Allow underscores in kerberos principal names

CHANGELOG.md

@@ -20,11 +20,13 @@ All notable changes to this project will be documented in this file.
 - Helm chart: The tag of the tools image used for the secret migration job can
   be changed in the Helm values and defaults now to 1.0.0-stackable24.11.0
   rather than being hard-coded to 1.0.0-stackable24.7.0 ([#536]).
+- Underscores are now allowed in Kerberos principal names ([#563]).
 
 [#528]: https://github.com/stackabletech/secret-operator/pull/528
 [#536]: https://github.com/stackabletech/secret-operator/pull/536
 [#548]: https://github.com/stackabletech/secret-operator/pull/548
 [#552]: https://github.com/stackabletech/secret-operator/pull/552
+[#563]: https://github.com/stackabletech/secret-operator/pull/563
 
 ## [24.11.0] - 2024-11-18
 

rust/operator-binary/src/crd.rs

@@ -328,7 +328,7 @@ pub struct KerberosPrincipal(String);
 #[snafu(module)]
 pub enum InvalidKerberosPrincipal {
     #[snafu(display(
-        "principal contains illegal characters (allowed: alphanumeric, /, @, -, and .)"
+        "principal contains illegal characters (allowed: alphanumeric, /, @, -, _, and .)"
     ))]
     IllegalCharacter,
 
@@ -342,7 +342,12 @@ impl TryFrom<String> for KerberosPrincipal {
         if value.starts_with('-') {
             invalid_kerberos_principal::StartWithDashSnafu.fail()
         } else if value.contains(|chr: char| {
-            !chr.is_alphanumeric() && chr != '/' && chr != '@' && chr != '.' && chr != '-'
+            !chr.is_alphanumeric()
+                && chr != '/'
+                && chr != '@'
+                && chr != '.'
+                && chr != '-'
+                && chr != '_'
         }) {
             invalid_kerberos_principal::IllegalCharacterSnafu.fail()
         } else {