.sh restore.sh healthcheck.sh

git

branch-create.sh branch-delete.sh rebase-safe.sh squash-branch.sh tag-release.sh generate-changelog.sh validate-commit-msg.sh pre-push-check.sh repo-healthcheck.sh clean-stale-branches.sh

setup/local

cleanup.sh install-cli-tools.sh setup-shell.sh setup-ssh.sh setup-gpg.sh configure-git.sh configure-kubectl.sh configure-terraform.sh verify-workstation.sh

setup/runner

bootstrap-linux-runner.sh bootstrap-macos-runner.sh cleanup.sh configure.sh install-docker.sh install-k8s-tools.sh install-cloud-clis.sh runner-healthcheck.sh

setup/ci-agent

cleanup.sh configure.sh

setup/kube-workstation

cleanup.sh install.sh verify.sh

setup/db-tools

cleanup.sh configure.sh verify.sh

setup/security-tools

cleanup.sh verify.sh

shared/core

log-info.sh log-warn.sh log-error.sh require-cmd.sh require-env.sh parse-args.sh json-output.sh tmpdir.sh os-detect.sh cleanup-trap.sh

shared/safety

retry.sh with-timeout.sh file-lock.sh dry-run.sh confirm-dangerous.sh audit-event.sh

shared/logging

doc.sh example.sh test.sh

shared/validation

doc.sh example.sh test.sh

shared/retry

doc.sh example.sh test.sh

shared/timeout

doc.sh example.sh test.sh

shared/lock

doc.sh example.sh test.sh

On This Page

Purpose Location Preconditions Arguments Usage Behavior Output Failure Modes Security Notes Testing