AEM Repository Initialization with RepoInit

May 15, 2021

Apache Sling 'RepoInit' script is a convenient tool for content migrations and repository initialization in AEM. Inline RepoInit Script can be added to OSGi configuration files via the scripts property of the  RepositoryInitializer OSGi factory configuration. This conveniently allows the scripts to be targeted by different run modes (e.g. author, publish) or environments (e.g. dev, stage, prod).

Note: because scripts are typically multi-line declaration, it is easier to define them in the .config file, than the JSON-based .cfg.json format. 

When a new AEM multi-module Archetype 27 project is generated, a RepoInit script in each format (e.g. .config, .cfg.json) is created by default at the project path:

  • ui.config/src/main/content/jcr_root/apps/<project-name>/osgiconfig/config/

The file names are:


Use Case

In this use case, I want to ensure each developer's AEM instance will have consistent namespaces, users/groups, node structures & types.

Below is the example acceptance criteria for a developer story:

  • Register a custom JCR Namespace 
  • Create a folder named tutorials within the dam assets
  • Create a service user with predefined access control rules and permissions
  • Create the administrator's group and add the service user as a member

1) Create a new configuration to hold the inline RepoInit script. Save the file to the following project path: ui.config/src/main/content/jcr_root/apps/<project-name>/osgiconfig/config/

    register namespace ( tuts )

    create path /content/dam/tutorials(sling:OrderedFolder)/jcr:content(nt:unstructured)
    set properties on /content/dam/tutorials/jcr:content
        set jcr:title{String} to \"AEM Tutorials\"

    create service user aem-tutorials-auth-service with path system/cq:services/tutorials
    set principal ACL for aem-tutorials-auth-service
        allow jcr:versionManagement,jcr:read,crx:replicate,rep:write,jcr:lockManagement on /content
        allow jcr:versionManagement,jcr:read,crx:replicate,rep:write,jcr:lockManagement on /conf
        allow jcr:read on /apps

    create group administrators
    add aem-tutorials-auth-service to group administrators

2) Build project, then use CRXDE query tool to locate service user and verify principal policy
CRXDE Lite Query Tool