ContainerImage isn't validated in environments endpoints

[Panaetius]

We should validate that the image name for an environment is actually a valid image identifier. Currently it accepts any character, including spaces. This then causes session launch to fail because it can't find the image, but is very difficult to spot that this happened in the input field. (so renku/myimage doesn't work where renku/myimage works).

ideally we'd also validate this in the UI.
For reference, one of these two won't launch(due to a space in the beginning):

[leafty]

Thanks @Panaetius, for the UI side, we could use trimming before sending. Is there a validation rule for container image references?

[Panaetius]

https://docs.docker.com/reference/cli/docker/image/tag/ describes it a bit, which refers to this spec: https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pulling-manifests which has [a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*(\/[a-z0-9]+((\.|_|__|-+)[a-z0-9]+)*)* for the image name/path and [a-zA-Z0-9_][a-zA-Z0-9._-]{0,127} for the tag, if I'm reading this correctly.

I don't think there's a ready made rule available for this in pydantic or similar.

[leafty]

OK, thanks! Not sure if this is usable at the moment since it does not seem to cover using a digest (which is valid).

Example: renku/renkulab-py@sha256:eceed25752d7544db159e4144a41ed6e96e667f39ff9fa18322d79c33729a18c. This uses the index digest, so is a reference to a multi-arch image. This works perfectly fine for a Renku 2.0 session.
Registry page: https://hub.docker.com/layers/renku/renkulab-py/3.11-6e408a8/images/sha256-9f3940e65bd1f30c8963a2ce501afa740dd151f7e19181d43ddd3d12c9934339