Fix 2.

aveshagarwal · aveshagarwal · commit eb660bad429f · 2018-06-14T00:53:13.000-04:00
diff --git a/pkg/cmd/server/kubernetes/node/options/options.go b/pkg/cmd/server/kubernetes/node/options/options.go
@@ -3,7 +3,9 @@ package node
 import (
 	"fmt"
 	"net"
+	"regexp"
 	"sort"
+	//"strconv"
 	"strings"
 
 	"k8s.io/apimachinery/pkg/util/sets"
@@ -17,6 +19,21 @@ import (
 	"github.com/openshift/origin/pkg/network"
 )
 
+// safeArgRegexp matches only characters that are known safe. DO NOT add to this list
+// without fully considering whether that new character can be used to break shell escaping
+// rules.
+var safeArgRegexp = regexp.MustCompile(`^[\da-zA-Z\-=_\.,/\:]+$`)
+
+// shellEscapeArg quotes an argument if it contains characters that my cause a shell
+// interpreter to split the single argument into multiple.
+func shellEscapeArg(s string) string {
+	if safeArgRegexp.MatchString(s) {
+		return s
+	}
+	//return strconv.Quote(s)
+	return fmt.Sprintf("\"%v\"", s)
+}
+
 // ComputeKubeletFlags returns the flags to use when starting the kubelet.
 func ComputeKubeletFlags(startingArgs map[string][]string, options configapi.NodeConfig) ([]string, error) {
 	args := map[string][]string{}
@@ -127,7 +144,11 @@ func ComputeKubeletFlags(startingArgs map[string][]string, options configapi.Nod
 	var arguments []string
 	for _, key := range keys {
 		for _, token := range args[key] {
-			arguments = append(arguments, fmt.Sprintf("--%s=%v", key, token))
+			if len(token) > 0 {
+				arguments = append(arguments, fmt.Sprintf("--%s=%v", key, shellEscapeArg(token)))
+			} else {
+				arguments = append(arguments, fmt.Sprintf("--%s=%v", key, token))
+			}
 		}
 	}
 	return arguments, nil
diff --git a/pkg/cmd/server/origin/node/node.go b/pkg/cmd/server/origin/node/node.go
@@ -2,8 +2,6 @@ package node
 
 import (
 	"fmt"
-	"regexp"
-	"strconv"
 	"strings"
 
 	"github.com/golang/glog"
@@ -12,20 +10,6 @@ import (
 	cmdutil "github.com/openshift/origin/pkg/cmd/util"
 )
 
-// safeArgRegexp matches only characters that are known safe. DO NOT add to this list
-// without fully considering whether that new character can be used to break shell escaping
-// rules.
-var safeArgRegexp = regexp.MustCompile(`^[\da-zA-Z\-=_\.,/\:]+$`)
-
-// shellEscapeArg quotes an argument if it contains characters that my cause a shell
-// interpreter to split the single argument into multiple.
-func shellEscapeArg(s string) string {
-	if safeArgRegexp.MatchString(s) {
-		return s
-	}
-	return strconv.Quote(s)
-}
-
 // FinalizeNodeConfig controls the node configuration before it is used by the Kubelet
 func FinalizeNodeConfig(nodeConfig *configapi.NodeConfig) error {
 	if nodeConfig.DNSIP == "0.0.0.0" {
@@ -53,7 +37,7 @@ func WriteKubeletFlags(nodeConfig configapi.NodeConfig) error {
 	}
 	var outputArgs []string
 	for _, s := range kubeletArgs {
-		outputArgs = append(outputArgs, shellEscapeArg(s))
+		outputArgs = append(outputArgs, s)
 	}
 	fmt.Println(strings.Join(outputArgs, " "))
 	return nil
