opa: Policy not getting enforced when Enabling both webhooks

Hi, I have installed OPA using helm. I am following along https://github.com/open-policy-agent/library/tree/master/kubernetes/mutating-admission tutorial but even though my validation policy is annotated as status ok, it is not getting enforced and mutation policy is unable to call func defined in main.

Expected Behavior

Admission control policy to be enforced and block images not being pulled from the specific registry

Actual Behavior

Admission control policy not enforced and allowing deployments even if images not being pulled from the specific registry.

Steps to Reproduce the Problem

Main cm- https://gist.github.com/AnjaliRajan24/e99bd276cd1ee480eb59831899677c11 mutation policy- https://gist.github.com/AnjaliRajan24/5b38bccd2fb5e3d5134d8d1449f2460e Validation policy- https://gist.github.com/AnjaliRajan24/f965b5eabfc23725795c2907b48e1790

Error with mutation policy-

"openpolicyagent.org/policy-status": "{\"status\":\"error\",\"error\":{\"code\":\"invalid_parameter\",\"message\":\"error(s) occurred while compiling module(s)\",\"errors\":[{\"code\":\"rego_unsafe_var_error\",\"message\":\"var isCreateOrUpdate is unsafe\",\"location\":{\"file\":\"opa/foo-policy/admission-policy\",\"row\":3,\"col\":3}}]}}"

Error with validation policy- "openpolicyagent.org/policy-status": "{\"status\":\"ok\"}"

kubectl apply -f https://k8s.io/examples/controllers/nginx-deployment.yaml -n norbert
deployment.apps/nginx-deployment created

kube-mgmt log- time="2020-08-25T14:18:36Z" level=warning msg="First line of log stream."

opa logs- https://gist.github.com/AnjaliRajan24/5ad41ed82eecbf5bcfef59e06f537669