Ignore chown errors

[Kidswiss]

If any files are mounted from k8s secrets the chown commands will fail
due to the fact that these files will only be read-only.

This commit ignores any errors during the chown commands.

[Kidswiss]

Hi @cdalvaro

Thanks for reviewing this. I'll check your suggestions against my setup and see what happens.

[cdalvaro]

Hi @Kidswiss, thank you very much for your changes!

Does they work right for your setup? If the image is working properly for you with these changes I'll merge this PR asap.

[Kidswiss]

It's running into a chown issue somewhere again:

'/srv' -> '/home/salt/data/srv'
chown: changing ownership of '/home/salt/data/config/vault.conf': Read-only file system
chown: changing ownership of '/home/salt/data/config/api.conf': Read-only file system```

[cdalvaro]

So the issue must be here now:

# Salt configuration directory
if [[ -w "${SALT_CONFS_DIR}" ]]; then
  chown -R "${SALT_USER}": "${SALT_CONFS_DIR}"
else
  echo "${SALT_CONFS_DIR} is mounted as a read-only volume. Ownership won't be changed."
fi

I don't know why [ -w "${SALT_CONFS_DIR}" ] is not detecting ${SALT_CONFS_DIR} as a read-only volume...

Anyway, making this change should fix your issue:

- chown -R "${SALT_USER}": "${SALT_CONFS_DIR}"
+ chown -R "${SALT_USER}": "${SALT_CONFS_DIR}" || log_error "Unable to change '${SALT_CONFS_DIR}' ownership"

We can add this change to SALT_BASE_DIR and SALT_FORMULAS_DIR too.

[Kidswiss]

It starts through now:

Configuring directories ...
'/srv' -> '/home/salt/data/srv'
chown: changing ownership of '/home/salt/data/config/vault.conf': Read-only file system
chown: changing ownership of '/home/salt/data/config/api.conf': Read-only file system
ERROR: Unable to change '/home/salt/data/config' ownership
'/var/log/salt' -> '/home/salt/data/logs/salt'
Configuring logrotate ...
Configuring container timezone ...
Setting TimeZone -> UTC ...
Configuring salt-master service ...
Creating 'salt_api' user for salt-api ...
Configuring salt-api service ...
local:
    Created Private Key: "/etc/pki/tls/certs/docker-salt-master.key." Created Certificate:
"/etc/pki/tls/certs/docker-salt-master.crt."
Configuring 3rd-party salt-formulas ...
Setting up salt keys ...
Configuring ssh ...
Starting supervisord ...

Thanks!

[Kidswiss]

I assume this snipped doesn't work as it checks the if the folder is read-only and not the files within:
if [[ -w "${SALT_CONFS_DIR}" ]]; then

My case is that single files within the folder are mounted as read-only k8s secrets.

[cdalvaro]

@Kidswiss - Thank you very much for your contribution!

[Kidswiss]

Thank you very much for providing this image!

I just recently found that the official salt images have been archived...

[cdalvaro]

I'm very glad that this image is useful for you!

I really appreciate new feature or improvements suggestions for this image!