Using Dependency Injection from Azure Key Vault to grab a connection string for AddDbContextFactory

Question

I'm trying to set up the service registrations for my ihostedservice app and would like to pull in a connection string that is located in the key vault. What I have is something like this:

using IHost host = Host.CreateDefaultBuilder(args)
    .ConfigureAppConfiguration(app =>
    {
        app.AddJsonFile("appsettings.json");
    })
    .ConfigureServices((hostContext, services) =>
    {
        services.AddSingleton<SecretClient>(serviceProvider =>
        {
            // Set up Key Vault
        });
        services.AddDbContextFactory<MyContext>(opt =>
        {
            var sp = service.BuildServiceProvider();
            var secretClient = sp.GetRequiredService<SecretClient>();
            var serviceNames = sp.GetRequiredService<IOptionsMonitor<ServiceNames>>();
            var secretName = serviceNames.CurrentValue.Secret;
            KeyVaultSecret secret = secretClient.GetSecret(secretName);
            opt.UseSqlServer(secret.Value);
        }; 
     })
     .Build();

While perusing online, I found something that mentions that I should bare in mind the building of a service provider. Would there be a better way about registering a dbContextFactory? What would be best practices in this scenario?

Answer 1

Most of the time if I find myself trying to use GetRequiredService as part of ConfigureServices there's a better way to do things. Generally you don't want to call DI services while you're setting up DI.

I would recommend getting the value from KeyVault as part of your deployment and reference the value there as an application setting. See this documentation for details on how to do so.