Skip to main content

Tutorial: Deploy Schema Change with Rollout Policy

 Configure who can deploy database changes and what conditions must be met before rollout can proceed in Environment and Project.

Configure rollout policy in Environment

Role-based manual rollout

Default roles with permissions: Users with the bb.taskRuns.create permission can perform rollouts. The following roles have this permission by default: Workspace Admin, Workspace DBA, Project Releaser. Environment-specific roles: If you want to use different roles to perform rollouts in different environments, you can specify environment-specific roles. This allows you to control who can deploy changes to specific environments, such as having different teams responsible for staging versus production deployments.

Automatic rollout

Enable automatic deployment when all checks pass by selecting the automatic option. This will automatically deploy changes when:
  • All required approvals are obtained (if “Require Issue Approval” is enabled)
  • Plan checks pass according to the configured enforcement policy
Do not enable automatic rollout when using the GitOps workflow, as it can cause conflicts that result in failures.

Configurable rollout requirements in Project

Configure what conditions must be met before changes can be rolled out in each environment:

Require issue approval

Ensures all changes are reviewed and approved before deployment to production environments. When enabled, issues must receive approval before rollout can proceed. Default: Enabled

Require plan check no error

Controls how rollout behaves based on plan check results, including SQL Review policy violations and other validations. When enabled, rollout is blocked if checks return errors, but warnings still allow rollout. Default: Enabled
Plan checks include SQL Review policy violations and other automated validations configured for your environment.