diff --git a/app/backend/build.gradle.kts b/app/backend/build.gradle.kts
index 233b3c437b76ffc05bcfca61a507d4d218583424..8c4a90f9dd0118c99d7511556a5a1a503975d089 100644
--- a/app/backend/build.gradle.kts
+++ b/app/backend/build.gradle.kts
@@ -21,7 +21,7 @@ allOpen {
 
 group = "de.fraunhofer.iem"
 version = "0.0.2-SNAPSHOT"
-java.sourceCompatibility = JavaVersion.VERSION_21
+
 configurations {
     compileOnly {
         extendsFrom(configurations.annotationProcessor.get())
@@ -56,15 +56,11 @@ dependencies {
     testRuntimeOnly(libs.h2db)
 }
 
-tasks.named("compileKotlin", org.jetbrains.kotlin.gradle.tasks.KotlinCompilationTask::class.java) {
-    compilerOptions {
-        freeCompilerArgs.add("-Xjsr305=strict")
-    }
-}
-
 kotlin {
     compilerOptions {
+        jvmToolchain(21) 
         apiVersion.set(org.jetbrains.kotlin.gradle.dsl.KotlinVersion.KOTLIN_2_0)
+        freeCompilerArgs.add("-Xjsr305=strict")
     }
 }
 
diff --git a/app/backend/src/main/kotlin/de/fraunhofer/iem/app/configuration/OpenCodeApiProperties.kt b/app/backend/src/main/kotlin/de/fraunhofer/iem/app/configuration/OpenCodeApiProperties.kt
index 78acc8237def83d51dd266162f4fa4ad78b810a5..f4fd6c9bd947b774486cb9388ea6052eaac77fd0 100644
--- a/app/backend/src/main/kotlin/de/fraunhofer/iem/app/configuration/OpenCodeApiProperties.kt
+++ b/app/backend/src/main/kotlin/de/fraunhofer/iem/app/configuration/OpenCodeApiProperties.kt
@@ -5,6 +5,7 @@ import jakarta.validation.constraints.NotBlank
 import org.springframework.boot.context.properties.ConfigurationProperties
 import org.springframework.boot.context.properties.ConfigurationPropertiesScan
 import org.springframework.validation.annotation.Validated
+import java.net.URI
 import java.net.URL
 
 @ConfigurationProperties(prefix = "opencode.api")
@@ -22,6 +23,6 @@ data class OpenCodeApiProperties(
     fun postConstruct() {
         // There is no try catch block around the operations on purpose!
         // We want to throw here if this operations fail.
-        URL(basePath).toURI()
+        URI.create(basePath)
     }
 }
diff --git a/app/backend/src/main/kotlin/de/fraunhofer/iem/app/configuration/OpenCodeGitlabApiProperties.kt b/app/backend/src/main/kotlin/de/fraunhofer/iem/app/configuration/OpenCodeGitlabApiProperties.kt
index 9f749e3cdadf69a4eedc4fe50c1d021cbc7de6d7..b1c1e47ccf453feb0168cc0567cdbdc30d18bb54 100644
--- a/app/backend/src/main/kotlin/de/fraunhofer/iem/app/configuration/OpenCodeGitlabApiProperties.kt
+++ b/app/backend/src/main/kotlin/de/fraunhofer/iem/app/configuration/OpenCodeGitlabApiProperties.kt
@@ -4,7 +4,7 @@ import jakarta.annotation.PostConstruct
 import jakarta.validation.constraints.NotBlank
 import org.springframework.boot.context.properties.ConfigurationProperties
 import org.springframework.validation.annotation.Validated
-import java.net.URL
+import java.net.URI
 
 @ConfigurationProperties(prefix = "opencode")
 @Validated
@@ -21,7 +21,7 @@ data class OpenCodeGitlabApiProperties(
     fun postConstruct() {
         // There is no try catch block around the operations on purpose!
         // We want to throw here if this operations fail.
-        URL(host).toURI()
+        URI.create(host)
 
         if (analyzePrivateRepos && userName.isNullOrEmpty()) {
             throw Exception("To analyze private repositories a username must be set")
diff --git a/app/backend/src/main/resources/application-dev.properties b/app/backend/src/main/resources/application-dev.properties
deleted file mode 100644
index 19cce4b6dea66ba59939272be9274c3c88680c33..0000000000000000000000000000000000000000
--- a/app/backend/src/main/resources/application-dev.properties
+++ /dev/null
@@ -1,49 +0,0 @@
-spring.config.import=optional:classpath:.env[.properties]
-# Config for the OpencoDE platform
-# Token can be an empty string to access public repositories only
-opencode.host=https://gitlab.dev.o4oe.de/
-opencode.access-token=${OC_GL_APIKEY:}
-opencode.analyze-private-repos=true
-opencode.user-name=${OC_GL_USER:}
-# Tool APIs
-opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
-opencode.api.ort=/cve-result
-opencode.api.auth=https://sl.dev.o4oe.de/api/
-opencode.api.auth-api-key=${AUTH_API_KEY}
-# API key to access this server's API
-#  The api key is needed for all routes.
-#  the admin password is needed for the repo changed route.
-#  It is expected as basic auth with the admin username
-# details can be found in configuration/security/WebSecurityConfiguration.kt
-security.api-key=${API_KEY:}
-security.admin-password=${ADMIN_PASSWORD:}
-security.admin-username=${ADMIN_USERNAME:}
-security.cors-origin=${CORS_ORIGIN:}
-security.hmac-key=${HMAC_KEY:}
-# OCCMD specific settings
-# path to the occmd tool executable
-# this can e.g, be the occmd.sh script in this project
-occmd.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY:}
-occmd.occmd-path=${OCCMD_PATH:}
-server.port=${PORT}
-management.server.port=${MANAGEMENT_PORT:}
-springdoc.use-management-port=${USE_MANAGEMENT_PORT:}
-management.endpoints.web.exposure.include=health,metrics, openapi, swagger-ui, logfile, loggers, prometheus, auditevents
-springdoc.show-actuator=true
-spring.main.web-application-type=REACTIVE
-# Generates db schema if it doesn't exist in db
-spring.jpa.generate-ddl=true
-spring.jpa.show-sql=false
-# This setting should only be used in dev. In prod we want to switch to update
-spring.jpa.hibernate.ddl-auto=update
-spring.jpa.properties.hibernate.format_sql=true
-spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true
-spring.jpa.properties.hibernate.bytecode.use_reflection_optimizer=false
-spring.jpa.open-in-view=false
-spring.jpa.properties.hibernate.temp.use_jdbc_metadata_defaults=false
-spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.CockroachDialect
-# DB Login data
-spring.datasource.url=jdbc:postgresql://${DB_HOST:}:${DB_PORT:}/${DB_NAME:}?sslmode=disable&user=root
-spring.datasource.username=${DB_USER:}
-spring.datasource.driver-class-name=org.postgresql.Driver
-projects.project-ids=${PROJECT_IDS:}
diff --git a/app/backend/src/main/resources/application-local.properties b/app/backend/src/main/resources/application-local.properties
deleted file mode 100644
index ed4445ef5a6d19d8085347fd47ebb3e3c3922de1..0000000000000000000000000000000000000000
--- a/app/backend/src/main/resources/application-local.properties
+++ /dev/null
@@ -1,51 +0,0 @@
-spring.config.import=optional:classpath:.env[.properties]
-# Config for the OpencoDE platform
-# Token can be an empty string to access public repositories only
-opencode.host=https://gitlab.dev.o4oe.de/
-opencode.access-token=${OC_GL_APIKEY:}
-opencode.analyze-private-repos=true
-opencode.user-name=${OC_GL_USER:}
-# Tool APIs
-opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
-opencode.api.ort=/cve-result
-# API key to access this server's API
-#  The api key is needed for all routes.
-#  the admin password is needed for the repo changed route.
-#  It is expected as basic auth with the admin username
-# details can be found in configuration/security/WebSecurityConfiguration.kt
-security.api-key=${API_KEY:}
-security.admin-password=${ADMIN_PASSWORD:}
-security.admin-username=${ADMIN_USERNAME:}
-security.cors-origin=${CORS_ORIGIN:}
-security.hmac-key=${HMAC_KEY:}
-# OCCMD specific settings
-# path to the occmd tool executable
-# this can e.g, be the occmd.sh script in this project
-occmd.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY:}
-occmd.occmd-path=${OCCMD_PATH:}
-server.port=${PORT}
-management.server.port=${MANAGEMENT_PORT:}
-springdoc.use-management-port=true
-management.endpoints.web.exposure.include=health,metrics, openapi, swagger-ui, logfile, loggers, prometheus, auditevents
-springdoc.show-actuator=true
-spring.main.web-application-type=REACTIVE
-# Generates db schema if it doesn't exist in db
-spring.jpa.generate-ddl=true
-spring.jpa.show-sql=false
-# This setting should only be used in dev. In prod we want to switch to update
-spring.jpa.hibernate.ddl-auto=create-drop
-spring.jpa.properties.hibernate.format_sql=true
-spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true
-spring.jpa.properties.hibernate.bytecode.use_reflection_optimizer=false
-spring.jpa.open-in-view=false
-spring.jpa.properties.hibernate.temp.use_jdbc_metadata_defaults=false
-spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.CockroachDialect
-opencode.api.auth=https://sl.dev.o4oe.de/api/receive-session/
-opencode.api.auth-api-key=${AUTH_API_KEY}
-# DB Login data
-spring.datasource.url=${DB_URL:}
-spring.datasource.username=${DB_USER:}
-spring.datasource.password=${DB_PW:}
-spring.datasource.driver-class-name=org.postgresql.Driver
-projects.project-ids=159, 161
-#, 888, 438, 1189, 820, 788, 400, 1052
diff --git a/app/backend/src/main/resources/application-prod.properties b/app/backend/src/main/resources/application-prod.properties
deleted file mode 100644
index 325aae17645f24c8c683df5ebbcd00aa595e51e0..0000000000000000000000000000000000000000
--- a/app/backend/src/main/resources/application-prod.properties
+++ /dev/null
@@ -1,44 +0,0 @@
-spring.config.import=optional:classpath:.env[.properties]
-# Config for the OpencoDE platform
-# Token can be an empty string to access public repositories only
-opencode.host=https://gitlab.opencode.de/
-opencode.access-token=${OC_GL_APIKEY:}
-# Tool APIs
-opencode.api.base-path=https://software.opencode.de/api/v1/project/
-opencode.api.ort=/cve-result
-# API key to access this server's API
-#  The api key is needed for all routes.
-#  the admin password is needed for the repo changed route.
-#  It is expected as basic auth with the admin username
-# details can be found in configuration/security/WebSecurityConfiguration.kt
-security.api-key=${API_KEY:}
-security.admin-password=${ADMIN_PASSWORD:}
-security.admin-username=${ADMIN_USERNAME:}
-security.cors-origin=${CORS_ORIGIN:}
-security.hmac-key=${HMAC_KEY:}
-# OCCMD specific settings
-# path to the occmd tool executable
-# this can e.g, be the occmd.sh script in this project
-occmd.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY:}
-occmd.occmd-path=${OCCMD_PATH:}
-server.port=${PORT}
-management.server.port=${MANAGEMENT_PORT:}
-springdoc.use-management-port=true
-management.endpoints.web.exposure.include=health,metrics, openapi, swagger-ui, logfile, loggers, prometheus, auditevents
-springdoc.show-actuator=true
-spring.main.web-application-type=REACTIVE
-# Generates db schema if it doesn't exist in db
-spring.jpa.generate-ddl=true
-spring.jpa.show-sql=false
-# This setting should only be used in dev. In prod we want to switch to update
-spring.jpa.hibernate.ddl-auto=validate
-spring.jpa.properties.hibernate.format_sql=true
-spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true
-spring.jpa.properties.hibernate.bytecode.use_reflection_optimizer=false
-spring.jpa.open-in-view=false
-spring.jpa.properties.hibernate.temp.use_jdbc_metadata_defaults=false
-spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.CockroachDialect
-# DB Login data
-spring.datasource.url=jdbc:postgresql://${host}:26257/${DB_USER}?sslmode=${ssl_mode}&sslrootcert=${ca_crt}&sslcert=${ssl_cert}&sslkey=${ssl_key}
-spring.datasource.username=${DB_USER:}
-projects.project-ids=1108, 888, 438, 1189, 820, 788, 400, 1052
diff --git a/app/backend/src/main/resources/application.properties b/app/backend/src/main/resources/application.properties
new file mode 100644
index 0000000000000000000000000000000000000000..d61366410a67642f81d1a1630806444fb59cbe31
--- /dev/null
+++ b/app/backend/src/main/resources/application.properties
@@ -0,0 +1,86 @@
+# Config for the OpencoDE platform
+# Token can be an empty string to access public repositories only
+opencode.host=https://gitlab.opencode.de/
+opencode.access-token=${OC_GL_APIKEY}
+opencode.user-name=${OC_GL_USER}
+projects.project-ids=${PROJECT_IDS}
+
+# API key to access this server's API
+# The api key is needed for all routes.
+# the admin password is needed for the repo changed route.
+# It is expected as basic auth with the admin username
+# details can be found in configuration/security/WebSecurityConfiguration.kt
+security.api-key=${API_KEY}
+security.admin-password=${ADMIN_PASSWORD}
+security.admin-username=${ADMIN_USERNAME}
+security.cors-origin=${CORS_ORIGIN}
+security.hmac-key=${HMAC_KEY}
+
+# Tool APIs
+opencode.api.base-path=https://software.opencode.de/api/v1/project/
+opencode.api.ort=/cve-result
+opencode.api.auth=https://sl.dev.o4oe.de/api/
+opencode.api.auth-api-key=${AUTH_API_KEY}
+
+# OCCMD specific settings
+# path to the occmd tool executable
+# this can e.g, be the occmd.sh script in this project
+occmd.git-clone-target-directory=${GIT_CLONE_TARGET_DIRECTORY}
+occmd.occmd-path=${OCCMD_PATH}
+
+# Spring actuator settings
+management.server.port=${MANAGEMENT_PORT}
+springdoc.use-management-port=true
+management.endpoints.web.exposure.include=health,metrics, openapi, swagger-ui, logfile, loggers, prometheus, auditevents
+springdoc.show-actuator=true
+spring.main.web-application-type=REACTIVE
+server.port=${PORT}
+
+# Database Settings
+spring.jpa.hibernate.ddl-auto=validate
+spring.jpa.properties.hibernate.format_sql=true
+spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true
+spring.jpa.properties.hibernate.bytecode.use_reflection_optimizer=false
+spring.jpa.open-in-view=false
+spring.jpa.properties.hibernate.temp.use_jdbc_metadata_defaults=false
+spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.CockroachDialect
+
+# DB settings
+spring.datasource.url=jdbc:postgresql://${host}:26257/${DB_USER}?sslmode=${ssl_mode}&sslrootcert=${ca_crt}&sslcert=${ssl_cert}&sslkey=${ssl_key}
+spring.datasource.username=${DB_USER}
+spring.datasource.driver-class-name=org.postgresql.Driver
+# Generates db schema if it doesn't exist in db
+spring.jpa.generate-ddl=true
+spring.jpa.show-sql=false
+#---
+spring.config.activate.on-profile=local
+opencode.host=https://gitlab.opencode.de/
+opencode.analyze-private-repos=true
+
+# Tool APIs
+opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
+opencode.api.auth=https://sl.dev.o4oe.de/api/receive-session/
+
+# Database Settings
+spring.datasource.url=jdbc:postgresql://${host}:${DB_PORT}/${DB_NAME}?sslmode=disable&user=root
+spring.jpa.hibernate.ddl-auto=create-drop
+
+# Import local .env
+spring.config.import=optional:classpath:.env[.properties]
+
+#---
+spring.config.activate.on-profile=dev
+# Config for the OpencoDE platform
+opencode.host=https://gitlab.dev.o4oe.de/
+opencode.analyze-private-repos=true
+
+# Tool APIs
+opencode.api.base-path=https://sl.dev.o4oe.de/api/v1/project/
+opencode.api.auth=https://sl.dev.o4oe.de/api/
+
+# Database Settings
+spring.datasource.url=jdbc:postgresql://${host}:${DB_PORT}/${DB_NAME}?sslmode=disable&user=root
+spring.jpa.hibernate.ddl-auto=update
+
+#---
+spring.config.activate.on-profile=prod
diff --git a/docker-compose.yml b/docker-compose.yml
index 1dc7ba83f28ba99b7ea942cb026f7b42d2eb795c..a731b2f0842daaefb40c8023f6e3aaed65011b9a 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -18,24 +18,21 @@ services:
             - OC_GL_APIKEY=${SECRET_OC_GL_APIKEY}
             - XDG_CONFIG_HOME=/app/.config/
             - GIT_CLONE_TARGET_DIRECTORY=/app/git/
-            - USE_MANAGEMENT_PORT=false
             - MANAGEMENT_PORT=4001
             - PROJECT_IDS=1448,2991,1317,560,2188,2155,2149,2235 # occmd-public, Covid19 fraud detection, Opendesk, Helm chart, e2e tests
             - CORS_ORIGIN=* # Must be without quotes i.e. allow everything: * | originally https://sec-kpi.opencode.de
 
             - PORT=4000
-            - DB_HOST=db
+            - host=db
             - DB_USER=sa
             - DB_NAME=dataprovider
             - DB_PORT=26257
-            - HMAC_KEY=123456789012345678901234567890
 
             - ADMIN_PASSWORD=01234567890123456789
             - ADMIN_USERNAME=012345678901234567890123456789
+            - HMAC_KEY=012345678901234567890123456789
             - API_KEY=012345678901234567890123456789
 
             - SPRING_PROFILES_ACTIVE=local
         ports:
             - 4000:4000
-        volumes:
-            - ./app/backend/src/main/resources/application-local.properties:/app/application-local.properties
diff --git a/kpi-calculator/adapter/build.gradle.kts b/kpi-calculator/adapter/build.gradle.kts
index aa309758015e5c0f3f21289ba6b79ea6f865075f..ec2ec29be7ada6c488fff2a7c03587d46e1e71d8 100644
--- a/kpi-calculator/adapter/build.gradle.kts
+++ b/kpi-calculator/adapter/build.gradle.kts
@@ -17,6 +17,10 @@ dependencies {
 tasks.test {
     useJUnitPlatform()
 }
+
 kotlin {
-    jvmToolchain(21)
+    compilerOptions {
+        jvmToolchain(21)
+        apiVersion.set(org.jetbrains.kotlin.gradle.dsl.KotlinVersion.KOTLIN_2_0)
+    }
 }
diff --git a/kpi-calculator/adapter/src/test/kotlin/de/fraunhofer/iem/kpiCalculator/adapter/cve/CveAdapterTest.kt b/kpi-calculator/adapter/src/test/kotlin/de/fraunhofer/iem/kpiCalculator/adapter/cve/CveAdapterTest.kt
index e24b0c18701ef6cc29faa25959eba7cf7122551b..333ea6a0dac01539e25b78544add821637412840 100644
--- a/kpi-calculator/adapter/src/test/kotlin/de/fraunhofer/iem/kpiCalculator/adapter/cve/CveAdapterTest.kt
+++ b/kpi-calculator/adapter/src/test/kotlin/de/fraunhofer/iem/kpiCalculator/adapter/cve/CveAdapterTest.kt
@@ -9,7 +9,7 @@ import kotlin.test.fail
 class CveAdapterTest {
 
     @Test
-    fun transformSingleVulnerabilityToKpi() {
+    fun basicVulnerabilityToKpiTransformation() {
         val adapter = CveAdapter
         // valid input
         val validKpi = adapter.transformDataToKpi(
diff --git a/kpi-calculator/core/build.gradle.kts b/kpi-calculator/core/build.gradle.kts
index aa309758015e5c0f3f21289ba6b79ea6f865075f..ec2ec29be7ada6c488fff2a7c03587d46e1e71d8 100644
--- a/kpi-calculator/core/build.gradle.kts
+++ b/kpi-calculator/core/build.gradle.kts
@@ -17,6 +17,10 @@ dependencies {
 tasks.test {
     useJUnitPlatform()
 }
+
 kotlin {
-    jvmToolchain(21)
+    compilerOptions {
+        jvmToolchain(21)
+        apiVersion.set(org.jetbrains.kotlin.gradle.dsl.KotlinVersion.KOTLIN_2_0)
+    }
 }
diff --git a/kpi-calculator/model/build.gradle.kts b/kpi-calculator/model/build.gradle.kts
index 6f4b09d4eb34faa1f615edf0108c2359b2a85e03..12453c12118d0436236f85020d32440ef0f3b042 100644
--- a/kpi-calculator/model/build.gradle.kts
+++ b/kpi-calculator/model/build.gradle.kts
@@ -18,6 +18,10 @@ dependencies {
 tasks.test {
     useJUnitPlatform()
 }
+
 kotlin {
-    jvmToolchain(21)
+    compilerOptions {
+        jvmToolchain(21)
+        apiVersion.set(org.jetbrains.kotlin.gradle.dsl.KotlinVersion.KOTLIN_2_0)
+    }
 }
diff --git a/kubernetes/configmap-prod.yaml b/kubernetes/configmap-prod.yaml
index 037ea07a402139fba3b08a469a774d34fc0c6118..29b491c91cafef5809a845e87b6b0f8b19d205b1 100644
--- a/kubernetes/configmap-prod.yaml
+++ b/kubernetes/configmap-prod.yaml
@@ -9,3 +9,5 @@ data:
     MANAGEMENT_PORT: "5001"
     XDG_CONFIG_HOME: "/app/.config"
     CORS_ORIGIN: "https://sec-kpi.opencode.de"
+    PROJECT_IDS: 1108, 888, 438, 1189, 820, 788, 400, 1052
+    SPRING_PROFILES_ACTIVE: prod
diff --git a/kubernetes/configmap.yaml b/kubernetes/configmap.yaml
index 19465dc2a1428a647887c1a2049e0077f64805a1..f4981583c801d4da8092c7a3cc6534c11d52c871 100644
--- a/kubernetes/configmap.yaml
+++ b/kubernetes/configmap.yaml
@@ -9,3 +9,5 @@ data:
     MANAGEMENT_PORT: "5001"
     XDG_CONFIG_HOME: "/app/.config"
     CORS_ORIGIN: "*"
+    PROJECT_IDS: 159,106, 124
+    SPRING_PROFILES_ACTIVE: dev