RFE: Allow setting pushed images public or private

[myllynen]

It would be nice if each item in ee_list would have a parameter to control whether the pushed image is kept private (the current PAH default) or change it to public after pushing which would allow unauthenticated users to pull it. While the default is the correct choice from a security perspective and suitable for most environments, in some cases and for various reasons some images would need to be public.

There's an example playbook showing how to adjust this for EE images at PAH, perhaps the implementation in the role could be something similar, in case this RFE is accepted and implemented:

https://github.com/myllynen/aap-automation/blob/master/examples/aap_ee_auth.yml

Thanks.

[djdanielsson]

that should be in your hub configuration and has nothing to do with the building of the EE which is what ee_utilities handles.

[myllynen]

Care to point out where this would be in the hub configuration? If I don't have EEs at the hub, say foo/bar and something/else and I use ee_utilities to build & push them, then it's not that obvious where and how I should set foo/bar public and something/else private. Thanks.

[sean-m-sullivan]

This is an option that is not in the https://github.com/ansible-collections/ansible_hub/blob/main/plugins/modules/ah_ee_image.py

So the RFE needs to start there.
Once there we need to put the opion in the AAP configuration collection
https://github.com/redhat-cop/infra.aap_configuration/tree/devel/roles/hub_ee_image

Once that is there we need to add it to here
https://github.com/redhat-cop/ee_utilities/blob/devel/roles/ee_builder/templates/ee_controller.yaml.j2

And then call dispatch from aap config after this using that set var.
Ideally in the end you would add that config to your aap_config permanently.