Liquibase Pro – Add Custom Quality Checks

November 29, 2022

Why automate database changes when you still require your DBAs to review your scripts? Particularly when you have documented coding standards for database changes. A key benefit of database deployment automation is to deploy to target databases as quickly as possible without requiring manual intervention. Liquibase is the preferred tool for deployment automation, and now with Quality Checks, Liquibase Pro can also perform the most common DBA functions: validate scripts for coding standards.

What’s Inside the Box?

Database coding standards can span a wide range depending on the database and the types of changes. For example, object naming convention, no permission statements allowed in a script, or no DROP statements allowed. 

Liquibase Pro offers many out of the box Quality Checks. But let’s take a look at capabilities to add new Quality Checks. You will use the Liquibase command line interface (CLI) to configure new checks. New checks can be created by copying existing checks and customizing them. Liquibase makes this easy by using only one command:

liquibase checks customize --check-name=<existing_check_name>

Based on the check being customized, Liquibase will prompt the user for additional inputs. The newly customized check is saved in the checks configuration file, which will need to be committed into a repository for it to be consumed during the pull request automated review or before database deployment automation.

Check: Oracle Reserved Keywords in Object Name

For example, let’s say you want to disallow users from using specific Oracle-reserved keywords in database object names. You will use the existing check, OracleReservedKeywords, to customize the check for additional keywords: 

liquibase checks customize --check-name=OracleReservedKeywords

Liquibase will prompt as follows:

PromptCommand or User Input
Give your check a short name for easier identification (up to 64 alpha-numeric characters only):OracleReservedKeywords1
Set the Severity to return a code of 0-4 when triggered. (options: ‘INFO’|0, ‘MINOR’|1, ‘MAJOR’|2, ‘CRITICAL’|3, ‘BLOCKER’|4)?<Choose a value: 0, 1, 2, 3, 4>
Set ‘OBJECT_TYPES’ to check, separated by commas (options: TABLE, COLUMN, SEQUENCE, INDEX):<TABLE, COLUMN, SEQUENCE or INDEX>
Set ‘ALLOWED_LIST’:<List of comma separated keywords allowed>
Set ‘CASE_SENSITIVE’ (options: true, false)<true or false>

Check: No Grants to SYSTEM

Another example is to disallow an operation but that the operation can only be identified by a collection of words. Here are a few SQL commands that should be disallowed to prevent any GRANT operation to SYSTEM objects:


In order to add a check for such statements, you will need to customize a SQL pattern check, SqlUserDefinedPatternCheck, as follows:

PromptCommand or User Input
liquibase checks customize --check-name=SqlUserDefinedPatternCheck
Give your check a short name for easier identification (up to 64 alpha-numeric characters only) [SqlUserDefinedPatternCheck1]:NoGrantsToSystem
Set the Severity to return a code of 0-4 when triggered. (options: ‘INFO’|0, ‘MINOR’|1, ‘MAJOR’|2, ‘CRITICAL’|3, ‘BLOCKER’|4)? [INFO]:<Choose a value: 0, 1, 2, 3, 4>
Set ‘SEARCH_STRING’ (options: a string, or a valid regular expression):(?i:grant)[\t\n\r\s\S]*(?i:to system)
Set ‘MESSAGE’ [A match for regular expression <SEARCH_STRING> was detected in Changeset.]:Error! GRANT to SYSTEM not allowed.
Set ‘STRIP_COMMENTS’ (options: true, false) [true]:true

Custom Quality Checks – A GitHub Repository

A number of new and custom Liquibase Pro Quality Checks are made available at this GitHub repo. This repository is organized according to the database that the quality checks are compatible with. Each file is a description of the custom Quality Check and contains step-by-step instructions for adding the check. Each file also contains sample failing SQL scripts to show the context against which these checks are performed. 

Recall that once you configure your custom checks, commit the checks configuration file to the DBA repository. During automation, you will pull down the checks configuration file into your workspace and run the following command to execute checks against incoming SQL scripts: 

liquibase checks run

We welcome any contributions from the community to improve these checks or add new checks.

Article author
Adeel Malik Principal Solutions Architect