{"id":38613878,"url":"https://github.com/cabify/aceptadora","last_synced_at":"2026-01-17T08:48:08.032Z","repository":{"id":53540265,"uuid":"304052348","full_name":"cabify/aceptadora","owner":"cabify","description":"Aceptadora provides the boilerplate to orchestrate the containers for an acceptance test. [managed by soy-programador]","archived":false,"fork":false,"pushed_at":"2025-09-26T10:59:16.000Z","size":81,"stargazers_count":56,"open_issues_count":1,"forks_count":7,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-09-26T12:25:56.983Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cabify.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-10-14T15:09:41.000Z","updated_at":"2025-09-26T10:57:45.000Z","dependencies_parsed_at":"2024-06-19T11:21:35.481Z","dependency_job_id":"24834aba-e40a-4d60-8d22-8ef58eaa6431","html_url":"https://github.com/cabify/aceptadora","commit_stats":null,"previous_names":[],"tags_count":12,"template":false,"template_full_name":null,"purl":"pkg:github/cabify/aceptadora","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cabify%2Faceptadora","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cabify%2Faceptadora/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cabify%2Faceptadora/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cabify%2Faceptadora/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cabify","download_url":"https://codeload.github.com/cabify/aceptadora/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cabify%2Faceptadora/sbom","scorecard":{"id":261375,"data":{"date":"2025-08-11","repo":{"name":"github.com/cabify/aceptadora","commit":"47c4983c004a13d28cec2efb554041ed455e3d38"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.7,"checks":[{"name":"Code-Review","score":6,"reason":"Found 12/18 approved changesets -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/acceptance.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/cabify/aceptadora/acceptance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/acceptance.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/cabify/aceptadora/acceptance.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/cabify/aceptadora/lint.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/cabify/aceptadora/lint.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/cabify/aceptadora/lint.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/cabify/aceptadora/lint.yml/master?enable=pin","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/acceptance.yml:1","Warn: no topLevel permission defined: .github/workflows/lint.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":7,"reason":"3 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2025-3829","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 24 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T10:55:03.810Z","repository_id":53540265,"created_at":"2025-08-17T10:55:03.810Z","updated_at":"2025-08-17T10:55:03.810Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28504499,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-17T06:57:29.758Z","status":"ssl_error","status_checked_at":"2026-01-17T06:56:03.931Z","response_time":85,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-17T08:48:07.939Z","updated_at":"2026-01-17T08:48:08.027Z","avatar_url":"https://github.com/cabify.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# aceptadora\n\n![lint](https://github.com/cabify/aceptadora/workflows/lint/badge.svg)\n![acceptance](https://github.com/cabify/aceptadora/workflows/acceptance/badge.svg)\n[![Travis build status](https://travis-ci.com/cabify/aceptadora.svg?branch=master)](https://travis-ci.com/cabify/aceptadora)\n\nAceptadora provides the boilerplate to orchestrate the containers for an acceptance test.\n\nAceptadora is a replacement for `docker-compose` in acceptance tests, and it also allows running and debugging tests from your IDE.\n\n# Example\n\nThe [acceptance tests](./acceptance/suite/acceptance_suite_test.go) of this package are an example of usage for this package. There are also CI builds running on both [Github Actions](.github/workflows/acceptance.yml) and [Travis CI](./.travis.yml) that serve as an example.\n\nLong story short:\n - Define your service in a YAML file inspired by docker-compose format, with an idiomatic name of [`aceptadora.yml`](./acceptance/aceptadora.yml)\n - Define your environment variables in [some `config.env` files](./acceptance/config/)\n - Load them in your test:\n ```go\n\taceptadora.SetEnv(\n\t\ts.T(),\n\t\taceptadora.OneOfEnvConfigs(\n\t\t\taceptadora.EnvConfigWhenEnvVarPresent(\"../config/gitlab.env\", \"GITLAB_CI\"),\n\t\t\taceptadora.EnvConfigAlways(\"../config/default.env\"),\n\t\t),\n\t\taceptadora.EnvConfigAlways(\"acceptance.env\"),\n\t) \n ```\n - Fill the [`aceptadora.Config`](./aceptadora.go) values, you can use `github.com/colega/envconfig` for that\n ```go\n\tenvconfig.MustProcess(\"ACCEPTANCE\", \u0026s.cfg)\n ``` \n - Instantiate the _aceptadora_:\n ```go\n\taceptadora := aceptadora.New(t, cfg)\n ```\n - Start your service:\n ```go\n\taceptadora.Run(ctx, \"redis\")\n ```\n - Test stuff\n - When you're done, stop it using `aceptadora.StopAll(ctx)` or `aceptadora.Stop(ctx, \"redis\")`\n\n# Motivations\n\nWe've been using `docker-compose` for acceptance tests for a long time, and while this approach did have issues (since test subjects and dependencies were not restarted between tests, we had to have some suites depending on other ones, which made the tests flaky and slow) we lived with it until the introduction of gRPC. \nOnce we started playing with gRPC we found an issue: the gRPC golang client tries to connect to the service when the service is started, and if it fails, it will keep returning that error for a while. \nSince we started our test subjects before the acceptance-tester in the former approach, our test subjects failed to call the mocked gRPC servers on the acceptance-tester.\n\nSo, we created a library that restarted our test subject interacting with `docker` from the acceptance test itself.\n\nThen, we found the need to restart multiple test subjects plus the complexity of having to handle two kinds of configurations (`docker-compose` for dependencies and `aceptadora` for test subjects) so we decided to extend the functionality of `aceptadora` to completely replace the `docker-compose` and allow managing the lifecycle of all dependencies from the test.\n\nYou can read [the full story on Medium](https://medium.com/cabify-product/acceptance-testing-go-services-using-aceptadora-428254c34d56).\n\n# Decisions\n\nEverything in aceptadora accepts `t *testing.T` and everything does `require.NoError(t, err)` because in tests nobody's going to handle the errors anyway, so we apply a fail-fast strategy, removing the retured errors and keeping the API clean for clearer acceptance tests.\n\n# Running\n\nIn order to handle multiple environments there are some stages in config loading. Notice that all the configs loaded expand the env vars set by `${VAR}` to their values from what's already loaded.\n\nFirst, we load some very basic env-dependant config, deciding on env vars to load a local or gitlab config. \nThis configuration mostly provides details about networking setup:\n- Where can acceptance-tester reach the services? \n  Usually this would be `localhost`, but on Gitlab it's `docker` as we're running `dind`.\n- Where can services reach the acceptance-tester? This will be set to the first local non-loopback IP address in the environment variable called `TESTER_ADDRESS`.\n  You can set this variable to something more specific before running the test too, in which case it won't be overwritten. \n\nOne may wonder: why don't we just decide all of that in some kind of test-loading shellscript? \nThe answer is that deciding that from the test itself allows us running the tests from any IDE as a normal test, instead of having a proxy script. \nOf course loading some env vars would work, but since `aceptadora` can do this for you, why should we care?\nThis way we can make sure that test running is portable and doesn't require any external dependencies.\n\nThen we load more env configs for the test itself, usually `acceptance.env`, which tells the acceptance test where the `aceptadora.yml` file is located, and how images from different docker registries are pulled.\nNotice that `acceptance.env` can be specific to each suite you may have if their paths are different. \nYou can load as many common configs as you want, loading an `acceptance.env` and then `../config/acceptance.env` for example.\n\nHere `aceptadora.New()` would load the `aceptadora.yml` file from the provided dir and filename, and it will also set `${YAMLDIR}` variable for the yamls itself to be able to reference its configs and binds from where the yaml is located instead of from where the test is located: this allows us having multiple test suites in different folders using the same `aceptadora.yml` file.\n\nFinally, we run services by just running `aceptadora.Run(ctx, \"svc-name-in-the-yaml\")`.\n\nAceptadora will also take care of stopping the services, you can call `aceptadora.Stop(ctx, svcName)` to stop one of them, or `StopAll(ctx)` to stop all the (still running) services.\n\n# Unit tests\n\nThis package doesn't have unit tests. \nAll the testing is performed by the example itself in the acceptance tests folder. \nThe unit tests would require either defining interfaces for the functionality that docker provides and mocking them, which would overcomplicate the code without offering enough value in exchange, or testing using the docker real docker API, which is already covered by the acceptance tests.\nHowever, this is opinionated. \nFeel free to disagree, open us an issue with your proposal, or even better, a pull request.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcabify%2Faceptadora","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcabify%2Faceptadora","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcabify%2Faceptadora/lists"}