Run a policy check
Last updated: July 18, 2025
The Liquibase Policy Checks feature allows you to build quality, security, and compliance into your database development workflow by utilizing the checks command. It operates by running checks against a changelog and customizing the Check's configuration, which will notify you when it identifies the specified scenario.
Note: This is a Liquibase Pro feature, so you need a Liquibase Pro License Key to use it.
Run checks against your changelog with the default configuration
The policy checks capability supports all changelog formats. This instruction includes a formatted SQL changelog. If you use your own changelog, example output might differ.
Create a new changelog.sql file
Add the following to the new changelog.sql
file:
--liquibase formatted sql
--changeset your.name:1 labels:v0 context:all
create table person (
id int primary key,
name varchar(50) not null,
address1 varchar(50),
address2 varchar(50),
city varchar(30)
)
--changeset your.name:2 labels:v0 context:all
create table company (
id int primary key,
name varchar(50) not null,
address1 varchar(50),
address2 varchar(50),
city varchar(30)
)
--changeset other.dev:3 labels:v0 context:all
alter table person add column country varchar(2)
--changeset other.dev:4 labels:v0 context:all
drop table person;
Open your CLI and navigate to the directory with the changelog file that you intend to use.
In this example, we will use a sample changelog file.
Run the liquibase checks run command
Execute checks against a sample changelog file using the default configuration provided by Liquibase with the checks run command.
Enter this command in the CLI:
liquibase checks run
Note: If a configuration file does not exist, Liquibase prompts you to create a new liquibase.checks-settings.conf
file for checks.
If you use a sample changelog provided in the instruction, the last changeset in changelog.sql
contains a drop table
statement that is flagged by one of the checks in the default configuration.