fix: use size() in CEL rule to avoid gofmt Unicode quote conversion

AlinsRan · AlinsRan · commit 97af003be5de · 2026-05-08T04:03:04.000+08:00
gofmt 1.19+ reformats consecutive single quotes ('') in doc comments
to Unicode curly double-quotes, corrupting the CEL rule at generation
time. Replace empty-string comparisons with size() &gt; 0 checks which
use no string literals and are immune to gofmt reformatting.
diff --git a/api/v2/apisixconsumer_types.go b/api/v2/apisixconsumer_types.go
@@ -134,7 +134,7 @@ type ApisixConsumerJwtAuth struct {
 //   - For symmetric algorithms (HS256, HS384, HS512): use secret. private_key and public_key are not required.
 //   - For asymmetric algorithms (RS*, ES*, PS*, EdDSA): at least one of public_key or private_key must be provided.
 //
-// +kubebuilder:validation:XValidation:rule="!has(self.algorithm) || self.algorithm in ['HS256','HS384','HS512'] || (has(self.public_key) && self.public_key != '') || (has(self.private_key) && self.private_key != '')",message="asymmetric JWT algorithms (RS*/ES*/PS*/EdDSA) require at least one of public_key or private_key"
+// +kubebuilder:validation:XValidation:rule="!has(self.algorithm) || self.algorithm in ['HS256','HS384','HS512'] || (has(self.public_key) && size(self.public_key) > 0) || (has(self.private_key) && size(self.private_key) > 0)",message="asymmetric JWT algorithms (RS*/ES*/PS*/EdDSA) require at least one of public_key or private_key"
 type ApisixConsumerJwtAuthValue struct {
 	// Key is the unique identifier for the JWT credential.
 	Key string `json:"key" yaml:"key"`
diff --git a/config/crd/bases/apisix.apache.org_apisixconsumers.yaml b/config/crd/bases/apisix.apache.org_apisixconsumers.yaml
@@ -215,8 +215,9 @@ spec:
                         - message: asymmetric JWT algorithms (RS*/ES*/PS*/EdDSA) require
                             at least one of public_key or private_key
                           rule: '!has(self.algorithm) || self.algorithm in [''HS256'',''HS384'',''HS512'']
-                            || (has(self.public_key) && self.public_key != '''') ||
-                            (has(self.private_key) && self.private_key != '''')'
+                            || (has(self.public_key) && size(self.public_key) > 0)
+                            || (has(self.private_key) && size(self.private_key) >
+                            0)'
                     type: object
                   keyAuth:
                     description: KeyAuth configures the key authentication details.
