Is your feature request related to a problem? Please describe.

Currently, the Sandbox, SandboxClaim, and SandboxTemplate resources do not have an explicit character limit on their metadata.name field. While Kubernetes allows resource names up to 253 characters, other resources created during reconciliation have stricter limits.

Specifically, the SandboxReconciler creates a headless Service that uses the same name as the Sandbox resource. Kubernetes Service names are restricted to a maximum of 63 characters to be compliant with DNS label standards.

If a user creates a Sandbox (or a SandboxClaim which creates a Sandbox) with a name longer than 63 characters, the resource is successfully created in the API server, but the Sandbox will never become Ready. The controller will fail silently in the background when it attempts to create the associated Service, leading to a confusing user experience.

Describe the solution you'd like

We should enforce a 63-character limit on the names of these resources at the API level. This will provide immediate feedback to the user upon resource creation if they provide a name that is too long.

The recommended implementation is to add a +kubebuilder:validation:XValidation rule to the CRD definitions for Sandbox, SandboxClaim, and SandboxTemplate.

Example for SandboxTemplate:

// +kubebuilder:validation:XValidation:rule="size(self.metadata.name) <= 63",message="name must not exceed 63 characters"
// SandboxTemplate is the Schema for the sandbox template API
type SandboxTemplate struct {
    // ...
}