Provide database migration job as part of the helm update#508
Open
jchanbcbc wants to merge 20 commits into
Open
Provide database migration job as part of the helm update#508jchanbcbc wants to merge 20 commits into
jchanbcbc wants to merge 20 commits into
Conversation
…s Container Gateway 11.2.2 or newer db schema startup options to use.
…t work with pre-install as it requires resources like license file that hasn't been mounted yet. There is no need to run migrate job on new install as there is no contention. Also display the DB Migration job enabled note only if it was enabled.
…ility to force unlock when running the db upgrade job. Revised some comments.
Gazza7205
reviewed
Jun 18, 2026
| jdbcUrl: "" | ||
| hookWeight: "-5" | ||
| # Set to true to force release any stuck Liquibase locks before running the schema updates | ||
| clearStuckLocks: false |
Contributor
There was a problem hiding this comment.
Can we think of a better naming convention for this?
added 2 commits
June 17, 2026 23:51
Add a timeout for db migration job.
…rl optional and use main jdbcUrl by default.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description of Change
This PR improves the reliability of database schema upgrades when connected to external MySQL by decoupling the schema migration from the Gateway startup process.
There are two changes required to implement the solution:
1: Gateway container changes
New system property (
-Dgateway.db.schema-update.mode) was introduced in Gateway 11.2.2 that supports four native startup modes:default): Checks and applies schema updates, then starts the Gateway.skip): Completely bypasses the Liquibase schema check and starts the Gateway immediately.liquibase-only): Checks and applies schema updates, then exits cleanly with success (0) without starting the Gateway.liquibase-only-with-unlock): Forcefully releases any existingDATABASECHANGELOGLOCK, applies schema updates, and exits cleanly with success (0).These options will be used by Helm to execute database schema update job.
2: Helmchart changes
The Helm chart has been updated to include an opt-in
pre-upgradedatabase migration job that utilizes the newliquibase-onlymode from the container. Also, new Gateways can be started with gateway.db.schema-update.mode=skip to by-pass the Liquibase db schema check on start up and leave the upgrading of the db schema to the db migration job.Benefits
Cleaner Migration Job Execution: The DB migration job now relies on a native container startup mode that only updates the database schema and exit cleanly without starting up the Gateway. Only after a successful migration, will the new Gateways be able to spin up.
Eliminates Stuck Locks Blocking Gateways: By passing the
skipmode to new Gateway pods rolling out during an upgrade, they bypass the Liquibase FastCheckService and its related issues.Improved Resilience with Proxies: Isolating the schema update to a single, dedicated migration job allows the upgrade to target a direct primary DB endpoint, avoiding the schema corruption and lock-splitting issues that occur when Liquibase connects through connection-multiplexing DB proxies (like RDS Proxy or ProxySQL).
If the pre-upgrade migration job fails, the
DATABASECHANGELOGLOCKwill remain locked in the database. However, this is mitigated because subsequent Gateway containers can now be configured to use theskipmode, ensuring their startup is not blocked by the stuck lock.To enable feature, first ensure Gateway to upgrade to is at least Gateway 11.2.2 or later.
Using the latest helm chart, update production-values.yaml:
Console output from running helm upgrade:
`Release "my-gateway" has been upgraded. Happy Helming!
NAME: my-gateway
LAST DEPLOYED: Mon Jun 22 13:47:22 2026
NAMESPACE: jc660465
STATUS: deployed
REVISION: 2
DESCRIPTION: Upgrade complete
TEST SUITE: None
NOTES:
##################################################################################
Success!
##################################################################################
Your gateway deployment has been UPGRADED
##################################################################################
To view the Gateway's services you can use the following command
$ kubectl get svc -n jc660465 | grep gateway
You configured the following ingress hosts
To learn more about the Gateway Helm Chart check out the following links
Gateway Helm Chart Readme
Thinking in Kubernetes
##################################################################################
IMPORTANT: DB Migration Job Enabled
##################################################################################
A pre-upgrade database migration job has been deployed to safely apply schema updates.
If you have Gateway version 11.2.2 or newer, you can now start your main Gateway deployments with:
javaArgs:
- "-Dgateway.db.schema-update.mode=skip"
This ensures that the Gateway will start up quickly by skipping the liquibase schema check entirely,
regardless of whether the DATABASECHANGELOGLOCK is locked.`
Checklist
Chart.yamlaccording to semver.[charts/gateway])values-production.yamlapart fromvalues.yaml, ensure that you implement the changes in both files