diff --git a/charts/qdrant/templates/statefulset.yaml b/charts/qdrant/templates/statefulset.yaml
index a08d77d..1cf695d 100644
--- a/charts/qdrant/templates/statefulset.yaml
+++ b/charts/qdrant/templates/statefulset.yaml
@@ -39,7 +39,7 @@ spec:
       {{- if .Values.updateVolumeFsOwnership }}
       {{- if and .Values.containerSecurityContext .Values.containerSecurityContext.runAsUser }}
       - name: ensure-storage-dir-ownership
-        image: alpine:latest
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
         command:
           - chown
           - -R
@@ -50,7 +50,7 @@ spec:
             mountPath: /qdrant/storage
       {{- if .Values.snapshotRestoration.enabled }}
       - name: ensure-snapshots-dir-ownership
-        image: alpine:latest
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
         command:
           - chown
           - -R
diff --git a/test/integration/security_context.bats b/test/integration/security_context.bats
new file mode 100644
index 0000000..2fc62f1
--- /dev/null
+++ b/test/integration/security_context.bats
@@ -0,0 +1,24 @@
+setup_file() {
+    kubectl create namespace qdrant-helm-integration
+    kubectl create serviceaccount default -n qdrant-helm-integration || true
+}
+
+teardown_file() {
+    helm uninstall qdrant -n qdrant-helm-integration
+    kubectl delete serviceaccount default -n qdrant-helm-integration
+    kubectl delete namespace qdrant-helm-integration
+}
+
+@test "update without security context to security context corrects file permissions" {
+    helm install qdrant charts/qdrant --set-json 'podSecurityContext=false,containerSecurityContext=false' -n qdrant-helm-integration --wait
+    kubectl rollout status statefulset qdrant -n qdrant-helm-integration
+    user=$(kubectl exec qdrant-0 -n qdrant-helm-integration -- id -u)
+    [ "${user}" = "0" ]
+    user=$(kubectl exec qdrant-0 -n qdrant-helm-integration -- whoami)
+    [ "${user}" = "root" ]
+    helm upgrade --reset-values qdrant charts/qdrant -n qdrant-helm-integration --wait
+    kubectl rollout status statefulset qdrant -n qdrant-helm-integration
+    user=$(kubectl exec qdrant-0 -n qdrant-helm-integration -- id -u)
+    [ "${user}" = "1000" ]
+
+}
\ No newline at end of file