Embedded Files
Liquibase allows you to provide database connection information using specific environment variables. You can store this information in third-party vaults, such as a Jenkins Credential Store.
If you have code that retrieves credentials from Hashicorp Vault or AWS Secrets Manager, you can store them in Liquibase environment variables. Liquibase will consume values from these environment variables at runtime when connecting to the database.
Environment variable values
Environment variable values
All Liquibase properties have a corresponding environment variable.
However, for connections to a database, Liquibase uses values from these environment variables:
LIQUIBASE_COMMAND_URL
LIQUIBASE_COMMAND_USERNAME
LIQUIBASE_COMMAND_PASSWORD
Environment variables+database connections
Environment variables+database connections
A typical example of when environment variables can be used for database connections:
CI/CD tools generally allow you to configure variables that translate into environment variables at runtime.
CLI commands for AWS and Azure allow you to retrieve a username and password for a database and assign them to an environment variable.
Here is an example of an AWS command line that can generate a DB Auth Token and be assigned to LIQUIBASE_COMMAND_PASSWORD environment variable (Using Liquibase with AWS RDS):
What to do next
What to do next
Page updated
Report abuse