Skip to content

github-workflows-dojo360-database-promotion

Promote Liquibase database changes across environments (dev→qa→cert→prod) with deployment-path validation and approval gates

active
IDE:
claude
codex
vscode
Version:
1.0.0
Owner:pcorazao
github-actions
workflow
dojo360

Database Promotion Workflow Skill

Overview

The Database Promotion workflow promotes Liquibase-driven database changes across multiple environments using a single workflow run.

Like other Dojo360 promotion workflows, it typically:

  • Validates your requested deployment-path against the promotion-path from team metadata
  • Executes environment stages sequentially
  • Uses GitHub Environments/protection rules as approval gates between stages
  • Keeps a consistent ref across all environments

Workflow Reference

Repository: dojo360/pipelines-workflows
Workflow: .github/workflows/database-promotion.yml
Docs: https://github.com/dojo360/pipelines-workflows/tree/main/web/database-promotion/index.md

Key Features

  • Multi-environment database change promotion
  • Deployment path validation (deployment-path vs metadata promotion-path)
  • Approval gates between environments (via GitHub Environments)
  • Optional rollback patterns (tag/count) depending on your Liquibase strategy

Prerequisites

  • Dojo360 Metadata API onboarding (or equivalent metadata file) with a defined promotion-path
  • GitHub Environments created for each stage in your path (e.g., dev, qa, cert, prod) with protection rules as needed
  • Liquibase changelog present in repo
  • Database connectivity and credentials available at runtime (GitHub Secrets / PRM / Volcan / platform secret store)

Required Inputs (Typical)

Exact inputs can vary by Dojo360 version; confirm against the Dojo360 docs.

InputTypeDescription
aide-idstringAIDE ID used to fetch team metadata
team-namestringTeam name used for metadata lookup
domainstringDomain used for metadata lookup
cloud-typestringCloud provider (e.g., awsOptum, azureOptum, gcp)
deployment-pathstringHyphen-separated stages (e.g., dev-qa-cert-prod)

Liquibase Inputs (Typical)

InputTypeDescription
liquibase-changelog-filestringPath to changelog file
liquibase-contextsstringOptional contexts
liquibase-labelsstringOptional labels

Required Permissions

Promotion workflows typically require:

permissions:
  id-token: write
  contents: write
  actions: read
  pull-requests: write
  security-events: write
  checks: write
  issues: read

Templates

Ready-to-copy examples are in .github/skills/github-workflows-dojo360-database-promotion/templates/:

  • basic-database-promotion.yml
  • database-promotion-with-rollback.yml
  • database-promotion-ci-integrated.yml

Notes / Gotchas

  • Use validate in PRs and reserve promotion for protected branches/tags.
  • Avoid hardcoding DB credentials; prefer secret stores and environment-level controls.
  • Ensure the same Liquibase changelog is promoted (use tags/releases or a pinned ref).

Related Assets