diff --git a/kube/deploy/core/kyverno/app/hr.yaml b/kube/deploy/core/kyverno/app/hr.yaml
index f45fab81..a93a7e52 100644
--- a/kube/deploy/core/kyverno/app/hr.yaml
+++ b/kube/deploy/core/kyverno/app/hr.yaml
@@ -8,7 +8,7 @@ spec:
   chart:
     spec:
       chart: *app
-      version: "3.0.5"
+      version: "3.0.6"
       sourceRef:
         name: *app
         kind: HelmRepository
@@ -21,18 +21,18 @@ spec:
       ingress.home.arpa/host: "allow"
       ingress.home.arpa/apiserver: "allow"
       egress.home.arpa/apiserver: "allow"
-    backgroundController:
-      rbac:
-        clusterRole:
-          extraResources:
-            - apiGroups: [""]
-              resources: ["pods"]
-              verbs: ["create", "update", "patch", "delete", "get", "list"]
-            - apiGroups: ["*"]
-              resources: ["*"]
-              verbs: ["*"]
     admissionController:
       replicas: 3
+      priorityClassName: "system-node-critical"
+      apiPriorityAndFairness: true
+      hostNetwork: true
+      dnsPolicy: "ClusterFirstWithHostNet"
+      tolerations: [operator: Exists]
+      webhooks:
+        - objectSelector:
+            matchExpressions:
+              - key: "kubernetes.io/hostname"
+                operator: "DoesNotExist"
       rbac:
         clusterRole:
           extraResources:
@@ -45,8 +45,25 @@ spec:
       topologySpreadConstraints:
         - maxSkew: 1
           topologyKey: "kubernetes.io/hostname"
-          whenUnsatisfiable: "ScheduleAnyway"
+          whenUnsatisfiable: "DoNotSchedule"
           labelSelector:
             matchLabels:
               app.kubernetes.io/instance: "kyverno"
-              app.kubernetes.io/component: "kyverno"
\ No newline at end of file
+              app.kubernetes.io/component: "kyverno"
+    backgroundController:
+      replicas: 2
+      rbac:
+        clusterRole:
+          extraResources:
+            - apiGroups: [""]
+              resources: ["pods"]
+              verbs: ["create", "update", "patch", "delete", "get", "list"]
+            - apiGroups: ["*"]
+              resources: ["*"]
+              verbs: ["*"]
+      cleanupController:
+        replicas: 2
+      reportsController:
+        replicas: 2
+    grafana:
+      enabled: false
\ No newline at end of file
diff --git a/kube/deploy/core/kyverno/repo.yaml b/kube/deploy/core/kyverno/repo.yaml
index a435a9e3..63c0f482 100644
--- a/kube/deploy/core/kyverno/repo.yaml
+++ b/kube/deploy/core/kyverno/repo.yaml
@@ -6,4 +6,14 @@ metadata:
   namespace: flux-system
 spec:
   interval: 1h
-  url: https://kyverno.github.io/kyverno/
\ No newline at end of file
+  type: oci
+  url: oci://ghcr.io/kyverno/charts/kyverno
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: kyverno-policy-reporter
+  namespace: flux-system
+spec:
+  interval: 1h
+  url: https://kyverno.github.io/policy-reporter/
\ No newline at end of file