Asset registry, discovery, and credential vending for the CAVE stack.
Reference the justfile to see what the specific commands are. Otherwise, install just.
# Clone and enter the repo
git clone <repo-url> && cd catalog
# Copy the example env file
just setup
# Start PostgreSQL + the catalog service
just up
# Apply database migrations
just migrate
# Verify the service is running
open http://localhost:8000/docsThe Swagger UI at http://localhost:8000/docs shows all available endpoints.
To reset the database (wipes all data):
just resetFor faster iteration, run only PostgreSQL in Docker and the service directly on your host:
just devCode changes in src/ will trigger an automatic restart.
Tests use an in-memory SQLite database — no Docker or PostgreSQL needed.
just testRun type checking (mypy):
just typecheckRun linting and formatting:
just lintRun all checks (tests + type checking):
just checksThe test fixtures in tests/conftest.py provide:
_env(autouse): setsAUTH_ENABLED=falseandDATABASE_URLto SQLite, clears config caches between testsclient: an asynchttpx.AsyncClientwired to the app with a per-test SQLite DB, tables auto-created
Apply all pending migrations to your local database:
just migrateGenerate a new migration after changing SQLAlchemy models:
just new-migration msg="describe your change"Review the generated file in migrations/versions/ before committing.
Note: Alembic reads
DATABASE_URLfromalembic.iniby default (pointing atlocalhost:5432). Make sure your local PostgreSQL is running.
By default, .env.example sets AUTH_ENABLED=false, which disables all authentication and permission checks. Any request is accepted regardless of headers.
To test with real authentication against the CAVE middle_auth service:
AUTH_ENABLED=true
AUTH_SERVICE_URL=https://globalv1.daf-apis.com/authWith auth enabled, requests must include a valid Authorization: Bearer <token> header. The server validates tokens against the middle_auth instance and checks datastack-level permissions for read/write operations.