restructure: flatten scripts dirs, remove roster, update SKILL.md

keycloak-hangman-lab/scripts/create-keycloak-account

@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# Get the directory where this script is located
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
+# Get username and email from ego-mgr
+username=$(ego-mgr get default-username)
+email=$(ego-mgr get email)
+
+# Check if username is provided
+if [[ -z "$username" ]]; then
+  echo "Error: default-username not set in ego-mgr, please contact ard"
+  exit 1
+fi
+
+# Check if email is provided
+if [[ -z "$email" ]]; then
+  echo "Error: email not set in ego-mgr, please contact ard"
+  exit 1
+fi
+
+# Generate keycloak credentials (do not print secret)
+secret-mgr generate --username "$username" --key keycloak >/dev/null
+
+# Get the generated username and password
+user=$(secret-mgr get-username --key keycloak)
+pass=$(secret-mgr get-secret --key keycloak)
+
+realm="Hangman-Lab"
+
+# Create keycloak user
+"$SCRIPT_DIR/kcadm" create users -r "$realm" -s "username=$user" -s "enabled=true" -s "email=$email" || true
+
+# Set password for the user
+"$SCRIPT_DIR/kcadm" set-password -r "$realm" --username "$user" --new-password "$pass"
+
+# Verify email and set profile fields to avoid VERIFY_PROFILE during first OIDC login
+"$SCRIPT_DIR/verify-email" --username "$user"
+"$SCRIPT_DIR/set-name" --username "$user" >/dev/null 2>&1 || "$SCRIPT_DIR/set-name"
+
+echo "Keycloak account created for: $user (realm: $realm)"