Using private registry, ex xxx.jfrog.io
The secret used to pull images from this repos is formated as below

.dockerconfigjson: '{"auths": {"*.jfrog.io": {"username":"mylogin","password":"xxx","email":"foo@bar"}}}'

When starboard launch the Job to scan the pod, there is not secret created, and the scan fail with this error

{"level":"error","ts":1654176088.1880994,"logger":"reconciler.vulnerabilityreport","msg":"Scan job container","job":"xxx-system/scan-vulnerabilityreport-f954d8cf","container":"xxx","status.reason":"Error","status.message":"2022-06-02T13:21:27.538Z\t\u001b[31mFATAL\u001b[0m\tscan error: unable to initialize a scanner: unable to initialize the docker scanner: 3 errors occurred:\n\t* unable to inspect the image (demo-api.jfrog.io/apidemo:v0.1): Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?\n\t* unable to initialize Podman client: no podman socket found: stat podman/podman.sock: no such file or directory\n\t* GET https://demo-api.jfrog.io/v2/apidemo/manifests/v0.1: UNAUTHORIZED: The client does not have permission for manifest; map[manifest...

If a change the wildcard by the complete registry hostname ex : demo-api.jfrog.io, all works fine.

What did you expect to happen:

As docker, starboard should find the most similar host inside the imagePullSecret to try to pull image. and therefore work with wildcards expression.

Environment:

• Starboard version :0.15.5
• Kubernetes version : 1.21
• OS (macOS 10.15, Windows 10, Ubuntu 19.10 etc): N/A

Maybe to change exacte comparaison to regexp match there :

The the mapping from a container name to the Docker authentication credentials for the specified kube.ContainerImages and image pull Secrets can use wildcard or other regexp.

I'm not a Go developer, it's just a guess :D