What is the nature and description of the request?

Customers with private automation hub running in disconnected or airgapped environments have a much harder time syncing collection content from Automation Hub into their private automation hub.  Currently the best case scenario as I understand it is:

1. For all desired collections, create a requirements.yml file which lists each collection, then run ansible-galaxy collection download -r requirements.yml This will only download the current (or specified) version of each collection as well as the current version of any collection dependencies.
2. Transfer each file across the disconnected or airgap boundary
3. For each individual collection file, run ansible-galaxy collection publish <collection_tarball>.  On the private automation hub, these collections will be placed in the "Published" namespace regardless of which namespace the collection originally came from, so the customer has no way to distinguish certified collections from community collections.

Publication of the individual collection files to private automation hub could be automated, but each customer must determine how to do this on their own.

Why does the customer need this? (List the business requirements here)

In order to use any Ansible content collection in a disconnected environment, it must somehow be imported into the environment and made available through private automation hub or some other means.  Most customers who install AAP in a disconnected environment will use the setup bundle, which includes a subset of our certified collections that will be added to the private automation hub at install time.  However, keeping these collections up to date or adding new collections requires the somewhat manual process described above.

Common market verticals where installing AAP in disconnected environments is common include government intelligence, government defense, and FSI.

How would you like to achieve this? (List the functional requirements here)

There are a few areas where improvements could be made to the process of importing content into a disconnected private automation hub:

1. Improve the ansible-galaxy collection publish command so that it will accept a file similar to requirements.yml, so that multiple collections can be published with a single command. This has already been requested in AAPRFE-56.
2. Similar to Red Hat Satellite export and import, use the underlying features of pulp in the private automation hub to allow exporting of collection content (everything or a subset/delta) to a single file, and then import that file into a different private automation hub.  In this scenario the customer would need an internet-connected private automation hub which regularly syncs content from Automation Hub and/or Galaxy into their appropriate namespaces.  Content would be exported from this private automation hub, the resulting file brought across the disconnected boundary, and then imported into the private automation hub in the disconnected environment.  This would have the advantage of allowing the customer to bring in multiple versions of collections, more easily manage deltas (so only newer or missing content is imported), and reduce the number of commands required to import collections into the disconnected private automation hub.  Note that this request was originally made in ANSTRAT-429, but for some reason it was closed after issuing a KB article which describes the current best-case scenario.
3. In the interim it may be useful to have a validated content collection which makes it easier to bulk-import a bunch of collection files that are created with ansible-galaxy collection download -r requirements.yml, assuming that development of such a collection would be quicker than adding the enhancements above to their respective components.  This collection could then be added to the setup bundle, making it available to customers on disconnected networks from day one.