Using Liquibase MongoDB Pro with MongoDB platforms

The Liquibase MongoDB Pro extension lets you use all the features of Liquibase Pro with MongoDB, including Policy Checks, Secrets Management, and Structured Logging.

To use the community-maintained Liquibase MongoDB extension, see Contributors Docs: MongoDB Extension.

Using Liquibase with MongoDB is similar to using it with other databases. You still track changes within changesets in changelogs, and use commands such as update and rollback to deploy changes and manage your database. However, because MongoDB does not use SQL, you cannot use SQL changelogs or Liquibase commands that generate SQL output.

You can write Liquibase changelogs in the MongoDB Pro extension these ways:

• Native MongoDB Shell (mongosh) scripts in MongoDB Query Language (MQL): let developers use Liquibase without modifying existing MQL scripts, which may be JavaScript (.js) files.
• YAML, JSON, and XML modeled changelogs: specify changes for Liquibase to deploy without the need for MQL scripts. However, you can still deploy MQL scripts in YAML, JSON, and XML changelogs by using the mongo and mongoFile Change Types. Using these Change Types requires you to specify mongosh as the value of the runWith attribute for all mongo and mongoFile changesets.

To learn how to specify changes in each format, see Use Native Executors with MongoDB Pro.

Supported databases

You can use the Liquibase Pro MongoDB extension with several MongoDB databases, including:

• MongoDB Atlas
• MongoDB Server for Community and Enterprise
• Amazon DocumentDB

Get started with the Liquibase MongoDB Pro Extension

1. The Liquibase MongoDB Pro extension requires a Liquibase Pro license. If you haven't already done so, apply your Liquibase Pro license key.

   For more information about applying your license key, see How to Apply Your Liquibase Pro License Key

2. Configure the Liquibase MongoDB Pro extension with your installation of MongoDB, using one of the following tutorials.

• Using Liquibase MongoDB Pro with MongoDB Atlas: multi-cloud database service to manage databases on demand
• Using Liquibase MongoDB Pro with MongoDB Community and Enterprise Server: fully-featured MongoDB products for small or large-scale development
• Using Liquibase MongoDB Pro with Amazon DocumentDB: use MongoDB functionality through a clone, Amazon DocumentDB

Features

The MongoDB Pro extension supports all the features of Liquibase that are supported in the MongoDB Open Source extension. In addition, MongoDB Pro lets you use Liquibase Pro features including:

• Policy Checks: automatically analyze your changelogs for desired format and behavior to increase deployment success rates and uphold security best practices
• Secrets Management: keep your authentication data secure by integrating with third-party secrets vaults
• Structured Logging: improve your database observability by easily reading Liquibase data in your favorite analytics tool
• Operation Reports: generate reports of operations you perform on your database
• Flow Files: create repeatable, portable, and platform-independent Liquibase workflows to run in any of your CI/CD tools
• Remote file access: centralize file management with AWS S3 to build a reusable repository of Liquibase files you can update and retrieve
• Targeted rollback: avoid collateral damage by specifying which changesets in your changelog to undo

Change Types

You can use many of the standard Liquibase Change Types in MongoDB Pro. MongoDB-specific Change Types include mongo and mongoFile, which allow you to specify native Mongo scripts in XML, YAML, and JSON changelogs. They require the user to configure the native executor, Mongo Shell (mongosh), prior to use.

For a list of unique Change Types in the Liquibase Pro extension for MongoDB, see Liquibase Change Types for MongoDB. In addition to the Pro Change Types, you can use several Change Types from the Liquibase Open Source extension.

Supported parameters

To configure MongoDB-specific behavior, such as OIDC authentication for MongoDB Atlas, you can set the following Liquibase parameters in the CLI, in flow files, in your liquibase.properties file, or as environment variables:

• mongodb-adjust-tracking-tables-on-startup
• mongodb-oidc-authentication-mechanism
• mongodb-oidc-environment
• mongodb-oidc-oidc-application-id-uri
• mongodb-oidc-oidc-client-id
• mongodb-retry-writes
• mongodb-supports-validator

For more information, see Liquibase Parameters for MongoDB.

Supported commands

MongoDB supports the following commands:

• Update commands, except those that generate SQL output. For example, update and update-count are supported.
• Rollback commands, except those that generate SQL output. For example, rollback and rollback-one-changeset are supported.
• Change tracking commands, except those that generate SQL output. For example, changelog-sync, status, and history are supported.
  • The connect command is supported in MongoDB Pro 1.4.0+.
• Policy checks commands. For example, copy, show, and run are supported.
• All other commands, unless otherwise specified in the Limitations section.

For more information, see Liquibase Commands.

Supported policy checks

You can use changelog-scoped policy checks in MongoDB Pro. For example:

• Checks that focus on changeset metadata, such as RollbackRequired and ChangesetLabelCheck.
• The generic regex-based check SqlUserDefinedPatternCheck.
  

  Note: These policy checks only work if you have created your own from the regex template. Liquibase uses the java.util.regex engine to match regular expressions.

Changelog-scoped policy checks are supported as long as they are not SQL-specific or relational-specific. The following is a full list of policy checks supported on MongoDB:

• ChangesetCommentCheck
• ChangesetContextCheck
• ChangesetLabelCheck
• RollbackRequired
• RequireChangesetIDisUUID
• SqlUserDefinedPatternCheck

Limitations

• The child MongoDB scripts referenced by the include and includeAll tags must contain the changeset decoration and the following minimum changeset metadata, author:id and runWith:mongosh.

// liquibase formatted mongodb
// changeset authorname:1 runWith:mongosh

• Liquibase preconditions are not supported.
• The modifyChangeSets tag is not supported.
• MongoDB is a NoSQL database, so you cannot use any commands that generate SQL output (such as update-sql and changelog-sync-sql). MongoDB also does not support the database inspection command family (such as diff and generate-changelog). Learn more Liquibase Commands here.
• Liquibase Pro policy checks have limited support. Database-scoped policy checks are not supported because they are database-specific.
• OIDC authentication is supported only for MongoDB Atlas. LDAP and Kerberos authentication are not supported for any MongoDB platform. Learn more about MongoDB authentication here: authentication.

Verified database versions

Liquibase MongoDB Pro extension version	Liquibase Pro version required	MongoDB versions verified	MongoDB Shell versions verified	Authentication
1.5.0	4.30.0+	MongoDB 5.x, 6.x, 7.x, 8.x MongoDB Atlas 5, 6, 7, 8x AWS DocumentDB 4, 5	1.6.x 1.7.x 1.8.x (recommended)	SCRAM x.509 AWS IAM OIDC
1.4.1	4.28.0+			SCRAM x.509 AWS IAM
1.4.0
1.3.0	4.24.0+
1.2.0	4.23.1+	MongoDB 5.x, 6.x MongoDB Atlas 5, 6 AWS DocumentDB 4
1.1.x	4.23.0+
1.0.0	4.20.0–4.21.1	MongoDB 5.x, 6.x MongoDB Atlas 5 and 6

Related links

• Configure User Roles for MongoDB
• MongoDB for OSS documentation