Managing repositories in automation hub

Red Hat Ansible Automation Platform 2.4

Create and manage custom repositories in automation hub.

Red Hat Customer Content Services

Abstract

This guide shows you how to create, edit, delete, and move content between custom repositories in automation hub.

Preface

Repository management is included with Red Hat automation hub. It allows you to create, edit, modify and delete repositories.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Providing feedback on Red Hat documentation

We appreciate your feedback on our technical content and encourage you to tell us what you think. If you’d like to add comments, provide insights, correct a typo, or even ask a question, you can do so directly in the documentation.

Note

You must have a Red Hat account and be logged in to the customer portal.

To submit documentation feedback from the customer portal, do the following:

  1. Select the Multi-page HTML format.
  2. Click the Feedback button at the top-right of the document.
  3. Highlight the section of text where you want to provide feedback.
  4. Click the Add Feedback dialog next to your highlighted text.
  5. Enter your feedback in the text box on the right of the page and then click Submit.

We automatically create a tracking issue each time you submit feedback. Open the link that is displayed after you click Submit and start watching the issue or add more comments.

Chapter 1. Repository management

Automation hub includes two types of repositories where you can publish content:

Staging repositories
Any user with permission to upload for a namespace can publish content into these repositories. Content in these repositories are not available in the search page, but rather, are displayed on the approval dashboard for an administrator to verify.
Custom repositories
Any user with write permissions on the repository can publish content to these repositories. These repositories are not displayed on the approval dashboard. They can show up on the search page depending on whether search is enabled by the owner of the repository. Custom repositories can be private repositories where only users with view permissions can see them, or public where all users can see them.

Staging repositories are marked with the pipeline=staging label. By default, automation hub ships with one staging repository that is automatically used when a repository is not specified for uploading collections. However, users can create new staging repositories during repository creation.

1.1. Approval pipeline

Automation hub allows you to approve collections into any repository that is marked with the pipeline=approved label. By default, automation hub ships with one repository for approved content, but you have the option to add more from the repository creation screen. Repositories marked with this label are not eligible for direct publishing and collections must come from one of the staging repositories.

Auto approval
When auto approve is enabled, any collection uploaded to a staging repository is automatically promoted to all of the repositories marked as pipeline=approved.
Approval required

When an administrator navigates to the approval dashboard, they can see the collections that have been uploaded into any of the staging repositories. From here they are presented with an Approve button. Clicking Approve displays a list of approved repositories. From this list, the administrator can select 1 or more repositories to which the content should be promoted.

If only one approved repository exists, the collection is automatically moved into it and the administrator is not prompted to select a repository.

Rejection
Rejected collections are automatically placed into the pre-installed rejected repository.

1.2. Role Based Access Control

Role Based Access Control (RBAC) restricts user access to custom repositories based on their defined role. By default, users can view all public repositories in their automation hub, but they cannot modify them unless they have explicit permission to do so. This is the same for other operations on the repository. For example, removing a user’s rights revokes their ability to download content from a custom repository. See Configuring user access for your local automation hub for information about managing user access in automation hub.

1.3. Basic repository management

With basic repository management, you can create, edit, delete, and move content between repositories.

1.3.1. Create a repository

Use this procedure to create a repository.

Procedure

  1. Log in to Red Hat Ansible Automation Platform.
  2. Navigate to Automation HubRepositories.
  3. Click Add repository.
  4. Enter a Repository name.
  5. Enter a Description that indicates the purpose of the repository.

  6. To retain previous versions of your repository each time you make a change, select Retained number of versions. The number of retained versions can range anywhere between 0 and unlimited. To save all versions, leave this set to null.

    Note

    If there are issues with a change to your custom repository, retained versions allow you to revert to a different repository version.

  7. Select the Pipeline for the repository. The available options include the following:

    Staging
    Anyone is allowed to publish content into the repository.
    Approved
    Anything added to this repository is required to go through the approval process through the staging repository. When auto approve is enabled, any collection uploaded to a staging repository is automatically promoted to all of the approved repositories.
    None
    Any user with permissions on the repository can publish to the repository directly and it is not part of the approval pipeline.
  8. To hide the repository from search results, select Hide from search. This is selected by default.
  9. To make the repository private, select Make private. This hides the repository from anyone who does not have permissions to view the repository.
  10. To sync the content from a remote into this repository, select Remote and select the remote that contains the content you want included in your custom repository. For more information, see Repository sync.

  11. Click Save.

    After the repository is created, the details page is displayed.

    From here, you can provide access to your repository, review or add collections, and work with the saved versions of your custom repository.

1.3.2. Provide access to a repository

By default, private repositories and the content are hidden from all users in the system. Public repositories can be viewed by all users, but cannot be modified. Use this procedure to provide access to your custom repository.

Procedure

  1. Log in to Red Hat Ansible Automation Platform.
  2. Navigate to Automation HubRepositories.
  3. Locate your repository in the list and click more actions , then select Edit.
  4. Select the Access tab.

  5. Select a group for Repository owners.

    See Configuring user access for your local automation hub for information about implementing user access.

  6. Select the roles you want assigned for the selected group.
  7. Click Save.

1.3.3. Adding collections to a repository

After your repository is created, you can begin adding collections to it.

Procedure

  1. Log in to Red Hat Ansible Automation Platform.
  2. Navigate to Automation HubRepositories.
  3. Locate your repository in the list and click more actions , then select Edit.
  4. Select the Collections version tab.
  5. Click Add Collection and select the collections you want added to your repository.
  6. Click Select.

1.3.4. Revert to a different repository version

When content is added or removed from a repository, a new version of it is created. If there are issues with a change to your custom repository, you can revert to a previous version. Reverting is a safe operation and does not delete content from the system, but rather, changes the content associated with the repository. The number of versions saved is defined in the Retained number of versions setting when a repository is created.

Procedure

  1. Log in to Red Hat Ansible Automation Platform.
  2. Navigate to Automation HubRepositories.
  3. Locate your repository in the list and click more actions , then select Edit.
  4. Locate the version you want to rollback to and click more actions , then select Revert to this version.
  5. Click Revert.

Chapter 2. Remote management

You can set up remote configurations to any server that is running automation hub. Remote configurations allow you to sync content to your custom repositories from an external collection source.

2.1. Basic remote management

With basic remote management, you can create a remote configuration to an external collection source and sync the content from those collections to your custom repositories.

2.1.1. Create a remote

Use this procedure to create a remote configuration to an external collection.

Procedure

  1. Log in to Red Hat Ansible Automation Platform.
  2. Navigate to Automation HubRemotes.
  3. Click Add Remote.
  4. Enter a Name for the remote configuration.

  5. Enter the URL for the remote server, including the path for the specific repository.

    Note

    You can obtain this information by navigating to Automation HubRepositories, selecting your repository, and clicking Copy CLI configuration.

  6. Configure the credentials to the remote server by entering a Token or Username and Password required to access the external collection.

    Note

    A Token can be generated by navigating to Automation HubAPI token, clicking Load token and copying the token that is loaded.

  7. To access collections from console.redhat.com, enter the SSO URL to sign in to the identity provider (IdP).

  8. Select or create a YAML requirements file to identify the collections and version ranges to synchronize with your custom repository. For example, to only download the kubernetes and AWS collection versions 5.0.0 or later the requirements file would look like this: 

    Collections:
 	  - name: community.kubernetes
	  - name: community.aws
 		version:”>=5.0.0”
    Note

    All collection dependencies are automatically downloaded during the Sync process.

  9. To configure your remote further, use the options available under Advanced configuration:

    1. If there is a corporate proxy in place for your organization, enter a Proxy URL, Proxy Username and Proxy Password.
    2. Enable or disable transport layer security using the TLS validation checkbox.
    3. If digital certificates are required for authentication, enter a Client key and Client certificate.
    4. If you are using a self-signed SSL certificate for your server, enter the PEM encoded client certificate used for authentication in the CA certificate field.
    5. To accelerate the speed at which collections in this remote can be downloaded, specify the number of collections that can be downloaded in tandem in the Download concurrency field.

    6. To limit the number of queries per second on this remote, specify a Rate Limit.

      Note

      Some servers can have a specific rate limit set and if exceeded, synchronization will fail.

2.1.2. Provide access to a remote

After a remote is created, you can provide access to it by doing the following.

Procedure

  1. Log in to Red Hat Ansible Automation Platform.
  2. Navigate to Automation HubRemotes.
  3. Locate your repository in the list and click more actions , then select Edit.
  4. Select the Access tab.
  5. Select a group for Repository owners. See Configuring user access for your local Automation Hub for information about implementing user access.
  6. Select the appropriate roles for the selected group.
  7. Click Save.

Chapter 3. Repository sync

You can distribute relevant collection content to your users by synchronizing repositories from one automation hub to another. You should synchronize your custom repository with the remote to ensure you have the latest collection updates.

3.1. Basic repository sync

Use this procedure to sync a repository from one automation hub instance to another.

Procedure

  1. Log in to Red Hat Ansible Automation Platform.
  2. Navigate to Automation HubRepositories.

  3. Locate your repository in the list and click Sync.

    All collections in the configured remote are downloaded to your custom repository. To check the status of the collection sync, select Task Management from the Navigation panel.

    Note

    To limit repository synchronization to specific collections within a remote, you can identify specific collections to be pulled using a requirements.yml file. See Create a remote for more information.

Additional resources

For more information about using requirements files, see Install multiple collections with a requirements file in the Galaxy User Guide.

Chapter 4. Exporting and importing collections

Ansible automation hub stores collections within repositories. These collections are versioned by the curator, therefore, many versions of the same collection can exist in the same or different repositories at the same time.

Collections are stored as tar files that can be imported and exported. This ensures the collection you are importing to a new repository is the same one that was originally created and exported.

4.1. Export a collection

After collections are finalized, they can be delivered to new destinations and distributed to others users across your organization. Use the following procedure to export a collection.

Procedure

  1. Log in to Red Hat Ansible Automation Platform.
  2. Navigate to Automation HubCollections. The Collections page displays all of the collections across all of the repositories and allows you to search for a specific collection.
  3. Select the collection you want to export. The collection details page is displayed.
  4. From the Installation tab, select Download tarball. The tar file is downloaded to your default browser downloads folder and available to be imported to the location of your choosing.

4.2. Import a collection

To import a collection for use in a custom repository, it must be imported into your namespace and approved. If the collection is not approved, it is not displayed in the published repository.

Procedure

  1. Log in to Red Hat Ansible Automation Platform.
  2. Navigate to Automation HubNamespaces. The Namespaces page displays all of the namespaces available.
  3. Click View Collections.
  4. Click Upload Collection.
  5. Navigate to the collection tarball file, select the file and click Open.

  6. Click Upload.

    The My Imports screen provides a summary of tests and notifies you whether the collection uploaded successfully or failed.

    Note

    The collection must be approved before it can be added to your repository. See Approval pipeline for more information about collection and repository approvals.

Legal Notice

Copyright © 2023 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.