stackabletech
diff --git a/‎Cargo.lock
Lines changed: 3 additions & 4 deletions b/‎Cargo.lock
Lines changed: 3 additions & 4 deletions
diff --git a/‎Cargo.nix
Lines changed: 7 additions & 11 deletions b/‎Cargo.nix
Lines changed: 7 additions & 11 deletions
diff --git a/‎Cargo.toml
Lines changed: 3 additions & 2 deletions b/‎Cargo.toml
Lines changed: 3 additions & 2 deletions
diff --git a/‎crate-hashes.json
Lines changed: 2 additions & 2 deletions b/‎crate-hashes.json
Lines changed: 2 additions & 2 deletions
diff --git a/‎deploy/helm/secret-operator/crds/crds.yaml
Lines changed: 4 additions & 0 deletions b/‎deploy/helm/secret-operator/crds/crds.yaml
Lines changed: 4 additions & 0 deletions
diff --git a/‎rust/operator-binary/src/backend/kerberos_keytab.rs
Lines changed: 4 additions & 4 deletions b/‎rust/operator-binary/src/backend/kerberos_keytab.rs
Lines changed: 4 additions & 4 deletions
diff --git a/‎rust/operator-binary/src/crd.rs
Lines changed: 2 additions & 44 deletions b/‎rust/operator-binary/src/crd.rs
Lines changed: 2 additions & 44 deletions
@@ -34,7 +34,7 @@ serde_json = "1.0"
 serde_yaml = "0.9"
 snafu = "0.8"
 socket2 = { version = "0.5", features = ["all"] }
-stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.73.0", features = ["time"] }
+stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.74.0", features = ["time"] }
 strum = { version = "0.26", features = ["derive"] }
 sys-mount = { version = "3.0", default-features = false }
 tempfile = "3.12"
@@ -54,5 +54,6 @@ yasna = "0.5"
 h2 = { git = "https://github.com/stackabletech/h2.git", branch = "feature/grpc-uds-/0.4.5" }
 
 [patch."https://github.com/stackabletech/operator-rs.git"]
-# stackable-operator = { path = "../operator-rs" }
+# stackable-operator = { path = "../operator-rs/crates/stackable-operator" }
 # stackable-operator = { git = "https://github.com/stackabletech//operator-rs.git", branch = "main" }
+stackable-operator = { git = "https://github.com/stackabletech//operator-rs.git", branch = "feature/validation-hostname" }
@@ -134,6 +134,7 @@ spec:
                                   type: object
                                 ldapServer:
                                   description: An AD LDAP server, such as the AD Domain Controller. This must match the server’s FQDN, or GSSAPI authentication will fail.
+                                  pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
                                   type: string
                                 ldapTlsCaSecret:
                                   description: Reference (name and namespace) to a Kubernetes Secret object containing the TLS CA (in `ca.crt`) that the LDAP server’s certificate should be authenticated against.
@@ -179,6 +180,7 @@ spec:
                               properties:
                                 kadminServer:
                                   description: The hostname of the Kerberos Admin Server. This should be provided by the Kerberos administrator.
+                                  pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
                                   type: string
                               required:
                                 - kadminServer
@@ -202,9 +204,11 @@ spec:
                           type: string
                         kdc:
                           description: The hostname of the Kerberos Key Distribution Center (KDC). This should be provided by the Kerberos administrator.
+                          pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
                           type: string
                         realmName:
                           description: The name of the Kerberos realm. This should be provided by the Kerberos administrator.
+                          pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
                           type: string
                       required:
                         - admin
 
@@ -5,7 +5,7 @@ use stackable_krb5_provision_keytab::{
     self as provision,
     provision_keytab,
 };
-use stackable_operator::{k8s_openapi::api::core::v1::Secret, kube::runtime::reflector::ObjectRef};
+use stackable_operator::{commons::networking::{Hostname, KerberosRealmName}, k8s_openapi::api::core::v1::Secret, kube::runtime::reflector::ObjectRef};
 use stackable_secret_operator_crd_utils::SecretReference;
 use tempfile::tempdir;
 use tokio::{
@@ -15,8 +15,8 @@ use tokio::{
 
 use crate::{
     crd::{
-        ActiveDirectorySamAccountNameRules, Hostname, InvalidKerberosPrincipal,
-        KerberosKeytabBackendAdmin, KerberosPrincipal,
+        ActiveDirectorySamAccountNameRules, InvalidKerberosPrincipal, KerberosKeytabBackendAdmin,
+        KerberosPrincipal,
     },
     format::{well_known, SecretData, WellKnownSecretData},
     utils::Unloggable,
@@ -82,7 +82,7 @@ impl SecretBackendError for Error {
 
 #[derive(Debug)]
 pub struct KerberosProfile {
-    pub realm_name: Hostname,
+    pub realm_name: KerberosRealmName,
     pub kdc: Hostname,
     pub admin: KerberosKeytabBackendAdmin,
 }
 
@@ -3,6 +3,7 @@ use std::{fmt::Display, ops::Deref};
 use serde::{Deserialize, Serialize};
 use snafu::Snafu;
 use stackable_operator::{
+    commons::networking::{Hostname, KerberosRealmName},
     kube::CustomResource,
     schemars::{self, JsonSchema},
     time::Duration,
@@ -125,7 +126,7 @@ impl AutoTlsCa {
 #[serde(rename_all = "camelCase")]
 pub struct KerberosKeytabBackend {
     /// The name of the Kerberos realm. This should be provided by the Kerberos administrator.
-    pub realm_name: Hostname,
+    pub realm_name: KerberosRealmName,
 
     /// The hostname of the Kerberos Key Distribution Center (KDC).
     /// This should be provided by the Kerberos administrator.
@@ -205,49 +206,6 @@ impl ActiveDirectorySamAccountNameRules {
     }
 }
 
-#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema)]
-#[serde(try_from = "String", into = "String")]
-pub struct Hostname(String);
-#[derive(Debug, Snafu)]
-#[snafu(module)]
-pub enum InvalidHostname {
-    #[snafu(display("hostname contains illegal characters (allowed: alphanumeric, -, and .)"))]
-    IllegalCharacter,
-
-    #[snafu(display("hostname may not start with a dash"))]
-    StartWithDash,
-}
-impl TryFrom<String> for Hostname {
-    type Error = InvalidHostname;
-
-    fn try_from(value: String) -> Result<Self, Self::Error> {
-        if value.starts_with('-') {
-            invalid_hostname::StartWithDashSnafu.fail()
-        } else if value.contains(|chr: char| !chr.is_alphanumeric() && chr != '.' && chr != '-') {
-            invalid_hostname::IllegalCharacterSnafu.fail()
-        } else {
-            Ok(Hostname(value))
-        }
-    }
-}
-impl From<Hostname> for String {
-    fn from(value: Hostname) -> Self {
-        value.0
-    }
-}
-impl Display for Hostname {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-        f.write_str(&self.0)
-    }
-}
-impl Deref for Hostname {
-    type Target = str;
-
-    fn deref(&self) -> &Self::Target {
-        &self.0
-    }
-}
-
 #[derive(Serialize, Deserialize, Clone, Debug, PartialEq, JsonSchema)]
 #[serde(try_from = "String", into = "String")]
 pub struct KerberosPrincipal(String);