Starboard and ImmagePullSecret discovery : Wilcard never match #1212
Description
Using private registry, ex xxx.jfrog.io
The secret used to pull images from this repos is formated as below
.dockerconfigjson: '{"auths": {"*.jfrog.io": {"username":"mylogin","password":"xxx","email":"foo@bar"}}}'
When starboard launch the Job to scan the pod, there is not secret created, and the scan fail with this error
{"level":"error","ts":1654176088.1880994,"logger":"reconciler.vulnerabilityreport","msg":"Scan job container","job":"xxx-system/scan-vulnerabilityreport-f954d8cf","container":"xxx","status.reason":"Error","status.message":"2022-06-02T13:21:27.538Z\t\u001b[31mFATAL\u001b[0m\tscan error: unable to initialize a scanner: unable to initialize the docker scanner: 3 errors occurred:\n\t* unable to inspect the image (demo-api.jfrog.io/apidemo:v0.1): Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?\n\t* unable to initialize Podman client: no podman socket found: stat podman/podman.sock: no such file or directory\n\t* GET https://demo-api.jfrog.io/v2/apidemo/manifests/v0.1: UNAUTHORIZED: The client does not have permission for manifest; map[manifest...
If a change the wildcard by the complete registry hostname ex : demo-api.jfrog.io, all works fine.
What did you expect to happen:
As docker, starboard should find the most similar host inside the imagePullSecret to try to pull image. and therefore work with wildcards expression.
Environment:
- Starboard version :0.15.5
- Kubernetes version : 1.21
- OS (macOS 10.15, Windows 10, Ubuntu 19.10 etc): N/A