I'm trying to figure out the best practice in running migrations in my swarm. I can't run standalone containers connected to an attachable network because container needs to access secrets which are only accessible with services.
One scenario is to run a migration service with 0 replicas and restart policy none that I can up to 1 replica after I've updated the image with new database version. But then I have to check if it ran successfully and scale it back down again. Feels hackish.
How do you run your db migrations in a production docker swarm?
