From 7bb52e60be2998e57fb2dae927a205f980e29181 Mon Sep 17 00:00:00 2001
From: Jim Lambert <jlambert@hashicorp.com>
Date: Tue, 15 Sep 2020 10:08:29 -0400
Subject: [PATCH] added tofu_token and key_id to session table

---
 internal/db/migrations/postgres.gen.go            | 7 +++++++
 internal/db/migrations/postgres/50_session.up.sql | 7 +++++++
 2 files changed, 14 insertions(+)

diff --git a/internal/db/migrations/postgres.gen.go b/internal/db/migrations/postgres.gen.go
index 6bae28ab77..1dd7096a62 100644
--- a/internal/db/migrations/postgres.gen.go
+++ b/internal/db/migrations/postgres.gen.go
@@ -3393,7 +3393,14 @@ begin;
     certificate bytea not null,
     -- after this time the connection will be expired, e.g. forcefully terminated
     expiration_time wt_timestamp, -- maybe null
+    -- trust of first use token 
+    tofu_token bytea, -- will be null when session is first created
     -- the reason this session ended (null until terminated)
+     -- TODO: Make key_id a foreign key once we have DEKs
+    key_id text, -- will be null on insert
+      -- references kms_database_key_version(private_id) 
+      -- on delete restrict
+      -- on update cascade,
     termination_reason text -- fk8
       references session_termination_reason_enm (name)
       on delete restrict
diff --git a/internal/db/migrations/postgres/50_session.up.sql b/internal/db/migrations/postgres/50_session.up.sql
index 4d47b74064..9a4fc97b52 100644
--- a/internal/db/migrations/postgres/50_session.up.sql
+++ b/internal/db/migrations/postgres/50_session.up.sql
@@ -131,7 +131,14 @@ begin;
     certificate bytea not null,
     -- after this time the connection will be expired, e.g. forcefully terminated
     expiration_time wt_timestamp, -- maybe null
+    -- trust of first use token 
+    tofu_token bytea, -- will be null when session is first created
     -- the reason this session ended (null until terminated)
+     -- TODO: Make key_id a foreign key once we have DEKs
+    key_id text, -- will be null on insert
+      -- references kms_database_key_version(private_id) 
+      -- on delete restrict
+      -- on update cascade,
     termination_reason text -- fk8
       references session_termination_reason_enm (name)
       on delete restrict