I am creating a database with an SSDT database project and deploying as a dacpac. A .NET assembly is part of the project and during deployment installation fails with the following error message:
CREATE ASSEMBLY for assembly 'xyz' failed because assembly 'xyz' is not authorized for PERMISSION_SET = UNSAFE. The assembly is authorized when either of the following is true: the database owner (DBO) has UNSAFE ASSEMBLY permission and the database has the TRUSTWORTHY database property on; or the assembly is signed with a certificate or an asymmetric key that has a corresponding login with UNSAFE ASSEMBLY permission.
The dbo is 'sa'. I have gone into the project properties and checked "Trustworthy" under the Miscellaneous tab. However, I still get the error and when I run
select name, is_trustworthy_on from sys.databases
I see that is_trustworthy_on
is 0. It seems this setting has no effect. After searching, I found the following:
Some database options, such as TRUSTWORTHY, DB_CHAINING, and HONOR_BROKER_PRIORITY, cannot be adjusted as part of the deployment process.
from http://msdn.microsoft.com/en-us/library/ee210569.aspx
The word adjusted implies changed to me. This is a new database. However, if it is true even for new databases, why does the setting exist in the dialog? Do I need to script this as part of the pre-deployment?
Since you already have the "Trustworthy" check-box in the "Miscellaneous" tab checked, you should only need to ensure that you have the option for "Deploy database properties" checked (or set to true). This option will be in different places, depending on exactly how you are publishing. Some places include:
<ScriptDatabaseOptions>True</ScriptDatabaseOptions>
/p:ScriptDatabaseOptions = True
ScriptDatabaseOptions=True