{"id":48489065,"url":"https://github.com/3scale/apisonator","last_synced_at":"2026-04-07T11:01:06.720Z","repository":{"id":29866329,"uuid":"119402246","full_name":"3scale/apisonator","owner":"3scale","description":"Red Hat 3scale API Management Apisonator backend","archived":false,"fork":false,"pushed_at":"2026-02-19T14:07:29.000Z","size":4947,"stargazers_count":38,"open_issues_count":22,"forks_count":26,"subscribers_count":3,"default_branch":"master","last_synced_at":"2026-02-19T17:51:17.282Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://3scale.net","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/3scale.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2018-01-29T15:37:15.000Z","updated_at":"2026-01-29T16:18:18.000Z","dependencies_parsed_at":"2025-11-28T21:05:48.240Z","dependency_job_id":null,"html_url":"https://github.com/3scale/apisonator","commit_stats":{"total_commits":3708,"total_committers":27,"mean_commits":"137.33333333333334","dds":0.6844660194174756,"last_synced_commit":"7bcc83fcc351f353a97cf0447cc45405bff1cc3f"},"previous_names":[],"tags_count":80,"template":false,"template_full_name":null,"purl":"pkg:github/3scale/apisonator","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/3scale%2Fapisonator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/3scale%2Fapisonator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/3scale%2Fapisonator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/3scale%2Fapisonator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/3scale","download_url":"https://codeload.github.com/3scale/apisonator/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/3scale%2Fapisonator/sbom","scorecard":{"id":3771,"data":{"date":"2025-08-11","repo":{"name":"github.com/3scale/apisonator","commit":"0cf5989bade1c96ad16bc473f951571067994f65"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.1,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":10,"reason":"12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/fast-forward-branch.yaml:1","Warn: no topLevel permission defined: .github/workflows/tagRelease.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/fast-forward-branch.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/3scale/apisonator/fast-forward-branch.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/tagRelease.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/3scale/apisonator/tagRelease.yml/master?enable=pin","Warn: containerImage not pinned by hash: openshift/Dockerfile.pisoni:1: pin your Docker image by updating registry.access.redhat.com/ubi8/ruby-25 to registry.access.redhat.com/ubi8/ruby-25@sha256:325480069ebfd1bea08a130eebe45064e194a0ac958fd238bff935272ea9d57b","Warn: containerImage not pinned by hash: openshift/distro/ubi/9/Dockerfile:29: pin your Docker image by updating registry.access.redhat.com/ubi9/ubi-minimal to registry.access.redhat.com/ubi9/ubi-minimal@sha256:8d905a93f1392d4a8f7fb906bd49bf540290674b28d82de3536bb4d0898bf9d7","Info:   0 out of   1 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   0 out of   2 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":3,"reason":"7 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-353f-x4gh-cqq8","Warn: Project is vulnerable to: GHSA-5w6v-399v-w3cc","Warn: Project is vulnerable to: GHSA-mrxw-mxhj-p664","Warn: Project is vulnerable to: GHSA-vvfq-8hwr-qm4m","Warn: Project is vulnerable to: GHSA-47m2-26rw-j2jw","Warn: Project is vulnerable to: GHSA-9j94-67jr-4cqj","Warn: Project is vulnerable to: GHSA-mqcp-p2hv-vw6x"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-14T13:07:11.556Z","repository_id":29866329,"created_at":"2025-08-14T13:07:11.556Z","updated_at":"2025-08-14T13:07:11.556Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31509941,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-07T03:10:19.677Z","status":"ssl_error","status_checked_at":"2026-04-07T03:10:13.982Z","response_time":105,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-04-07T11:00:59.286Z","updated_at":"2026-04-07T11:01:06.699Z","avatar_url":"https://github.com/3scale.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Apisonator\n\n[![Docker Repository on Quay](https://quay.io/repository/3scale/apisonator/status \"Docker Repository on Quay\")](https://quay.io/repository/3scale/apisonator)\n[![CircleCI](https://circleci.com/gh/3scale/apisonator.svg?style=shield)](https://circleci.com/gh/3scale/apisonator)\n[![Maintainability](https://api.codeclimate.com/v1/badges/d2cea8016f0089cb2fd6/maintainability)](https://codeclimate.com/github/3scale/apisonator/maintainability)\n\nThis software is licensed under the [Apache 2.0 license](https://www.apache.org/licenses/LICENSE-2.0).\n\nSee the LICENSE and NOTICE files that should have been provided along with this\nsoftware for details.\n\n## Description\n\nThis is the Red Hat 3scale API Management backend.\n\nIt has the following components:\n\n### Apisonator listener\n\nIt provides the point of entry of the API Management Platform's Backend.\nThe Service management API (SM API) is provided to authorize and report consumer\nAPI requests.\n\nThree main operations can be performed with this API:\n\n * Report: Reports a number of hits to one or more metrics, performing the\n   corresponding metric aggregations\n * Authorize: Authorize a request. The authorization of a request checks that:\n   * The provided API key to authorize the request is valid\n   * The current usage metrics of the API related to the request are within\n     the specified limits\n * Authrep: Combination of both the above\n\nMake sure to read the corresponding OpenAPI specification of these\noperations, located in [the \"porta\" repository](https://github.com/3scale/porta/blob/master/doc/active_docs/service_management_api.json).\n\nIt attempts to respond with lowest possible latency, performing minimal work\nand offloading other work to Apisonator workers by enqueuing tasks into job queues.\n\nThis component needs access to a Redis database to perform the following actions:\n * Enqueue reports, which will be processed by the Apisonator worker component\n * Perform authorization of the requests\n\nThese two actions can be configured to be performed in different Redis\ndatabases if desired (see the [Prerequisites](#prerequisites)\nand [Configuration](#configuration) sections).\n\nFinally, another API named 'Internal API' is provided to configure services\nin Apisonator. This API is intended only for administrative purposes and not\nfor general consumption. Therefore, usage of this API should be protected or\nnot exposed to untrusted parties. You can also generate its documentation with\nRake tasks. The [Pisoni](https://github.com/3scale/pisoni) API client can be\nused to interact with the Internal API.\n\nTo quickly test Apisonator, random services can be created and configured on it\nvia the use of the 'Buddhi' tool located in our performance tests\ntoolkit: [3scale perftest-toolkit](https://github.com/3scale/perftest-toolkit/).\n\nThis component may also be referred to as '3scale_backend'.\n\n### Apisonator worker\n\nIt is responsible for performing background tasks off-loaded from\nApisonator listeners (enqueued jobs).\n\nThe worker component takes care of running these enqueued jobs, mainly related\nto reporting of previous traffic.\n\nSpecifically, this component:\n * Dequeues and runs the report jobs that have been submitted to the Redis\n   background jobs database by the Apisonator listener/s or the\n   Apisonator failed jobs rescheduler\n * Stores the results of running the report jobs in the Redis Storage database\n\nThis component may also be referred to as '3scale_backend_worker'.\n\n### Apisonator failed jobs rescheduler\n\nThis is a simple task that acts as a cron scheduler to requeue jobs that failed\nwhen being processed by an Apisonator worker. The jobs are requeued into\nthe Redis background jobs database.\n\nThis component may also be referred to as 'backend-cron'.\n\n## Development\n\nSee the file [DEVELOPMENT](DEVELOPMENT.md)\n\n## Documentation\n\nYou can find documentation about Apisonator (also called referred to as `3scale\nbackend`) at the [Red Hat 3scale API Management product pages](https://access.redhat.com/products/red-hat-3scale/).\n\nDocumentation about specific parts of Apisonator (APIs, specs, behaviour, etc)\ncan be found in the [`docs`](https://github.com/3scale/apisonator/tree/master/docs) folder, though this is mostly meant for development and design purposes rather\nthan user documentation.\n\n## How to run\n\n### Prerequisites\n\n* Docker (requires version 1.10.0 or later)\n* A Redis database, used to store API request statistics and services. Also\n  used to perform API requests authorizations. In Apisonator this database\n  is commonly referred to as 'Redis Storage'\n* A Redis database, used to store background jobs. The Redis Resque library\n  is used for this. In Apisonator this database is commonly referred to as\n  'Redis Resque', or as the 'background jobs database'\n\nThe two previous Redis databases can be configured in the following ways:\n\n * In a single machine/vm, using a single Redis process by specifying\n   different database identifiers, which is supported by the Redis URI\n\t specification. i.e. redis://host:port/0, redis://host:port/1\n * In a single machine/vm, using different Redis processes with different\n   assigned ports\n * In separate machines/vms\n\nThe first thing you will need is cloning the project:\n\u003e `$ git clone git@github.com:3scale/apisonator.git`\n\nNext cd into the directory, `cd apisonator`.\n\n### Apisonator image generation\n\nGo to the `openshift` directory and execute `make build`. This will generate\na local docker image named `amp:apisonator-\u003cversion_number\u003e` based on CentOS Stream 8.\n\n### Configuration\n\nTo run any Apisonator component, application-related environment variables must\nbe previously set. This can be done by setting them via the `--env` flag in\nDocker or by placing them in a ENV file and setting the ENV file in Docker via\nthe `--env-file` flag.\n\nThe most important variables to set are:\n\n * CONFIG_QUEUES_MASTER_NAME: Set this to the [`redis://` URL](http://www.iana.org/assignments/uri-schemes/prov/redis)\n   of where the Redis Resque has been installed\n * CONFIG_REDIS_PROXY: Set this to the [`redis://` URL](http://www.iana.org/assignments/uri-schemes/prov/redis)\n   of where the Redis Storage has been installed\n * CONFIG_INTERNAL_API_USER: Set this to an arbitrary username \u003cusername\u003e\n   that will be the one used to be able to use the Apisonator internal API\n * CONFIG_INTERNAL_API_PASSWORD: Set this to an arbitrary\n   password \u003cpassword\u003e that will be the one used to be able to use the\n   Apisonator internal API\n * RACK_ENV: Set this to 'production'\n\nA complete list of configuration variables that can be set can be\nfound in the file `openshift/3scale_backend.conf`\n\nAn example of an ENV file can be found at `openshift/.env.test`\n\n### Automatic execution (with Makefile)\n\nMakefile rules can be run to execute the different Apisonator components\nwith some predefined behaviour. To do this a file named `.env` in\nthe `openshift` directory must be created before.\n\nOnce this has been performed, go to the `openshift` directory and execute\none of the available Makefile commands to run Apisonator components:\n\n#### Apisonator Listener\n\nExecute the Apisonator Listener, exposing the port 3001:\n\n```\nmake listener\n```\n\n#### Apisonator Worker\n\n```\nmake worker\n```\n\n#### Apisonator failed jobs rescheduler\n\nExecute the 'cron' Apisonator component:\n\n```\nmake cron\n```\n\n#### Apisonator bash shell\n\nExecute a bash shell with the Apisonator source code with all the available\ncomponents:\n\n```\nmake bash\n```\n\n### Manual execution\n\nAnother way of executing the Apisonator components is by running a container\nusing the previously generated Apisonator image:\n\n#### Apisonator Listener\n\nTo run an Apisonator listener, the script bin/3scale_backend is used. To\nrun it from a previously generated Apisonator docker image:\n\n```\ndocker run -p 3001:3001 --env-file \u003cmyenv_file\u003e -it amp:apisonator-\u003cversion_number\u003e 3scale_backend start -p 3001 -x /dev/stdout\n```\n\nYou can see all the available options of the apisonator listener by executing:\n\n```\ndocker run -it amp:apisonator-\u003cversion_number\u003e 3scale_backend help\n```\n\n#### Apisonator Worker\n\n```\ndocker run --env-file \u003cmyenv_file\u003e -it amp:apisonator-\u003cversion_number\u003e 3scale_backend_worker\n```\n\n#### Apisonator failed jobs rescheduler\n\n```\ndocker run --env-file \u003cmyenv_file\u003e -it amp:apisonator-\u003cversion_number\u003e backend-cron\n```\n\n#### Apisonator bash shell\n\n```\ndocker run --env-file \u003cmyenv_file\u003e -it amp:apisonator-\u003cversion_number\u003e bash\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F3scale%2Fapisonator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F3scale%2Fapisonator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F3scale%2Fapisonator/lists"}