ERROR: Unable to create pod kubernetes jenkins/pod-name

Question

Installed Jenkins on the EKS. I have configured Jenkins pipeline which is creating Jenkins agent as a temporary kubernetes pod using Jenkins-global library.

The podTemplate is defined in Jenkins.groovy file with YAML template. That YAML template is -

pipeline { 
  agent {
    kubernetes {
        yaml '''
          apiVersion: v1
          kind: Pod
          metadata:
            labels:
              name: label-value
          spec:
            imagePullSecrets:
            - name: image-pull-secret-name
            containers:  
            - name: test-build
              image: my-allowed-registry/docker/build-tools:1.0
              command:
              - cat
              tty: true
              volumeMounts:
                - mountPath: /var/run/docker.sock
                  name: docker-sock
                - mountPath: /root/.m2/repository
                  name: maven-cache
            volumes:
            - name: docker-sock
              hostPath:
                path: /var/run/docker.sock
            - name: maven-cache
              hostPath:
                path: /maven-cache
                type: DirectoryOrCreate  
              
        '''
    }  
    
}

Here, in the EKS cluster I have applied one kyverno policy to restrict public image registry -

This policy is getting violated and not letting agent pod created even after I am pulling the docker image from my private registry (that I have defined with the .groovy file).

I am unable to figure it out that which image is coming from public registry and where.

Error -

io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: POST at: https://ip-address:443/api/v1/namespaces/jenkins/pods. Message: admission webhook "validate.kyverno.svc-fail" denied the request:

policy Pod/jenkins/repoName-branch-name-2btff-18-47-xx-xxx-xxxx for resource violation:

check-valid-docker-registry:
  validate-registries: 'validation error: Unknown image registry. rule validate-registries
    failed at path /spec/containers/1/image/'
. Received status: Status(apiVersion=v1, code=400, details=null, kind=Status, message=admission webhook "validate.kyverno.svc-fail" denied the request:

policy Pod/jenkins/repoName-branch-name-2btff-18-47-xx-xxx-xxxx for resource violation:

check-valid-docker-registry:
  validate-registries: 'validation error: Unknown image registry. rule validate-registries
    failed at path /spec/containers/1/image/'
, metadata=ListMeta(_continue=null, remainingItemCount=null, resourceVersion=null, selfLink=null, additionalProperties={}), reason=null, status=Failure, additionalProperties={}).
        at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.requestFailure(OperationSupport.java:728)
        at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.requestFailure(OperationSupport.java:708)
        at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.assertResponseCode(OperationSupport.java:659)
        at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.lambda$handleResponse$0(OperationSupport.java:587)
        at java.base/java.util.concurrent.CompletableFuture$UniApply.tryFire(CompletableFuture.java:642)
        at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:506)
        at java.base/java.util.concurrent.CompletableFuture.complete(CompletableFuture.java:2073)

Can someone help me to understand what I am missing here?