Managing database users and schemas

🌐 This document is available in both English and Ukrainian. Use the language toggle in the top right corner to switch between versions.

Database user credentials are stored in Kubernetes secrets.

Schema changes are managed via the Liquibase changelog, which contains a complete list of all changes made to database schemas. This changelog also includes information about users and privileges and uses authorization data from Kubernetes secrets to create and modify database users.

All changelogs are packaged together as a run-db-scripts task at release time. The run-db-scripts task uses Liquibase to apply changelogs to the database. This task is integrated into the registry deployment process and is performed every time the registry is installed or updated. This ensures that changes to database schemas or user privileges are applied uniformly and automatically.

Overall, this approach enables efficient and secure management of users and database schemas, keeping a detailed log of changes and automatically committing them during deployment.

For a list of available database user roles, see Registry database users and privileges

For a list of available databases, see Databases.

For database description and schemas, refer to the sections of the subsystems to which the databases belong.