The regex works. You can see it working before and after boot in the same screenshot. The issue is strictly for the duration of the boot process, starting at 14:57:13 and ending at 14:58:01. The same domains are being blocked before and after that time slot.
That cannot be concluded from your output, and I very much doubt it does block e.g. giga.logs.roku.com. You should be able to verify that by using Tools | Query Lists for such a domain.
On my Pi-hole, that doesn't produce a match for giga.logs.roku.com when using your regex, but would if I'd used giga.log.roku.com. Which is expected - if you look at your regex, it is explicitly testing for a substring log, not logs.
So while your observation of different blocking behaviour at different times is strange, it doesn't seem that it could be explained by your regex, which isn't effective for the domains in question.
Ok, let's forget the regex if we're going to focus strictly on the "log" portion when the regex is mentioned. Let's deal with the wider issue.
All of the listed domains are successfully blocked when the pihole it up and operational. The domains are not blocked during the boot process. This is an issue I would like to resolve.
What's happening is likely the following: gravity.db is rebuild on docker startup. During this time the database is busy and Pi-hole has no knowledge if a query should be blocked or not. By default it allows all queries to pass. To avoid this behaviour, the config option REPLY_WHEN_BUSY was created. (See here and here).
You may also want to support a feature request to avoid gravity rebuild during docker startup: