I think there might be a bug in the Visual Studio tools for Episerver, which doesn't allow to initialize/update episerver database when User Secrets for project are enabled. I have come up with reproduction scenario.

1. Create new website based on Alloy template
2. Update Epi Server NuGet packages
3. In Visual Studio, right click on the project and select "Manage User Secrets"
4. Answer "Yes" to the question for adding additional packages
5. Open Web.config, and modify <appSettings> section to contain config builder, like so:
   <appSettings configBuilders="Secrets">
6. Save Web.config file
7. In package manager console, run Update-EPiDatabase
8. Notice following error in the console:
   

   epideploy.exe :

   At C:\Development\EPiServer\Secrets\AlloySecrets\packages\EPiServer.Framework.11.16.0\tools\upgrade.psm1:263 char:3

   +         &$epideploy  -a "sql" -s $sitePath  -p $sqlFilePattern -c  $c ...

   +         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

       + CategoryInfo          : NotSpecified: (:String) [], RemoteException

       + FullyQualifiedErrorId : NativeCommandError

   EPiDeploy was stopped due to an exception, more details:

   System.Configuration.ConfigurationErrorsException: An error occurred loading a configuration file: Could not load file or assembly 'Microsoft.Configuration.ConfigurationBuilders.UserSecrets

   , Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35

   ' or one of its dependencies. The system cannot find the file specified. (C:\Development\EPiServer\Secrets\AlloySecrets\AlloySecrets\web.config line 21) ---> System.IO.FileNotFoundException

   : Could not load file or assembly 'Microsoft.Configuration.ConfigurationBuilders.UserSecrets, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies.

   The system cannot find the file specified.

      at System.Configuration.TypeUtil.GetTypeImpl(String typeString, Boolean throwOnError)

      at System.Configuration.ConfigurationBuildersSection.InstantiateBuilder(ProviderSettings ps)

      at System.Configuration.ConfigurationBuildersSection.GetBuilderFromName(String builderName)

      at System.Configuration.BaseConfigurationRecord.GetSectionXmlReader(String[] keys, SectionInput input)

      --- End of inner exception stack trace ---

      at System.Configuration.BaseConfigurationRecord.EvaluateOne(String[] keys, SectionInput input, Boolean isTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentR

   esult)

      at System.Configuration.BaseConfigurationRecord.Evaluate(FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult, Boolean getLkg, Boolean getRuntimeObject, Object&

   result, Object& resultRuntimeObject)

      at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& re

   sult, Object& resultRuntimeObject)

      at System.Configuration.Configuration.get_AppSettings()

      at EPiDeploy.Deploy.ReadAllowedActionsFromConfig(String theWebConfigPath)

      at EPiDeploy.Deploy.HandleActionType(Options options, String theWebConfigPath)

      at EPiDeploy.Deploy.Run(Options options)

      at EPiDeploy.Program.Main(String[] args)

    

Expected behavior: script should run without errors.

Workarounds:

1. Before updating database schema, remove configBuilders="Secrets" attribute from <appSettings> node
2. Add  createDatabaseSchema="true" attribute to <episerver.framework> node to create schema on application start