Adobe Experience Manager Sites & More

ok, will try and confirm.

ok, will check and confirm. Thanks for sharing the link

Hello Team / @AbhishekSa5 / @EstebanBustamante / @Jörg_Hoh / @chaudharynick / @Harwinder-singh 

I am finding repoinit errors while deploying code to cloud instance. Build is getting successful, but it's not getting deployed. I see there are errors in the log file :

2024-12-02 23:46:19.576 [configuration-api] Configuration org.apache.sling.commons.log.LogManager.factory.config~tfal: Property org.apache.sling.commons.log.pattern - Property is not allowed (com.tfal:tfal.all:0.0.1-SNAPSHOT|com.tfal:tfal.ui.apps.common:0.0.1-SNAPSHOT)
2024-12-02 23:46:19.576 Analyser errors have been found
2024-12-02 23:46:19.577 The analyser found the following errors for author :
2024-12-02 23:46:19.577 [repoinit] repoinit: Parsing error in repoinit from extension : org.apache.sling.repoinit.parser.impl.ParseException: Encountered "" at line 185, column 2.
Was expecting one of:

This is the existing repoinit script for which there isnt any issue. I mean build is successful and it is getting deployed as well in cloud.

Existing script :
{
"scripts": [
"# Create group & Set Permission to ga_AEM_YYYYYY_ContentAuthors_PRD group\n create group ga_AEM_YYYYYY_ContentAuthors_PRD\n set ACL for ga_AEM_YYYYYY_ContentAuthors_PRD\n allow jcr:read on /\n deny crx:replicate on /content\n allow jcr:versionManagement, rep:write, jcr:lockManagement on /content\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /etc\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /var\n end",
"# Create group & Set Permission to ga_AEM_YYYYYY_ContentApprovers_PRD group\n create group ga_AEM_YYYYYY_ContentApprovers_PRD\n set ACL for ga_AEM_YYYYYY_ContentApprovers_PRD\n allow jcr:read on /\n deny crx:replicate on /conf\n allow jcr:versionManagement, rep:write, jcr:lockManagement on /content\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /etc\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /var\n end",
"# Create group & Set Permissions to ga_AEM_YYYYYY_ContentReviewerLegal_PRD group\n create group ga_AEM_YYYYYY_ContentReviewerLegal_PRD\n set ACL for ga_AEM_YYYYYY_ContentReviewerLegal_PRD\n allow jcr:read on /\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /etc\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /var\n end",
]
}

But when I am trying to add few more lines of script to existing one, the deployment to cloud is getting failed :

{
"scripts": [
"# Create group & Set Permission to ga_AEM_YYYYYY_ContentAuthors_PRD group\n create group ga_AEM_YYYYYY_ContentAuthors_PRD\n set ACL for ga_AEM_YYYYYY_ContentAuthors_PRD\n allow jcr:read on /\n deny crx:replicate on /content\n allow jcr:versionManagement, rep:write, jcr:lockManagement on /content\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /etc\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /var\n end",
"# Create group & Set Permission to ga_AEM_YYYYYY_ContentApprovers_PRD group\n create group ga_AEM_YYYYYY_ContentApprovers_PRD\n set ACL for ga_AEM_YYYYYY_ContentApprovers_PRD\n allow jcr:read on /\n deny crx:replicate on /conf\n allow jcr:versionManagement, rep:write, jcr:lockManagement on /content\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /etc\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /var\n end",
"# Create group & Set Permissions to ga_AEM_YYYYYY_ContentReviewerLegal_PRD group\n create group ga_AEM_YYYYYY_ContentReviewerLegal_PRD\n set ACL for ga_AEM_YYYYYY_ContentReviewerLegal_PRD\n allow jcr:read on /\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /etc\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /var\n end",
"# Create Service User\n create service user toyotaWorkflowUser\n set ACL on /libs,/content,/conf,/etc\n allow jcr:all for toyotaWorkflowUser\n end",
"# Create group & Set Permission to ga_AEM_ZZZZZZ_YYYYYY_Content_Author_PRD group\n create group ga_AEM_ZZZZZZ_YYYYYY_Content_Author_PRD\n set ACL for ga_AEM_ZZZZZZ_YYYYYY_Content_Author_PRD\n create path /content/powertorque\n allow jcr:read on /var/workflow/models\n deny jcr:read on /var/workflow/models restriction(rep:glob,/scheduled_tree_activation/)\n deny jcr:read on /var/workflow/models restriction(rep:glob,/scheduled_activation_with_references/)\n allow jcr:read on /\n deny crx:replicate on /content/powertorque\n allow jcr:versionManagement, rep:write, jcr:lockManagement on /content/powertorque\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /etc\n allow jcr:read, jcr:versionManagement, rep:write, jcr:lockManagement on /var\n end",
"# Create group ga_AEM_ZZZZZZ_YYYYYY_Content_Approver_PRD\n create group ga_AEM_ZZZZZZ_YYYYYY_Content_Approver_PRD\n set ACL for ga_AEM_ZZZZZZ_YYYYYY_Content_Approver_PRD\n allow jcr:read on /\n deny crx:replicate on /conf\n allow jcr:read, rep:write, jcr:lockManagement, jcr:versionManagement on /var\n deny jcr:all on /content/powertorque\n deny jcr:all on /etc/workflow/models\n allow jcr:read on /content/experience-fragments/powertorque\n deny jcr:all on /content/experience-fragments/powertorque\n end",
"# Create group & Set Permissions to ga_AEM_ZZZZZZ_YYYYYY_Global_Admin_PRD\n create group ga_AEM_ZZZZZZ_YYYYYY_Global_Admin_PRD\n set ACL for ga_AEM_ZZZZZZ_YYYYYY_Global_Admin_PRD\n allow jcr:all on /content/experience-fragments/powertorque\n allow jcr:all on /content/dam/powertorque\n allow jcr:all on /\n allow jcr:all on /content/powertorque\n allow jcr:all on /etc\n allow jcr:all on /var\n allow jcr:all on /conf\n end",
"# Create group ga_AEM_ZZZZZZ_XXXXXX_Content_Approver_PRD\n create group ga_AEM_ZZZZZZ_XXXXXX_Content_Approver_PRD\n set ACL for ga_AEM_ZZZZZZ_XXXXXX_Content_Approver_PRD\n allow jcr:read on /\n deny crx:replicate on /conf\n allow jcr:read, rep:write, jcr:lockManagement, jcr:versionManagement on /var\n deny jcr:all on /content/XXXXXX\n deny jcr:all on /etc/workflow/models\n allow jcr:read on /content/experience-fragments/XXXXXX\n deny jcr:all on /content/experience-fragments/XXXXXX\n end",
"# Create group & Set Permissions to ga_AEM_ZZZZZZ_XXXXXX_Global_Admin_PRD\n create group ga_AEM_ZZZZZZ_XXXXXX_Global_Admin_PRD\n set ACL for ga_AEM_ZZZZZZ_XXXXXX_Global_Admin_PRD\n allow jcr:all on /content/experience-fragments/XXXXXX\n allow jcr:all on /content/dam/XXXXXX\n allow jcr:all on /\n allow jcr:all on /content/XXXXXX\n allow jcr:all on /etc\n allow jcr:all on /var\n allow jcr:all on /conf\n end",
"# Create group ga_AEM_ZZZZZZ_PAF_Content_Approver_PRD\n create group ga_AEM_ZZZZZZ_PAF_Content_Approver_PRD\n set ACL for ga_AEM_ZZZZZZ_PAF_Content_Approver_PRD\n allow jcr:read on /\n deny crx:replicate on /conf\n allow jcr:read, rep:write, jcr:lockManagement, jcr:versionManagement on /var\n deny jcr:all on /content/paf\n deny jcr:all on /etc/workflow/models\n allow jcr:read on /content/experience-fragments/paf\n deny jcr:all on /content/experience-fragments/paf\n end",
"# Create group & Set Permissions to ga_AEM_ZZZZZZ_PAF_Global_Admin_PRD\n create group ga_AEM_ZZZZZZ_PAF_Global_Admin_PRD\n set ACL for ga_AEM_ZZZZZZ_PAF_Global_Admin_PRD\n allow jcr:all on /content/experience-fragments/paf\n allow jcr:all on /content/dam/paf\n allow jcr:all on /\n allow jcr:all on /content/paf\n allow jcr:all on /etc\n allow jcr:all on /var\n allow jcr:all on /conf\n end"
]
}

Can someone help me what is it I am missing, or is there any other step that I could do

quick question- so if I remove the ACLs from groups first and deploy the script across all environments so everytime codebase gets deployed it will again delete the ACLs and add permissions again?

Thanks,

Abhishek

Hi @AbhishekSa5 

Yes. Also, if you have specific rules to be removed you can deny those ACLs on the path mentioned.

you can refer to https://sling.apache.org/documentation/bundles/repository-initialization.html#repoinit-parser-test-s... for syntax.