How best to run migrations as a different user?

I see a lot of folks are using release_command in the fly.toml, but is anybody out there using database user with different permissions for migrations and regular app usage (SELECT, INSERT, UPDATE, DELETE, etc).

How are you handling using a different config than the regular DATABASE_URL secret/env var?

I set up a secret DATABASE_URL_OWNER, but I don’t know the most reasonable way to use it. I’d like to overwrite DATABASE_URL,but only in the context of running the migration command.

I could make make a separate config for my database to handle it, but if there’s a another way to alias the secret in a secure way for one command, that’d be nicer.

Could you do something like this? Assuming your migration command is ./bin/migrate:


so release_command can be prefixed. got it. I am concerned about unnecessary leakage into the build output though, in a way the regular secrets do not (although of course there are ways to leak them as well)

You could possibly write a shell script which effectively does the same thing without xtrace and make the shell script your release command