{"id":30221602,"url":"https://github.com/openbankproject/obp-keycloak-provider","last_synced_at":"2026-01-20T17:42:47.231Z","repository":{"id":306498445,"uuid":"1020733144","full_name":"OpenBankProject/OBP-Keycloak-Provider","owner":"OpenBankProject","description":null,"archived":false,"fork":false,"pushed_at":"2025-08-07T09:59:56.000Z","size":157,"stargazers_count":0,"open_issues_count":2,"forks_count":2,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-08-07T11:36:04.451Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OpenBankProject.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-07-16T10:05:47.000Z","updated_at":"2025-08-07T10:00:00.000Z","dependencies_parsed_at":"2025-07-26T03:53:08.792Z","dependency_job_id":null,"html_url":"https://github.com/OpenBankProject/OBP-Keycloak-Provider","commit_stats":null,"previous_names":["openbankproject/obp-keycloak-provider"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/OpenBankProject/OBP-Keycloak-Provider","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenBankProject%2FOBP-Keycloak-Provider","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenBankProject%2FOBP-Keycloak-Provider/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenBankProject%2FOBP-Keycloak-Provider/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenBankProject%2FOBP-Keycloak-Provider/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OpenBankProject","download_url":"https://codeload.github.com/OpenBankProject/OBP-Keycloak-Provider/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenBankProject%2FOBP-Keycloak-Provider/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270401635,"owners_count":24577263,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-14T02:00:10.309Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-08-14T10:12:07.522Z","updated_at":"2026-01-20T17:42:47.225Z","avatar_url":"https://github.com/OpenBankProject.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Keycloak provider for user federation in Postgres\n\nThis project demonstrates the ability to use Postgres as user storage provider of Keycloak with **cloud-native runtime configuration** support and **separated database architecture**.\n\n## 🔄 Database Architecture\n\n**Important**: This project now uses **separated databases** for better security and maintainability:\n\n- **Keycloak Internal Database**: Stores realms, clients, tokens, sessions (Port 5433)\n- **User Storage Database**: Contains your external user data for federation (Port 5434)\n\n\n\n## 🚀 Cloud-Native Features\n\n- ✅ **Runtime Configuration**: Environment variables read at runtime (no build-time injection)\n- ✅ **Cloud Ready**: Native support for environment-based configuration\n- ✅ **Docker Hub Compatible**: Generic images that work across all environments\n- ✅ **12-Factor App Compliant**: Follows modern cloud-native principles\n- ✅ **CI/CD Friendly**: \"Build once, deploy everywhere\" approach\n\n## 🔒 Security Features\n\n- ✅ **View-Based Access**: Uses `v_oidc_users` view for secure, read-only data access\n- ✅ **Read-Only Operations**: All write operations (INSERT, UPDATE, DELETE) are disabled\n- ✅ **Minimal Permissions**: Dedicated `oidc_user` with SELECT-only database permissions\n- ✅ **Column Filtering**: Only OIDC-required fields exposed through database view\n- ✅ **User Validation**: Only validated users accessible through OIDC authentication\n\n## Requirements\n\nThe following software is required to work build it locally:\n\n* [Git](https://git-scm.com) 2.2.1 or later\n* [Docker Engine](https://docs.docker.com/engine/install/) or [Docker Desktop](https://docs.docker.com/desktop/) 1.9 or later\n* [Maven](https://maven.apache.org/) 3.8.5 or later\n* [Java](https://www.java.com/ru/) 17 or later\n\nSee the links above for installation instructions on your platform. You can verify the versions are installed and running:\n\n    $ git --version\n    $ curl -V\n    $ mvn -version\n    $ docker --version\n    $ java --version\n\n\n\n## 🔧 Quick Configuration\n\n### View-Based Access (Recommended for Production)\n\n```bash\n# Environment variables for secure view-based access\nDB_USER=oidc_user\nDB_PASSWORD=your_secure_password\nDB_AUTHUSER_TABLE=v_oidc_users\n```\n\n**Benefits:**\n- Enhanced security through PostgreSQL view filtering\n- Read-only access prevents accidental data modification\n- Only validated users are accessible through OIDC\n- Minimal database permissions for the application user\n\n### Direct Table Access (Development/Legacy)\n\n```bash\n# Environment variables for direct table access\nDB_USER=obp\nDB_PASSWORD=f\nDB_AUTHUSER_TABLE=authuser\n```\n\nSee the configuration examples below for detailed setup instructions.\n\n## Usage\n### Docker containers\n[Postgres](https://www.postgresql.org/) - database for which we want to store User Federation.\n\n[Keycloak](https://www.keycloak.org/) - KC container with custom certificate, for use over `https`. The container is described in [Dockerfile](/docker/Dockerfile).\n\n### CI/CD and Automation\n\nThe project includes GitHub Actions workflows for automated builds and deployments:\n- **Automated container builds** on pushes to main branch\n- **Multi-architecture support** with alternative Dockerfiles\n- **Dependency updates** via Dependabot\n- **Container signing** with Cosign for security\n\n### Theming Support\n\nThe project includes a comprehensive **OBP Theme** that transforms Keycloak's login experience to match the Open Bank Project Portal design system:\n\n- **Modern Dark Theme**: Elegant glassmorphism UI with backdrop blur effects\n- **OBP Branding**: Official logos, colors, and typography (Plus Jakarta Sans)\n- **Portal Design Consistency**: Matches OBP Portal's visual identity and user experience\n- **OKLCH Color System**: Modern color palette with primary (dark blue/gray) and secondary (teal/green) colors\n- **Responsive Design**: Mobile-first approach optimized for all devices\n- **Accessibility Features**: WCAG 2.1 compliance with high contrast support\n- **Internationalization**: Multi-language support with customizable messages\n\n#### Theme Deployment Options\n\nThe project supports two deployment modes:\n\n1. **CI/CD Deployment** (always build \u0026 replace - automated environments):\n   ```shell\n   # Standard CI/CD deployment\n   $ ./development/run-local-postgres-cicd.sh\n\n   # Themed CI/CD deployment\n   $ ./development/run-local-postgres-cicd.sh --themed\n   ```\n\n#### OBP Theme Structure\n\n```\nthemes/obp/\n├── theme.properties                    # Theme configuration\n├── login/                             # Login theme files\n│   ├── login.ftl                      # Custom login template\n│   ├── messages/                      # Internationalization\n│   │   └── messages_en.properties     # English messages\n│   └── resources/                     # Static resources\n│       ├── css/\n│       │   └── styles.css             # Main stylesheet\n│       └── img/                       # OBP logos and assets\n│           ├── obp_logo.png\n│           ├── logo2x-1.png\n│           └── favicon.png\n```\n\n#### Theme Activation\n\nAfter deploying with `--themed`, activate the OBP theme:\n1. Access Admin Console: https://localhost:8443/admin\n2. Go to Realm Settings \u003e Themes\n3. Set Login Theme to \"obp\"\n4. Save changes\n\n\u003e **Complete Documentation**: See the theme structure and activation sections below for comprehensive theming guide, customization options, and development workflow.\n\n#### Testing Theme Deployment\n\nValidate your themed deployment setup by running the deployment script:\n```shell\n$ ./development/run-local-postgres-cicd.sh --themed\n```\n\nThis script checks all prerequisites, validates theme files, and ensures proper configuration.\n\n### Environment Configuration\n\nThe database connection and Keycloak settings are now configured using **runtime environment variables** instead of build-time configuration. This enables cloud-native deployments with Docker Hub hosted images, and modern CI/CD pipelines.\n\n\u003e **Complete Documentation**:\n\u003e - [docs/CICD_DEPLOYMENT.md](docs/CICD_DEPLOYMENT.md) - CI/CD deployment guide\n\u003e - [env.sample](env.sample) - Environment configuration reference\n\n#### Quick Start Guide\n\n1. **Copy and configure environment variables:**\n   ```shell\n   $ cp env.sample .env\n   $ nano .env  # Edit with your actual configuration\n   ```\n\n2. **Validate your configuration:**\n   ```shell\n   $ ./development/run-local-postgres-cicd.sh\n   ```\n\n3. **Run the application:**\n   ```shell\n   # CI/CD deployment (always build \u0026 replace)\n   $ ./development/run-local-postgres-cicd.sh --themed\n   ```\n\n4. **Test themed deployment (optional):**\n   ```shell\n   $ ./development/run-local-postgres-cicd.sh --themed\n   ```\n\n\u003e **Note**: For local PostgreSQL deployments, the `--validate` flag automatically runs validation checks during startup.\n\n#### Setup Environment Variables\n\n1. Copy the example environment file:\n   ```shell\n   $ cp env.sample .env\n   ```\n\n2. Edit the `.env` file with your actual configuration values:\n   ```properties\n   # Keycloak Admin Configuration\n   KEYCLOAK_ADMIN=your-admin\n   KEYCLOAK_ADMIN_PASSWORD=your-admin-password\n\n   # Keycloak's Internal Database Configuration\n   KC_DB_USERNAME=keycloak\n   KC_DB_PASSWORD=secure-keycloak-password\n\n   # User Storage Database Configuration\n   USER_STORAGE_DB_USER=obp\n   USER_STORAGE_DB_PASSWORD=secure-user-storage-password\n   DB_USER=obp\n   DB_PASSWORD=secure-user-storage-password\n   ```\n\n3. **Validate your configuration (recommended):**\n   ```shell\n   $ ./development/run-local-postgres-cicd.sh\n   ```\n   This script will:\n   - Validate all required variables are set\n   - Check database connectivity\n   - Build and deploy the application\n   - Provide clear success/failure feedback\n\n\u003e **Documentation Resources**:\n\u003e - **[env.sample](env.sample)**: Complete environment variable reference with examples and security notes\n\u003e - **[docs/CICD_DEPLOYMENT.md](docs/CICD_DEPLOYMENT.md)**: CI/CD-style deployment guide for automated environments\n\u003e - **[development/README.md](development/README.md)**: Development tools and scripts documentation\n\u003e - **Available scripts**: Only 3 development scripts are included (see development directory)\n\n#### Key Environment Variables\n\n| Variable | Default | Description |\n|----------|---------|-------------|\n| **Keycloak Admin** | | |\n| `KEYCLOAK_ADMIN` | `admin` | Keycloak admin username |\n| `KEYCLOAK_ADMIN_PASSWORD` | `admin` | Keycloak admin password |\n| **Keycloak Database** | | |\n| `KC_DB_USERNAME` | `keycloak` | Keycloak's internal database username |\n| `KC_DB_PASSWORD` | `keycloak_changeme` | Keycloak's internal database password |\n| `KC_DB_URL` | `jdbc:postgresql://keycloak-postgres:5432/keycloak` | Keycloak's internal database URL |\n| **User Storage Database** | | |\n| `DB_URL` | `jdbc:postgresql://user-storage-postgres:5432/obp_mapped` | User storage database URL |\n| **Port Configuration** | | |\n| `KC_DB_PORT` | `5433` | Keycloak database external port |\n| `USER_STORAGE_DB_PORT` | `5434` | User storage database external port |\n| `DB_USER` | `obp` | User storage database username |\n| `DB_PASSWORD` | `changeme` | User storage database password |\n| **Configuration** | | |\n| `KC_HOSTNAME_STRICT` | `false` | Hostname strict mode |\n| `HIBERNATE_DDL_AUTO` | `validate` | Schema validation mode for user storage |\n\n#### Docker Deployment with External OBP Database\n\nDocker setup uses Keycloak in container with external PostgreSQL for OBP user federation:\n\n1. Use configuration with external PostgreSQL:\n   ```shell\n   $ cp .env.external-postgres .env\n   $ # Edit .env with your database settings\n   $ docker-compose up\n   ```\n\n2. Required setup:\n   ```shell\n   # External PostgreSQL must have:\n   DB_USER=oidc_user\n   DB_PASSWORD=your_password\n   DB_DRIVER=org.postgresql.Driver\n   DB_DIALECT=org.hibernate.dialect.PostgreSQLDialect\n   OBP_AUTHUSER_PROVIDER=your_provider\n   ```\n\n#### Development Tools\n\nThe `development/` directory contains local development scripts:\n\n- **Deployment**: `./development/run-local-postgres-cicd.sh` - Main deployment script (with --themed option)\n- **Management**: `./development/manage-container.sh` - Interactive container management\n- **PostgreSQL**: `./development/pg.sh` - Simple PostgreSQL container setup\n\nSee [development/README.md](development/README.md) for complete documentation of all development tools.\n\n## Deployment Strategies\n\n### Choosing the Right Deployment Method\n\nThe project provides two focused deployment approaches:\n\n| Method | Use Case | Build Strategy | Best For |\n|--------|----------|---------------|-----------|\n| **CI/CD** (`run-local-postgres-cicd.sh`) | Automated pipelines | Always rebuild | CI/CD, production deployments |\n\n### Development Deployment\n```bash\n# Standard deployment without themes\n./development/run-local-postgres-cicd.sh\n```\n\n**Features:**\n- Conditional rebuilds for faster iteration\n- Comprehensive validation and testing\n- Interactive feedback and guidance\n- Container management helpers\n\n### CI/CD Deployment\n```bash\n# Automated, reproducible deployments (always fresh build)\n./development/run-local-postgres-cicd.sh --themed\n\n# Standard CI/CD deployment\n./development/run-local-postgres-cicd.sh\n```\n\n**Features:**\n- Always builds from scratch (no caching issues)\n- JAR checksum-based cache invalidation\n- Fail-fast error handling\n- Structured pipeline output\n- Health checks with timeout\n\n### Analysis and Testing Tools\n```bash\n# Manage running containers interactively\n./development/manage-container.sh\n\n# Set up PostgreSQL container (if needed)\n./development/pg.sh\n```\n\n📖 **Detailed Guides**:\n- [docs/CICD_DEPLOYMENT.md](docs/CICD_DEPLOYMENT.md) - Complete CI/CD documentation\n\n#### Build Options\n\nThe project supports **cloud-native deployment patterns**:\n\n1. **Runtime Configuration** (Recommended - Cloud-Native):\n   ```shell\n   # Build once (no environment variables needed)\n   $ mvn clean package\n   $ docker build -t obp-keycloak-provider .\n\n   # Deploy anywhere with runtime config\n   $ docker run -e KC_DB_URL=\"jdbc:postgresql://keycloak-host:5432/keycloak\" \\\n                 -e KC_DB_USERNAME=\"keycloak_user\" \\\n                 -e KC_DB_PASSWORD=\"keycloak_password\" \\\n                 -e DB_URL=\"jdbc:postgresql://user-storage-host:5432/obp_mapped\" \\\n                 -e DB_USER=\"obp_user\" \\\n                 -e DB_PASSWORD=\"obp_password\" \\\n                 obp-keycloak-provider\n   ```\n\n2. **Environment Variables Deployment**:\n   ```shell\n   $ export DB_URL=\"jdbc:postgresql://localhost:5432/obp_mapped\"\n   $ export DB_USER=\"obp\"\n   $ export DB_PASSWORD=\"obp_password\"\n   $ docker run --env-file .env obp-keycloak-provider\n   ```\n\n3. **Docker Compose** (Runtime Config):\n   ```shell\n   $ docker-compose -f docker-compose.runtime.yml up\n   ```\n\n4. **CI/CD builds** using GitHub Actions workflows:\n   - Single generic build for all environments\n   - Container signing and publishing to Docker Hub\n   - Multi-architecture support with runtime configuration\n\n#### Container Management\n\nWhen you run the deployment scripts, they start the Keycloak container and follow the logs. When you press `Ctrl+C`, the script exits but **the container continues running in the background**.\n\n**After pressing Ctrl+C:**\n- The container remains accessible at http://localhost:8000 and https://localhost:8443\n- Use `./development/manage-container.sh` for an interactive container management menu\n- Or use these direct commands:\n  - View logs: `docker logs -f obp-keycloak`\n  - Stop container: `docker stop obp-keycloak`\n  - Remove container: `docker rm obp-keycloak`\n  - Stop and remove: `docker stop obp-keycloak \u0026\u0026 docker rm obp-keycloak`\n\n### Using Postgres\n\u003e **Warning: I recommend using your own database**, cause not all systems will have a database at `localhost` available to the `docker` container.\n\nTo deploy the container use the script :\n```shell\n$ development/pg.sh\n```\n\nThe script deploys the container locally.\n\nIt uses port : 5434 (changed from 5432 to avoid conflicts with system PostgreSQL).\n\nThe system now uses two separate databases:\n\n1. **Keycloak's Internal Database**: Stores realms, clients, tokens, and Keycloak's own data (accessible on localhost:5433)\n2. **User Storage Database**: Contains your external user data that Keycloak federates (accessible on localhost:5434)\n\n\u003e **Important**: Due to recent fixes, the user storage database now runs on port 5434 instead of 5432 to avoid conflicts with system PostgreSQL installations.\n\nIn the **User Storage Database**, the `authuser` table must be created by a database administrator:\n\n\u003e **⚠️ CRITICAL**: The `authuser` table is **READ-ONLY** for the Keycloak User Storage Provider and **MUST** be created by a database administrator with appropriate permissions. Keycloak setup scripts cannot create this table due to read-only access restrictions.\n\n\u003e **📋 SETUP REQUIREMENT**: The authuser table must exist before running Keycloak. INSERT, UPDATE, and DELETE operations are not supported through Keycloak. Users must be managed through other means outside of Keycloak.\n\n```sql\n-- ===============================================\n-- DATABASE ADMINISTRATOR SETUP REQUIRED\n-- ===============================================\n-- This SQL must be executed by a database administrator\n-- with CREATE privileges on the obp_mapped database.\n-- The Keycloak application has READ-ONLY access only.\n\nCREATE TABLE public.authuser (\n\tid bigserial NOT NULL,\n\tfirstname varchar(100) NULL,\n\tlastname varchar(100) NULL,\n\temail varchar(100) NULL,\n\tusername varchar(100) NULL,\n\tpassword_pw varchar(48) NULL,\n\tpassword_slt varchar(20) NULL,\n\tprovider varchar(100) NULL,\n\tlocale varchar(16) NULL,\n\tvalidated bool NULL,\n\tuser_c int8 NULL,\n\tcreatedat timestamp NULL,\n\tupdatedat timestamp NULL,\n\ttimezone varchar(32) NULL,\n\tsuperuser bool NULL,\n\tpasswordshouldbechanged bool NULL,\n\tCONSTRAINT authuser_pk PRIMARY KEY (id)\n);\n\n-- Grant READ-ONLY access to Keycloak user\nGRANT SELECT ON public.authuser TO obp;\nGRANT USAGE ON SEQUENCE authuser_id_seq TO obp;\n```\n\n**Database Setup Requirements:**\n- 📋 Table must be created by database administrator BEFORE running Keycloak\n- 📋 Keycloak user (obp) needs only SELECT permissions on authuser table\n- 📋 Database administrator must create table structure and indexes\n\n**Keycloak Provider Limitations:**\n- ✅ User authentication and login\n- ✅ User profile viewing\n- ✅ Password validation\n- 🔴 User creation through Keycloak (disabled - read-only access)\n- 🔴 User profile updates through Keycloak (disabled - read-only access)\n- 🔴 User deletion through Keycloak (disabled - read-only access)\n- 🔴 Table creation through setup scripts (disabled - insufficient permissions)\n\nUsers must be added to the `authuser` table using external database administration tools outside of Keycloak.\n\n### Using Keycloak\n\nKC is deployed in a custom container.\n\nTo deploy the KC container, I created a [Dockerfile](/docker/Dockerfile) file in which :\n- I create a certificate for `https` access\n- I add a provider `obp-keycloak-provider`\n\n## Build the project\n\n### Cloud-Native Approach (Recommended)\n\nBuild once, deploy everywhere with runtime configuration:\n\n```shell\n# Build the provider (no environment variables needed)\n$ mvn clean package\n\n# Run with CI/CD deployment\n$ ./development/run-local-postgres-cicd.sh --themed\n```\n\n### Legacy Approach\n\nFor compatibility, you can still use the legacy build script:\n```shell\n$ ./development/run-local-postgres-cicd.sh\n```\n\n\u003e **Note**: The legacy approach uses build-time configuration which is not recommended for production deployments. Use the cloud-native approach for Docker Hub deployments.\n\n## Login to KC\n\nAfter launching, go to [https://localhost:8443](https://localhost:8443) in your browser.\nTo log in to KC, use admin credentials :\n```properties\nuser : admin\npass : admin\n```\n\nClick the [User federation](https://localhost:8443/admin/master/console/#/master/user-federation) tab .\n\nThe provider ``obp-keycloak-provider`` is in list of providers.\n\n![KC providers](/docs/images/providers.png?raw=true \"KC providers\")\n\n## Cloud-Native Deployment Examples\n\n### Docker Hub Deployment\n```shell\n# Pull generic image\ndocker pull your-org/obp-keycloak-provider:latest\n\n# Run with environment-specific configuration\ndocker run -e KC_DB_URL=\"jdbc:postgresql://keycloak-prod-db:5432/keycloak\" \\\n           -e KC_DB_USERNAME=\"keycloak_prod_user\" \\\n           -e KC_DB_PASSWORD=\"secure_keycloak_password\" \\\n           -e DB_URL=\"jdbc:postgresql://user-storage-prod-db:5432/obp\" \\\n           -e DB_USER=\"obp_prod_user\" \\\n           -e DB_PASSWORD=\"secure_user_storage_password\" \\\n           your-org/obp-keycloak-provider:latest\n```\n\n### Testing Runtime Configuration\n```shell\n# Deploy and validate the setup\n./development/run-local-postgres-cicd.sh\n```\n\n## Recent Changes\n\n### Database Separation Fixes (Latest)\n\nThe following critical issues have been resolved:\n\n1. **Fixed JDBC URL Configuration**: Corrected malformed `KC_DB_URL` default value in `docker-compose.runtime.yml`\n2. **Resolved Port Conflicts**: Changed user-storage-postgres to port 5434 to avoid conflicts with system PostgreSQL\n3. **Fixed SQL Syntax Error**: Removed incomplete SQL statement in database initialization script\n4. **Updated Environment Variables**: All configuration now properly supports the separated database architecture\n\n\n\n### Port Changes\n- **Keycloak Internal Database**: `localhost:5433` (unchanged)\n- **User Storage Database**: `localhost:5434` (changed from 5432)\n- **Keycloak Application**: `localhost:8000` (HTTP) and `localhost:8443` (HTTPS)\n\n### Troubleshooting\nIf you encounter connection issues:\n1. Run the deployment script which validates configuration: `./development/run-local-postgres-cicd.sh`\n2. Check for port conflicts: `ss -tulpn | grep :5432` or `netstat -tulpn | grep :5432`\n3. Review the setup documentation in the `docs/` directory\n\n## Documentation\n\n\n- **[Environment Configuration](env.sample)** - Environment variable reference\n- **[CI/CD Deployment](docs/CICD_DEPLOYMENT.md)** - Automated deployment guide for pipelines\n- **[Docker Compose](docker-compose.runtime.yml)** - Runtime configuration example\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenbankproject%2Fobp-keycloak-provider","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenbankproject%2Fobp-keycloak-provider","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenbankproject%2Fobp-keycloak-provider/lists"}