From 38c0390298bfd3c6ae55bb458f1e5592bdfe5305 Mon Sep 17 00:00:00 2001
From: Alexey Perevalov <alexey.perevalov@huawei.com>
Date: Fri, 29 Apr 2022 01:03:26 +0800
Subject: [PATCH] IDMapping field for mount point

Signed-off-by: Alexey Perevalov <alexey.perevalov@huawei.com>
Co-authored-by: Giuseppe Scrivano <giuseppe@scrivano.org>
---
 config.md          |  9 +++++++++
 schema/defs.json   | 12 ++++++++++++
 specs-go/config.go |  5 +++++
 3 files changed, 26 insertions(+)

diff --git a/config.md b/config.md
index 4a6825bf2..1116a2d20 100644
--- a/config.md
+++ b/config.md
@@ -101,6 +101,15 @@ For POSIX platforms the `mounts` structure has the following fields:
 * **`type`** (string, OPTIONAL) The type of the filesystem to be mounted.
     * Linux: filesystem types supported by the kernel as listed in */proc/filesystems* (e.g., "minix", "ext2", "ext3", "jfs", "xfs", "reiserfs", "msdos", "proc", "nfs", "iso9660"). For bind mounts (when `options` include either `bind` or `rbind`), the type is a dummy, often "none" (not listed in */proc/filesystems*).
     * Solaris: corresponds to "type" of the fs resource in [zonecfg(1M)][zonecfg.1m].
+* **`uidMappings`** (array of type LinuxIDMapping, OPTIONAL) The mapping to convert UIDs from the source file system to the destination mount point.
+This mapping contains the following fields: ContainerID, HostID, Size.
+The Size field is a range for mapping.\
+        As an example.\
+        1000 1001 1       -> map UID 1000 to uid 1001 in <target> and no other UIDs\
+        20000 100000 1000 -> map UID 20000 to uid 100000, uid 20001 to UID 100001 [...] until UID 20999 in <target>\
+* **`gidMappings`** (array of type LinuxIDMapping, OPTIONAL) The mapping to convert GIDs from the source file system to the destination mount point.
+For more details see `uidMappings`.
+
 
 ### Example (Linux)
 
diff --git a/schema/defs.json b/schema/defs.json
index 61e1edefa..a0bf846a1 100644
--- a/schema/defs.json
+++ b/schema/defs.json
@@ -141,6 +141,18 @@
                 },
                 "type": {
                     "type": "string"
+                },
+                "uidMappings": {
+                    "type": "array",
+                    "items": {
+                        "$ref": "#/definitions/IDMapping"
+                    }
+                },
+                "gidMappings": {
+                    "type": "array",
+                    "items": {
+                        "$ref": "#/definitions/IDMapping"
+                    }
                 }
             },
             "required": [
diff --git a/specs-go/config.go b/specs-go/config.go
index c0e879448..020e28709 100644
--- a/specs-go/config.go
+++ b/specs-go/config.go
@@ -117,6 +117,11 @@ type Mount struct {
 	Source string `json:"source,omitempty"`
 	// Options are fstab style mount options.
 	Options []string `json:"options,omitempty"`
+
+	// UID/GID mappings used for changing file owners w/o calling chown, fs should support it.
+	// Every mount point could have its own mapping.
+	UIDMappings []LinuxIDMapping `json:"uidMappings,omitempty" platform:"linux"`
+	GIDMappings []LinuxIDMapping `json:"gidMappings,omitempty" platform:"linux"`
 }
 
 // Hook specifies a command that is run at a particular event in the lifecycle of a container