diff --git a/.husky/pre-commit b/.husky/pre-commit
index fc4cdc2..adc8bcc 100644
--- a/.husky/pre-commit
+++ b/.husky/pre-commit
@@ -5,4 +5,5 @@ echo 'running helm unittest...'
 helm unittest .
 
 echo 'running helm schema generate...'
-helm schema -f values.yaml -o values.schema.json
\ No newline at end of file
+helm schema -f values.yaml -o values.schema.json
+git add values.schema.json
\ No newline at end of file
diff --git a/README.md b/README.md
index 07ff01b..43a32af 100644
--- a/README.md
+++ b/README.md
@@ -111,10 +111,11 @@ CRDs are located in `chart/crds/` and are installed automatically. The API group
 | `metricsService.ports[0].targetPort` | Container target port | `8443` |
 | `metricsService.ports[0].protocol` | Protocol | `TCP` |
 
-### Webhook Service
+### Webhooks
 
 | Parameter | Description | Default |
 |-----------|-------------|---------|
+| `webhooks.enabled` | Enable or disable all Kubernetes admission webhook resources (ValidatingWebhookConfiguration, webhook Service, TLS Certificate, Issuer, and NetworkPolicy). Also sets the `ENABLE_WEBHOOKS` env var on the controller. | `true` |
 | `webhookService.type` | Service type for the webhook endpoint | `ClusterIP` |
 | `webhookService.ports[0].port` | Service port | `443` |
 | `webhookService.ports[0].targetPort` | Container target port | `9443` |
diff --git a/templates/allow-webhook-traffic.yaml b/templates/allow-webhook-traffic.yaml
index 308a2ae..1e1e89d 100644
--- a/templates/allow-webhook-traffic.yaml
+++ b/templates/allow-webhook-traffic.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.webhooks.enabled }}
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
@@ -19,3 +20,4 @@ spec:
       control-plane: controller-manager
   policyTypes:
   - Ingress
+{{- end }}
diff --git a/templates/deployment.yaml b/templates/deployment.yaml
index dee634e..90627ed 100644
--- a/templates/deployment.yaml
+++ b/templates/deployment.yaml
@@ -36,6 +36,8 @@ spec:
           value: {{ .Values.controllerManager.appCredentialsSecretNamespace | default .Release.Namespace | quote }}
         - name: KUBERNETES_CLUSTER_DOMAIN
           value: {{ quote .Values.kubernetesClusterDomain }}
+        - name: ENABLE_WEBHOOKS
+          value: {{ .Values.webhooks.enabled | quote }}
         envFrom:
         - configMapRef:
             name: {{ include "git-hubby.fullname" . }}-envs
@@ -54,10 +56,12 @@ spec:
           initialDelaySeconds: 15
           periodSeconds: 20
         name: manager
+        {{- if .Values.webhooks.enabled }}
         ports:
         - containerPort: 9443
           name: webhook-server
           protocol: TCP
+        {{- end }}
         readinessProbe:
           httpGet:
             path: /readyz
@@ -68,10 +72,12 @@ spec:
           }}
         securityContext: {{- toYaml .Values.controllerManager.manager.containerSecurityContext
           | nindent 10 }}
+        {{- if .Values.webhooks.enabled }}
         volumeMounts:
         - mountPath: /tmp/k8s-webhook-server/serving-certs
           name: webhook-certs
           readOnly: true
+        {{- end }}
       nodeSelector: {{- toYaml .Values.controllerManager.nodeSelector | nindent 8 }}
       securityContext: {{- toYaml .Values.controllerManager.podSecurityContext | nindent
         8 }}
@@ -92,7 +98,9 @@ spec:
           {{- end }}
         {{- end }}
       {{- end }}
+      {{- if .Values.webhooks.enabled }}
       volumes:
       - name: webhook-certs
         secret:
           secretName: webhook-server-certificate
+      {{- end }}
diff --git a/templates/selfsigned-issuer.yaml b/templates/selfsigned-issuer.yaml
index 980bb19..3490a58 100644
--- a/templates/selfsigned-issuer.yaml
+++ b/templates/selfsigned-issuer.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.webhooks.enabled }}
 apiVersion: cert-manager.io/v1
 kind: Issuer
 metadata:
@@ -6,3 +7,4 @@ metadata:
   {{- include "git-hubby.labels" . | nindent 4 }}
 spec:
   selfSigned: {}
+{{- end }}
diff --git a/templates/serving-cert.yaml b/templates/serving-cert.yaml
index 91c7434..2f947a2 100644
--- a/templates/serving-cert.yaml
+++ b/templates/serving-cert.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.webhooks.enabled }}
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
@@ -30,4 +31,5 @@ spec:
   usages:
     {{- toYaml . | nindent 2 }}
   {{- end }}
+{{- end }}
 
diff --git a/templates/validating-webhook-configuration.yaml b/templates/validating-webhook-configuration.yaml
index 7595a3c..0864888 100644
--- a/templates/validating-webhook-configuration.yaml
+++ b/templates/validating-webhook-configuration.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.webhooks.enabled }}
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingWebhookConfiguration
 metadata:
@@ -49,3 +50,4 @@ webhooks:
     resources:
     - repositories
   sideEffects: None
+{{- end }}
\ No newline at end of file
diff --git a/templates/webhook-service.yaml b/templates/webhook-service.yaml
index db337cb..71b55f8 100644
--- a/templates/webhook-service.yaml
+++ b/templates/webhook-service.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.webhooks.enabled }}
 apiVersion: v1
 kind: Service
 metadata:
@@ -11,3 +12,4 @@ spec:
     {{- include "git-hubby.selectorLabels" . | nindent 4 }}
   ports:
   {{- .Values.webhookService.ports | toYaml | nindent 2 }}
+{{- end }}
diff --git a/values.schema.json b/values.schema.json
index a6ec4e1..8b0f0c5 100644
--- a/values.schema.json
+++ b/values.schema.json
@@ -253,6 +253,14 @@
                     "type": "string"
                 }
             }
+        },
+        "webhooks": {
+            "type": "object",
+            "properties": {
+                "enabled": {
+                    "type": "boolean"
+                }
+            }
         }
     }
 }
diff --git a/values.yaml b/values.yaml
index 1abd460..aec4c53 100644
--- a/values.yaml
+++ b/values.yaml
@@ -1,3 +1,5 @@
+webhooks:
+  enabled: true
 controllerManager:
   podLabels: {}
   watchedNamespaces: