Fix image var in cmdline (#2673)

* add image substitution

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* rm foreach test

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

* add error checks

Signed-off-by: ShutingZhao <shutting06@gmail.com>

Co-authored-by: ShutingZhao <shutting06@gmail.com>

pkg/kyverno/common/common.go

@@ -445,7 +445,9 @@ func MutatePolices(policies []*v1.ClusterPolicy) ([]*v1.ClusterPolicy, error) {
 
 // ApplyPolicyOnResource - function to apply policy on resource
 func ApplyPolicyOnResource(policy *v1.ClusterPolicy, resource *unstructured.Unstructured,
-	mutateLogPath string, mutateLogPathIsDir bool, variables map[string]string, policyReport bool, namespaceSelectorMap map[string]map[string]string, stdin bool, rc *ResultCounts, printPatchResource bool) ([]*response.EngineResponse, policyreport.Info, error) {
+	mutateLogPath string, mutateLogPathIsDir bool, variables map[string]string, policyReport bool,
+	namespaceSelectorMap map[string]map[string]string, stdin bool, rc *ResultCounts,
+	printPatchResource bool) ([]*response.EngineResponse, policyreport.Info, error) {
 
 	var engineResponses []*response.EngineResponse
 	namespaceLabels := make(map[string]string)
@@ -486,6 +488,7 @@ func ApplyPolicyOnResource(policy *v1.ClusterPolicy, resource *unstructured.Unst
 	} else {
 		err = ctx.AddResource(resourceRaw)
 	}
+
 	if err != nil {
 		log.Log.Error(err, "failed to load resource in context")
 	}
@@ -498,6 +501,12 @@ func ApplyPolicyOnResource(policy *v1.ClusterPolicy, resource *unstructured.Unst
 		}
 	}
 
+	if err := ctx.AddImageInfo(resource); err != nil {
+		if err != nil {
+			log.Log.Error(err, "failed to add image variables to context")
+		}
+	}
+
 	mutateResponse := engine.Mutate(&engine.PolicyContext{Policy: *policy, NewResource: *resource, JSONContext: ctx, NamespaceLabels: namespaceLabels})
 	if mutateResponse != nil {
 		engineResponses = append(engineResponses, mutateResponse)