spouliot/PowderCoatingLogix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dev
PowderCoatingLogix/DEPLOYMENT_SCRIPTS_GUIDE.md
T
spouliot 63e12a9636 Initial commit
2026-04-23 21:38:24 -04:00

6.1 KiB
Raw Permalink Blame History

Deployment Scripts Guide

Recent Security Fixes - No Migration Required

The security fixes we just implemented are code-only changes with no database schema modifications. You do NOT need to create or run any new migrations for these changes.

What Changed (Code Only)

  • Security headers added (CSP, HSTS, etc.)
  • Password policy strengthened
  • CORS policy restricted
  • Authorization fixed (CompanyAdminOnly)
  • Path traversal protection enhanced
  • IDOR protection on profile photos
  • Session cookies hardened
  • File upload names use GUIDs
  • Input validation added

Database Impact: None - No new tables, columns, or schema changes

Deployment Scripts

For Development Server (Your Current Situation)

Quick Start - Just Run the App:

cd src\PowderCoating.Web
dotnet watch run

That's it! No migrations needed. The code changes are already in place.

Migration Scripts (For Future Use)

When you DO have database changes in the future, use these scripts:

Windows (Batch Files)

1. Check Migrations

.\scripts\check-migrations.bat
  • Lists all migrations in the project
  • Shows which are applied vs pending
  • Displays database connection info

2. Apply Migrations

.\scripts\apply-migrations.bat
  • Applies any pending migrations to database
  • Asks for confirmation before proceeding
  • Shows success/failure message

PowerShell (Full Deployment)

3. Deploy to Dev (Full Script)

.\scripts\deploy-to-dev.ps1
  • Builds the solution
  • Checks for pending migrations
  • Applies migrations (with confirmation)
  • Shows deployment summary

Options:

# Preview changes without applying
.\scripts\deploy-to-dev.ps1 -WhatIf

# Skip build step (faster)
.\scripts\deploy-to-dev.ps1 -SkipBuild

# Skip migrations (code-only deploy)
.\scripts\deploy-to-dev.ps1 -SkipMigrations

# Combined
.\scripts\deploy-to-dev.ps1 -SkipBuild -SkipMigrations -WhatIf

Manual Migration Commands (Reference)

If you prefer to run commands manually:

Check for Pending Migrations

cd src\PowderCoating.Web
dotnet ef migrations list --project ..\PowderCoating.Infrastructure

Apply All Pending Migrations

cd src\PowderCoating.Web
dotnet ef database update --project ..\PowderCoating.Infrastructure

Apply to Specific Migration

dotnet ef database update MigrationName --project ..\PowderCoating.Infrastructure

Rollback to Previous Migration

dotnet ef database update PreviousMigrationName --project ..\PowderCoating.Infrastructure

See Database Info

dotnet ef dbcontext info --project ..\PowderCoating.Infrastructure

When You WILL Need a Migration

You'll need to create a migration when you change:

  • Entity properties (add/remove/rename fields)
  • Entity relationships (foreign keys)
  • Indexes or constraints
  • Seed data (in OnModelCreating)

Example - Adding a new field:

// 1. Update entity
public class Customer : BaseEntity
{
    public string CompanyName { get; set; }
    public string? Website { get; set; }  // NEW FIELD
}

// 2. Create migration
cd src\PowderCoating.Web
dotnet ef migrations add AddWebsiteToCustomer --project ..\PowderCoating.Infrastructure

// 3. Review migration file (check if it looks correct)

// 4. Apply migration
dotnet ef database update --project ..\PowderCoating.Infrastructure

Current Database State

Existing Migrations (already applied):

  • Initial - Base schema
  • AddProfilePictureAndSidebarColor - User profile enhancements
  • AddProfilePictureFilePath - Filesystem photo storage
  • UpdateJobPhotoEntity - Job photo improvements
  • AddFileSystemStorageForLogosAndManuals - Logo/manual storage
  • ConvertEnumsToLookupTables - Status/priority lookups
  • AddAppointmentScheduling - Appointments feature

Pending Migrations: None (as of this deployment)

Deployment Checklist for Security Fixes

Development Server (Your Current Task)

  • Code changes applied (security fixes)
  • AppConstants.Policies updated
  • CSP headers fixed (jQuery allowed)
  • Test application: dotnet watch run
  • Verify Data Lookups tab loads
  • Verify password policy (12 chars)
  • Test all CRUD operations

No migrations needed - Just test the app!

Production Server (Future Deployment)

See DEPLOYMENT_CONFIGURATION.md for full production checklist:

  • Set environment variables (ConnectionStrings, JwtSettings)
  • Update CORS origins to production domain
  • Update AllowedHosts to production domain
  • Enable HTTPS with SSL certificate
  • Run dotnet ef database update on production DB
  • Test all functionality
  • Monitor logs for security events

Troubleshooting

"No migrations found"

Cause: You're running from wrong directory Fix: Always run from src/PowderCoating.Web

"Cannot connect to database"

Cause: SQL Server not running or connection string wrong Fix:

  1. Check SQL Server is running (Windows Services)
  2. Verify connection string in appsettings.Development.json

"Migration already applied"

Cause: Trying to reapply existing migration Fix: Check dotnet ef migrations list - applied migrations show (Applied)

"Build failed before migration"

Cause: Code has compilation errors Fix: Run dotnet build and fix errors first

Quick Reference

Task Command
Check migrations .\scripts\check-migrations.bat
Apply migrations .\scripts\apply-migrations.bat
Full deployment .\scripts\deploy-to-dev.ps1
Run app cd src\PowderCoating.Webdotnet watch run
Build only dotnet build (from root)
List migrations dotnet ef migrations list --project ..\PowderCoating.Infrastructure

Summary

For your current security fixes deployment: Just run dotnet watch run - no migrations needed!

📋 For future database changes: Use the migration scripts provided

📖 For production deployment: Follow DEPLOYMENT_CONFIGURATION.md

🔒 Security documentation: See SECURITY_FIXES_SUMMARY.md

Reference in New Issue View Git Blame Copy Permalink