diff --git a/Makefile b/Makefile
index eb6a832..bf8a169 100644
--- a/Makefile
+++ b/Makefile
@@ -74,3 +74,16 @@ e2e-cleanup:
 	@k3d cluster delete cosign-tests || echo "Deleting cosign tests k3d cluster failed. Continuing..."
 	@rm -f cosign.pub cosign.key second.pub second.key || echo "Removing files failed. Continuing..."
 	@echo "Done."
+
+#############
+### CHART ###
+#############
+
+.PHONY: chart-lint chart
+chart-lint:
+	@echo "Linting chart..."
+	@helm lint chart
+
+chart:
+	@echo "Packaging chart..."
+	@helm package chart
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 3ddca80..1b42e80 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: cosignwebhook
 description: A Helm chart for Cosign Webhook Admission Controller
 type: application
-version: 4.1.1
+version: 4.1.1-rc1
 appVersion: "4.3.0"
 maintainers:
 - name: eumel8
diff --git a/chart/templates/admission.yaml b/chart/templates/admission.yaml
index 324aab2..20818d0 100644
--- a/chart/templates/admission.yaml
+++ b/chart/templates/admission.yaml
@@ -21,12 +21,12 @@ webhooks:
   - admissionReviewVersions:
     - v1
     name: {{ .Values.admission.webhook.name }}
+    matchPolicy: {{ .Values.admission.matchPolicy }}
     namespaceSelector:
       matchExpressions:
         - key: kubernetes.io/metadata.name
           operator: NotIn
           values: [{{ .Release.Namespace | default "default" }}{{- if .Values.admission.exclude }},{{ .Values.admission.exclude }}{{- end }}]
-          objectSelector: {}
     clientConfig:
       service:
         name: {{ include "cosignwebhook.fullname" . }}
@@ -42,3 +42,4 @@ webhooks:
         scope: "*"
     failurePolicy: {{ .Values.admission.failurePolicy }}
     sideEffects: {{ .Values.admission.sideEffects }}
+    timeoutSeconds: {{ .Values.admission.timeoutSeconds }}
diff --git a/chart/values.yaml b/chart/values.yaml
index d181ffa..a51ab23 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -25,6 +25,9 @@ admission:
     name: webhook.example.com
   # list of excluded namespaces, comma-separated
   # exclude: default, kube-system, cattle-system
+  exclude: ""
+  matchPolicy: Equivalent
+  timeoutSeconds: 10
 
 podAnnotations: {}