liquibase updateSQL: Preview SQL Without Running
liquibase updateSQL generates the exact SQL that a liquibase update would run, printing it instead of executing it.
updateSQL is the dry-run for Liquibase. It lets a pipeline capture the pending SQL for review or artifact storage before a separate step applies it.
What it does
liquibase updateSQL (also written update-sql) resolves the pending changesets and emits the SQL statements, including the DATABASECHANGELOG inserts, that update would execute. Nothing is applied to the database.
Common usage
liquibase \
--changelog-file=db/changelog.xml \
--url=jdbc:postgresql://db:5432/app \
--username=ci --password="$DB_PASSWORD" \
updateSQL > pending.sqlOptions
| Flag | What it does |
|---|---|
| --output-file=<path> | Write the generated SQL to a file |
| --changelog-file=<path> | Changelog to render |
| --contexts / --labels | Filter which changesets are rendered |
| --url / --username / --password | Connection used to compute pending changesets |
In CI
Run updateSQL in a review job, upload pending.sql as an artifact, and let a human or a gate approve it before the real update runs on deploy. It still connects to the database to see what is already applied, so it needs valid credentials even though it changes nothing.
Common errors in CI
"Unexpected error ... Connection could not be created" means credentials or reachability, same as update. A checksum "Validation Failed" can still surface here because updateSQL validates the changelog first; fix the edited changeset before capturing SQL.