Host execution environment wizard templates in a private Git repository
Copy the EE Builder wizard templates from the public Ansible GitHub repository to a private repository for use in private or air-gapped environments.
Before you begin
- You have access to a system that can reach
github.comto download template files (or you have already obtained the files). - You have a private Git repository accessible from your deployment environment.
- For dynamic plugins in air-gapped environments: you have access to an internal container registry for mirroring GitHub Container Registry images.
About this task
The EE Builder wizard uses templates to guide users through creating execution environment definitions. By default, these templates are loaded from the public ansible/ansible-rhdh-templates repository on GitHub. If your deployment cannot reach GitHub — or you want to host templates in a private repository — copy the template files and update the catalog locations to point to your internal source.
After updating the catalog locations, import the templates into automation portal. See Import an existing EE definition for the import procedure.
Procedure
Results
- Log in to automation portal and navigate to Execution Environments > Create.
- Verify that the templates loaded from your private repository appear.
What to do next
Additional considerations for private or air-gapped environments
- EE image destination: Private automation hub is the target registry for pushing built EE images. Configure the build registry in the execution environment builder wizard or template defaults to point to your private automation hub instance.
- Dynamic plugins: Automation portal dynamic plugins are installed from GitHub Container Registry. In air-gapped environments, mirror the required plugin images to an internal container registry. See Install in an air-gapped environment in the Installing Ansible automation portal on OpenShift Container Platform guide.
- Mirror content sources (private automation hub, internal Git) for collection discovery.
- Configure proxy settings and CA certificates if your environment requires them for outbound connections. See Configuring proxy settings and Adding custom CA certificates in the Installing Ansible automation portal on OpenShift Container Platform guide.
- If your internal Git hosts or registries use self-signed certificates, two separate settings apply:
checkSSL: false— applies toansibleGitContentscontent discovery providers (see Configure collection discovery sources). Controls TLS verification when crawling Git repositories forgalaxy.ymlfiles.skipTlsVerifyForHosts— applies to the CI activities page and other catalog interactions with Git hosts. Controls TLS verification when fetching workflow run data and repository metadata.
These settings serve different purposes. You may need to configure both if your internal hosts use self-signed certificates:
catalog: ansible: skipTlsVerifyForHosts: - git.internal.example.com - registry.internal.example.com