fix: Database migration

BenjaminMichaelis · BenjaminMichaelis · commit 6ebf00272195 · 2026-04-24T09:16:32.000-07:00
diff --git a/EssentialCSharp.Web/DatabaseMigrationService.cs b/EssentialCSharp.Web/DatabaseMigrationService.cs
@@ -1,13 +1,12 @@
-﻿using EssentialCSharp.Web.Data;
+using EssentialCSharp.Web.Data;
 using Microsoft.EntityFrameworkCore;
 
 namespace EssentialCSharp.Web;
 
 /// <summary>
-/// Runs EF Core migrations synchronously in <see cref="StartAsync"/> so the schema
-/// is fully applied before the HTTP server begins accepting traffic. This prevents
-/// race conditions where a request touches the DataProtectionKeys (or Identity) tables
-/// before the migration that creates them has run.
+/// Runs EF Core database migrations on application startup. Must be registered before
+/// any hosted service that reads the database (e.g. <c>DataProtectionHostedService</c>),
+/// because <c>IHostedService</c> instances start in DI registration order.
 /// </summary>
 public class DatabaseMigrationService(IServiceScopeFactory services) : IHostedService
 {
diff --git a/EssentialCSharp.Web/Program.cs b/EssentialCSharp.Web/Program.cs
@@ -122,13 +122,12 @@ private static void Main(string[] args)
 
         builder.Services.AddDbContext<EssentialCSharpWebContext>(options => options.UseSqlServer(connectionString, sql => sql.EnableRetryOnFailure(5)));
 
-        // Data Protection — persist keys in SQL Server so they survive container restarts.
-        // Local dev: SQL Server container with WithDataVolume keeps data between restarts.
-        // Production (ACA via Terraform): Azure SQL connection string injected via env vars.
+        // Must be registered before AddDataProtection(): hosted services start in registration
+        // order, and DataProtectionHostedService reads DataProtectionKeys during startup.
+        builder.Services.AddHostedService<DatabaseMigrationService>();
+
+        // Data Protection — persist keys to SQL Server so they survive container restarts.
         // SetApplicationName ensures the discriminator is stable across container hostname changes.
-        // Production: if DataProtection:AzureKeyVaultKeyUri is set (Terraform injects it as
-        //   DataProtection__AzureKeyVaultKeyUri env var), keys are wrapped with Key Vault.
-        //   Requires: RSA key in Key Vault + managed identity with Key Vault Crypto User role.
         var dpBuilder = builder.Services.AddDataProtection()
             .SetApplicationName("EssentialCSharpWeb")
             .PersistKeysToDbContext<EssentialCSharpWebContext>();
@@ -238,7 +237,6 @@ private static void Main(string[] args)
         builder.Services.AddSingleton<ISiteMappingService, SiteMappingService>();
         builder.Services.AddSingleton<IRouteConfigurationService, RouteConfigurationService>();
         builder.Services.AddSingleton<IListingSourceCodeService, ListingSourceCodeService>();
-        builder.Services.AddHostedService<DatabaseMigrationService>();
         builder.Services.AddScoped<IReferralService, ReferralService>();
 
         // Add AI Chat services
@@ -359,6 +357,7 @@ await context.HttpContext.Response.WriteAsync(
         loggerFactory.Dispose();
 
         WebApplication app = builder.Build();
+
         // Configure the HTTP request pipeline.
         if (!app.Environment.IsDevelopment())
         {
