What steps did you take and what happened:
[A clear and concise description of what the bug is.]

Currently expanded resources does not contain ownerRef data, so validation policies depending on owner ref data of pod will not be able to evaluate expanded pod resource accuratly.

For example,

I have a constraint template that skips the pods owned by jobs, but validated all the other pods. I have another constraint template that validates all the pods. Currently, this is not possible with Expansion template since there is no way to check ownerRef of expanded pod.

What did you expect to happen:
ExpansionTemplate adds ownerref metadata field in expanded resource.

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Environment:

• Gatekeeper version:
• Kubernetes version: (use kubectl version):