diff --git a/hack/generate-agent-helm-chart.py b/hack/generate-agent-helm-chart.py
index dc88789a7..31df4679f 100644
--- a/hack/generate-agent-helm-chart.py
+++ b/hack/generate-agent-helm-chart.py
@@ -91,6 +91,19 @@ def update_copied_chart_files(version: str, image_repository: str, image_tag: st
 	image["tag"] = image_tag
 	values["image"] = image
 
+	values["podSecurityContext"] = {
+		"runAsNonRoot": True,
+		"seccompProfile": {"type": "RuntimeDefault"},
+	}
+	values["securityContext"] = {
+		"allowPrivilegeEscalation": False,
+		"capabilities": {"drop": ["ALL"]},
+		"privileged": False,
+		"readOnlyRootFilesystem": True,
+		"runAsNonRoot": True,
+		"seccompProfile": {"type": "RuntimeDefault"},
+	}
+
 	with values_path.open("w", encoding="utf-8") as file:
 		yaml.safe_dump(values, file, sort_keys=False)
 
diff --git a/helm-charts/redhat-argocd-agent/0.9.0/src/values.yaml b/helm-charts/redhat-argocd-agent/0.9.0/src/values.yaml
index b6ec58d6d..906eae200 100644
--- a/helm-charts/redhat-argocd-agent/0.9.0/src/values.yaml
+++ b/helm-charts/redhat-argocd-agent/0.9.0/src/values.yaml
@@ -30,11 +30,7 @@ serviceAccount:
   annotations: {}
   automountServiceAccountToken: true
 podSecurityContext:
-  fsGroup: 999
-  fsGroupChangePolicy: OnRootMismatch
-  runAsGroup: 999
   runAsNonRoot: true
-  runAsUser: 999
   seccompProfile:
     type: RuntimeDefault
 securityContext:
@@ -44,9 +40,7 @@ securityContext:
     - ALL
   privileged: false
   readOnlyRootFilesystem: true
-  runAsGroup: 999
   runAsNonRoot: true
-  runAsUser: 999
   seccompProfile:
     type: RuntimeDefault
 rbac: