add bundle relatedimage image pullspec validation

[grokspawn]

No description provided.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign kevinrizza for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov]

Codecov Report

❌ Patch coverage is 87.50000% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 38.04%. Comparing base (884ff95) to head (763cc96).

Files with missing lines	Patch %	Lines
pkg/validation/internal/bundle.go	87.50%	1 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #475      +/-   ##
==========================================
+ Coverage   37.86%   38.04%   +0.17%     
==========================================
  Files          57       57              
  Lines        4563     4579      +16     
==========================================
+ Hits         1728     1742      +14     
- Misses       2678     2679       +1     
- Partials      157      158       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

This PR adds validation for related image pullspecs in operator bundles to ensure they conform to valid container image reference formats. The validation leverages the github.com/distribution/reference library to parse and validate image references according to Docker distribution standards.

Changes:

• Added validateRelatedImages function to validate all relatedImages[].image fields in bundle CSVs
• Added comprehensive unit tests covering valid and invalid image formats
• Added github.com/distribution/reference dependency for image reference parsing

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated no comments.

File	Description
pkg/validation/internal/bundle.go	Implements validateRelatedImages function using distribution/reference library to validate image pullspecs; integrates validation into the main validateBundle function
pkg/validation/internal/bundle_test.go	Adds comprehensive test coverage for validateRelatedImages including empty images, valid formats (tags/digests), and various invalid formats (spaces, uppercase, special characters)
go.mod	Adds github.com/distribution/reference v0.6.0 as a new direct dependency and github.com/opencontainers/go-digest v1.0.0 as an indirect dependency
go.sum	Updates checksums for the new dependencies

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.