RR-004 critical rollback-strategy

Database migration rollback plan

Strategy for rolling back database migrations including destructive changes

Question to ask

"What happens when you deploy with a DROP COLUMN and need to revert?"

Verification guide

Severity: Critical

Code rollback is useless if the database schema is incompatible. Destructive migrations (DROP COLUMN, DROP TABLE) require special consideration.

Check automatically:

  1. Identify migration tool:
# Check for migration tools
grep -E "prisma|drizzle|knex|typeorm|sequelize|migrate" package.json 2>/dev/null
  1. Check for migrations:
# Find migration files
find . -path ./node_modules -prune -o -name "*migration*" -type f -print 2>/dev/null
ls migrations/ prisma/migrations/ drizzle/ db/migrations/ 2>/dev/null

# Check for down migrations (reversible)
find . -path ./node_modules -prune -o -name "*.sql" -type f -exec grep -l "DOWN\|down\|rollback" {} \; 2>/dev/null | head -5
  1. Check for destructive migrations:
# Find DROP statements (irreversible without backup)
find . -path ./node_modules -prune -o -name "*.sql" -type f -exec grep -l "DROP TABLE\|DROP COLUMN" {} \; 2>/dev/null | head -5
  1. Check for migration rollback documentation:
grep -riE "migration.*rollback|rollback.*migration|down migration" docs/ README.md CLAUDE.md --include="*.md" 2>/dev/null

Migration tool considerations:

Tool Rollback Support
Prisma No built-in down migrations. Rollback = previous schema + manual SQL or backup restore
Drizzle Supports down migrations if written
Knex Supports down migrations if written
TypeORM Supports down migrations if written

Ask user:

  • "What migration tool do you use?"
  • "Do you write down/rollback migrations?"
  • "For destructive migrations (DROP), what's the recovery plan?"
  • "Do you test migrations on staging with production-like data first?"

Cross-reference with:

  • RR-001 (rollback procedure) - migrations are part of overall rollback
  • Section 26 (backups) - backup restore may be the only rollback for destructive migrations
  • Section 5/6 (database) - migration practices

Pass criteria:

  • Migration tool in use with clear rollback strategy
  • Destructive migrations have documented recovery plan (backup restore, manual SQL)
  • Migrations tested on staging before production
  • Team knows the difference between reversible and irreversible migrations

Fail criteria:

  • No rollback strategy ("we just fix forward")
  • Destructive migrations with no backup plan
  • Migrations go straight to production untested
  • Using Prisma but thinking prisma migrate reset is a rollback (it's not - it drops everything)

Evidence to capture:

  • Migration tool in use
  • Whether down migrations are written
  • Strategy for destructive migrations
  • Staging testing process

Section

34. Rollback & Recovery

API & Security

← Previous

RR-003

Can rollback in < 2 minutes

 Next →

RR-005

Recovery from backups documented