k8s-review job gets added to workflow even if K8S_REVIEW_SPACE is not configured

Describe the bug

Due to a three year old bug in gitlab-org/gitlab#321371 the rules expression for a job with an empty variable evaluates to true, leading to an unexpected addition of the job to the pipeline.

The $K8S_REVIEW_SPACE variable gets defaulted to an empty string '' and then chained with another expression in the rules expression for the k8s-review and k8s-cleanup-review job. If the last statement evaluates to true the whole expression evaluates to true even if the $K8S_REVIEW_SPACE remains an empty string.

Expected behavior

The jobs do only get added when the review-space or K8S_REVIEW_SPACE variable are set to something different than ''

Actual behavior

The k8s-review and k8s-cleanup-review job gets added to the pipeline even if K8S_REVIEW_SPACE or review-space is not explicitly set.

Context & Configuration

This can easily be reproduced with the following .gitlab-ci.yml:

variables:
  K8S_REVIEW_SPACE: ''

dummy-job:
  rules:
    - if: '$K8S_REVIEW_SPACE && $CI_COMMIT_BRANCH'
  script:
    - echo should not be added to workflow

If the second expression evaluates to true, which $CI_COMMIT_BRANCH always does, the empty $K8S_REVIEW_SPACE does not prevent the job from being added to the pipeline.

Fixed by

All empty variables have to be explicitly checked for emptiness:

rules:
    - if: "$K8S_REVIEW_SPACE != '' && $CI_COMMIT_BRANCH"

I will prepare an MR to fix the issue.