Implementing a Complete Azure DevOps Database CI/CD Workflow with Bytebase

Database changes are traditionally a low‑efficiency, high‑risk part of application releases, and this guide shows how to treat them like code changes within a CI/CD pipeline using Azure DevOps and Bytebase.

DORA Research Report highlights that including database changes in the release process significantly improves overall efficiency.

Complete Azure DevOps Database CI/CD Workflow

Using Bytebase, the workflow consists of:

Developers commit SQL scripts to a code branch.

Bytebase triggers an automated SQL review CI, providing suggestions.

After modifications, the SQL script is merged into the main branch.

The release process automatically pushes the script to Bytebase.

Bytebase’s built‑in auto‑review confirms the change, matches it to an approval flow based on risk level, and routes it for approval.

Approved statements are executed in the target database.

The latest schema is written back to the code repository.

Upon completion, the next stage of the application release is triggered.

Step 1: Start Bytebase with Docker and configure external URL

Use docker run --init \ --name bytebase \ --restart always \ --publish 5678:8080 \ --health-cmd "curl --fail http://localhost:5678/healthz || exit 1" \ --health-interval 5m \ --health-timeout 60s \ --volume ~/.bytebase/data:/var/opt/bytebase \ bytebase/bytebase:2.10.0 \ --data /var/opt/bytebase \ --port 8080 to launch Bytebase, then access it at localhost:5678 and register an admin account.

Use ngrok http 5678 to obtain a public URL (e.g., https://b67d-154-212-161-108.ngrok-free.app ) and set this as the external URL in Bytebase’s network settings.

Step 2: Add Azure DevOps as a Git Provider in Bytebase

Navigate to Settings → Integration → GitOps, select Azure DevOps Service, and copy the Redirect URI. Register an Azure DevOps application with the appropriate homepage URL, authorization callback URL, and required scopes (Code, Identity, Project and team, Build).

Copy the Application ID and Client Secret back into Bytebase’s GitOps configuration.

Step 3: Configure a GitOps workflow in Bytebase

Create a new Azure DevOps project (e.g., bytebase-gitops ), then in Bytebase’s Sample Project enable GitOps, select Azure DevOps, choose the project, and enable “SQL review via Azure DevOps Pipeline”.

After confirming, Azure DevOps will generate a PR that you can merge to trigger the pipeline.

Step 4: Create a PR to trigger SQL review CI

In the Prod environment, edit the SQL review policy to treat non‑null rule violations as errors. Create a new branch (e.g., add-nickname-table-employee ) and add a file employee##202310201700##ddl##add_nickname_table_employee.sql with the script ALTER TABLE "public"."employee" ADD COLUMN "nick_name" text; . Open a pull request; the SQL review CI will run and initially fail.

Update the script to satisfy the policy, e.g., ALTER TABLE "public"."employee" ADD COLUMN "nick_name" text NOT NULL DEFAULT ''; , push the change, and the CI will pass. Complete the PR to create a work ticket in Bytebase.

Review the change details in Bytebase and observe the automatic schema write‑back to the Git repository.

Step 5: Advanced features – manual release and custom approvals

Configure manual release policies in the environment settings, requiring DBA or Bytebase owner approval. Set up custom approval flows under Settings → Security & Policy → Custom Approvals, mapping high‑risk DDL changes to specific approvers.

Schema Write‑Back and Migration Detection

After a schema change is approved and applied, Bytebase writes the latest schema back to the Git repo, ensuring a single source of truth. The built‑in schema migration detection can flag unexpected changes; you can test this via the SQL editor’s admin mode.

Run a migration script such as ALTER TABLE "public"."employee" ADD COLUMN "city" text NOT NULL DEFAULT ''; , sync the database, and observe the migration detection in the exception center.

Summary

With Bytebase, you obtain a complete Azure DevOps database CI/CD workflow that can be customized for your projects, supporting GitHub, GitLab, and Bitbucket as well.