Automation Hub Private Repository
Background
We want to allow users to create they own collection under company namespace, but not sharing with the rest of the Hub users
Procedures
- Create a Automation Hub group, but not adding any role to it.
- Assign the user to the group. For example,
hub_user2
is inhub_group2
- Create a private Automation Hub repository. Make sure
Create Distribution
check box is selected. SetPipeline
toNone
, otherwise the approval process will publish to the publicpublished
repo. - Go to
Access
tab of the created repository, select the group created above - Select
galaxy.ansible_repository_owner
role on the next step, and then clickAdd
to complete -
We can add exisiting collection under the
Collection versions
tab, but we will push a new collection via command line. Copy the info from the pop-up window by clickingCopy CLI configuration
button on top right. Update theansible.cfg
file with this new repo info.[galaxy] server_list = developer_repo [galaxy_server.developer_repo] url=https://aap-hub1.lab.automate.nyc/api/galaxy/content/developer_repo/ token=my_token
- Create the namesapce
automate_nyc
for our collection. - Under the
Access
tab of the created namespace, select the created group from above - Select both
galaxy.collection_namespace_owner
andgalaxy.collection_publisher
to give the group full access to the repository content - With the updated
ansible.cfg
pointing todeveloper_repo
, push the collection usingansible-galaxy
ansible-galaxy collection publish automate_nyc-test-1.0.5.tar.gz
- Verify the collection under the repository
- But we won’t be able to see it under
automate_nyc
namespace because theHide from search
option of the repository - Other Hub users won’t be able to see the repository or collection neither.
- To use the collection in AAP, we will need to add a
Ansible Galaxy/Automation Hub API Token
specificly for this repository, similar to what we added toansible.cfg
, and assign to the organization
Leave a comment