Flyway provides built in support for integrating with SQLFluff. This is an analysis engine which supports a large number of SQL dialects and can detect a variety of SQL violations. 

If you define an environment or URL then Flyway will use it to automatically determine which SQL dialect to use when analyzing your SQL. You can also explicitly define it using the Rules Dialect setting

At Flyway Enterprise tier it is also possible to create regular expression rules, which allow for a simple way of detecting simple undesirable patterns.

When doing state-based deployment, code analysis should be run against the deployment script ahead of deployment. When deploying using migrations code analysis can be run on the migration scripts at development or build time.

Code analysis is run using the Flyway check command with the `code` flag

Community Tier

Prerequisites

SQLFluff needs to be installed on the machine producing a report. SQLFluff provides guidance on this

Enterprise Tier

SQLFluff

Flyway can run SQLFluff without requiring you to install any dependencies.

This instance also comes with additional rules to help you identify data loss and security issues

Regular expression rules

You are able to create regular expression (regex) rules to be applied to your code to identify particular combinations of keywords that are problematic. It is not checking for valid SQL but for text that is deemed bad practice as it could be a problem for database and it's ecosystem.

Find out more about how to create these rules 

Redgate has added a set of rules that are of interest to customers with a larger and more complex database infrastructure although these are being moved over to SQLFluff.

Relevant tutorials

• Tutorial - Run code analysis on deployment script
• Tutorial - Run code analysis on migrations