diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/git-webhook.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/git-webhook.yaml
new file mode 100644
index 00000000..319caf00
--- /dev/null
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/git-webhook.yaml
@@ -0,0 +1,19 @@
+apiVersion: redhatcop.redhat.io/v1alpha1
+kind: GitWebhook
+metadata:
+  name: {{ .Values.app.name }}
+spec:
+  gitHub:
+    gitServerCredentials:
+      name: {{ .Values.app.name }}-github-pat
+  repositoryOwner: {{ .Values.git.org }}
+  ownerType:  "organization"
+  repositoryName: {{ .Values.git.name }}
+  webhookURL: https://webhook-{{ .Values.app.name }}-el-{{ .Values.app.namespace }}{{ .Values.app.cluster }}
+  insecureSSL: true
+  webhookSecret:
+    name: {{ .Values.app.name }}-webhook
+  events:
+    - push  
+  content: json
+  active: true  
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/pipelinerun.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/pipelinerun.yaml
deleted file mode 100644
index cda61fb7..00000000
--- a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/pipelinerun.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: PipelineRun
-metadata:
-  name: {{ .Values.app.name }}-pipeline-run-init
-  annotations:
-    argocd.argoproj.io/hook: PostSync
-    argocd.argoproj.io/hook-delete-policy: HookSucceeded
-  labels:
-    tekton.dev/pipeline: {{ .Values.app.name }}-pipeline
-    type: pipeline
-spec:
-  params:
-    - name: source-repo
-      value: '{{ .Values.git.repo }}.git'
-    - name: source-branch
-      value: {{ .Values.git.branch }}
-    - name: output-image
-      value: {{ include "image.url" . }}
-  pipelineRef:
-    name: {{ .Values.app.name }}-pipeline
-  serviceAccountName: pipeline
-  workspaces:
-    - name: {{ .Values.app.name }}-workspace
-      volumeClaimTemplate:
-        spec:
-          accessModes:
-            - ReadWriteOnce
-          resources:
-            requests:
-              storage: 1Gi
-    - name: maven-settings
-      emptyDir: {}
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/triggertemplate.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/triggertemplate.yaml
index bbc24ccc..8d3195d4 100644
--- a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/triggertemplate.yaml
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/triggertemplate.yaml
@@ -32,5 +32,12 @@ spec:
         timeout: 1h0m0s
         workspaces:
           - name: source-folder
-            persistentVolumeClaim:
-              claimName: source-folder
\ No newline at end of file
+            volumeClaimTemplate:
+              spec:
+                accessModes:
+                  - ReadWriteOnce
+                resources:
+                  requests:
+                    storage: 1Gi
+          - emptyDir: {}
+            name: maven-settings
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-k8-auth-engine-role.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-k8-auth-engine-role.yaml
new file mode 100644
index 00000000..21a4c6d0
--- /dev/null
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-k8-auth-engine-role.yaml
@@ -0,0 +1,21 @@
+apiVersion: redhatcop.redhat.io/v1alpha1
+kind: KubernetesAuthEngineRole
+metadata:
+  name: {{ .Values.app.name }}-vault-role
+  namespace: vault-admin
+spec:
+  # Add fields here
+  authentication: 
+    path: kubernetes
+    role: policy-admin
+  path: kubernetes
+  policies:
+    - {{ .Values.app.name }}-read-token  
+  targetServiceAccounts:
+  - default      
+  targetNamespaces:
+    targetNamespaceSelector:
+      matchExpressions:
+        - key: kubernetes.io/metadata.name
+          operator: In
+          values: [{{ .Values.app.namespace }}]
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-policy.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-policy.yaml
new file mode 100644
index 00000000..2abf1b65
--- /dev/null
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-policy.yaml
@@ -0,0 +1,21 @@
+apiVersion: redhatcop.redhat.io/v1alpha1
+kind: Policy
+metadata:
+  name: {{ .Values.app.name }}-read-token
+  namespace: vault-admin
+spec:
+  # Add fields here
+  authentication: 
+    path: kubernetes
+    role: policy-admin
+  policy: |
+    # create tokens
+    path "/github/token/{{ .Values.app.name }}" {
+      capabilities = ["read"]
+    }
+    path "/quay/creds/{{ .Values.app.name }}" {
+      capabilities = ["read"]
+    }
+    path "/quay/creds/{{ .Values.app.name }}-pusher" {
+      capabilities = ["read"]
+    }
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-secret-engine.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-secret-engine.yaml
new file mode 100644
index 00000000..6de7685c
--- /dev/null
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-secret-engine.yaml
@@ -0,0 +1,17 @@
+apiVersion: redhatcop.redhat.io/v1alpha1
+kind: GitHubSecretEngineRole
+metadata:
+    name: {{ .Values.app.name }}
+    namespace: vault-admin
+spec:
+  authentication: 
+    path: kubernetes
+    role: policy-admin
+  path: github
+  organizationName: {{ .Values.git.org }}
+  repositories: []
+  permissions: 
+    pull_requests: write
+    metadata: read
+    contents: write
+    repository_hooks: write
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-secret.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-secret.yaml
new file mode 100644
index 00000000..2afd947a
--- /dev/null
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-git-secret.yaml
@@ -0,0 +1,20 @@
+apiVersion: redhatcop.redhat.io/v1alpha1
+kind: VaultSecret
+metadata:
+    name: github-credentials
+spec:
+  vaultSecretDefinitions:
+  - authentication:
+      path: kubernetes
+      role: {{ .Values.app.name }}-vault-role
+    name: githubtoken
+    path: github/token/{{ .Values.app.name }}
+  output:
+    name: {{ .Values.app.name }}-github-pat
+    stringData:
+      token: "{{ "{{" }} .githubtoken.token {{ "}}" }}"
+      .gitconfig: |
+        [credential "https://github.com"]
+          helper = store
+      .git-credentials: |
+        https://git:{{ "{{" }} .githubtoken.token {{ "}}" }}@github.com
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-k8-auth-engine-role.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-k8-auth-engine-role.yaml
new file mode 100644
index 00000000..9d7312dd
--- /dev/null
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-k8-auth-engine-role.yaml
@@ -0,0 +1,21 @@
+apiVersion: redhatcop.redhat.io/v1alpha1
+kind: KubernetesAuthEngineRole
+metadata:
+  name: {{ .Values.app.name }}-kv
+  namespace: vault-admin
+spec:
+  # Add fields here
+  authentication: 
+    path: kubernetes
+    role: policy-admin
+  path: kubernetes  
+  policies:
+    - {{ .Values.app.name }}-kv
+  targetServiceAccounts:
+  - default  
+  targetNamespaces:
+    targetNamespaceSelector:
+      matchExpressions:
+        - key: kubernetes.io/metadata.name
+          operator: In
+          values: [{{ .Values.app.namespace }}]   
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-policy.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-policy.yaml
new file mode 100644
index 00000000..b4e52bb1
--- /dev/null
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-policy.yaml
@@ -0,0 +1,18 @@
+apiVersion: redhatcop.redhat.io/v1alpha1
+kind: Policy
+metadata:
+  name: {{ .Values.app.name }}-kv
+  namespace: vault-admin
+spec:
+  authentication: 
+    path: kubernetes
+    role: policy-admin
+  policy: |
+    # read / write from the kv path
+    path "{{ .Values.git.org }}/{{ .Values.app.name }}-kv/*" {
+      capabilities = [ "create", "read", "update", "delete"]
+    }
+    # read the password policy
+    path "sys/policies/password/+/generate" {
+      capabilities = [ "read" ]
+    }
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-random-secret.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-random-secret.yaml
new file mode 100644
index 00000000..05e2cb89
--- /dev/null
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-random-secret.yaml
@@ -0,0 +1,13 @@
+apiVersion: redhatcop.redhat.io/v1alpha1
+kind: RandomSecret
+metadata:
+  name: {{ .Values.app.name }}-webhook
+spec:
+  authentication: 
+    path: kubernetes
+    role: {{ .Values.app.name }}-kv
+  isKVSecretsEngineV2: false
+  path: {{ .Values.git.org }}/{{ .Values.app.name }}-kv
+  secretKey: webhook_secret
+  secretFormat:
+    passwordPolicyName: webhook
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-secret.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-secret.yaml
new file mode 100644
index 00000000..aec044bd
--- /dev/null
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-secret.yaml
@@ -0,0 +1,16 @@
+apiVersion: redhatcop.redhat.io/v1alpha1
+kind: VaultSecret
+metadata:
+  name: {{ .Values.app.name }}-webhook
+spec:
+  vaultSecretDefinitions:
+    - authentication:
+        path: kubernetes
+        role: {{ .Values.app.name }}-kv
+      name: webhook_secret
+      path: {{ .Values.git.org }}/{{ .Values.app.name }}-kv/{{ .Values.app.name }}-webhook
+  output:
+    name: {{ .Values.app.name }}-webhook
+    stringData:
+      secret: "{{ "{{" }} .webhook_secret.webhook_secret {{ "}}" }}"
+    type: Opaque
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-sercret-engine-mount.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-sercret-engine-mount.yaml
new file mode 100644
index 00000000..4c0ff419
--- /dev/null
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/templates/vault-sercret-engine-mount.yaml
@@ -0,0 +1,11 @@
+apiVersion: redhatcop.redhat.io/v1alpha1
+kind: SecretEngineMount
+metadata:
+  name: {{ .Values.app.name }}-kv
+  namespace: vault-admin
+spec:
+  authentication: 
+    path: kubernetes
+    role: policy-admin
+  type: kv
+  path: {{ .Values.git.org }}
\ No newline at end of file
diff --git a/scaffolder-templates/quarkus-web-template/manifests/helm/build/values.yaml b/scaffolder-templates/quarkus-web-template/manifests/helm/build/values.yaml
index da4df358..1d7d6625 100644
--- a/scaffolder-templates/quarkus-web-template/manifests/helm/build/values.yaml
+++ b/scaffolder-templates/quarkus-web-template/manifests/helm/build/values.yaml
@@ -1,9 +1,13 @@
 app:
   name: ${{values.component_id}}
+  namespace: ${{ values.namespace }}
+  cluster: ${{ values.cluster }}
 
 git:
   branch: main
   repo: ${{ values.source_repository }}
+  org: ${{ values.git_owner }}
+  name: ${{ values.repository_name }}
 
 image:
   host: ${{ values.image_host }}
diff --git a/scaffolder-templates/quarkus-web-template/template.yaml b/scaffolder-templates/quarkus-web-template/template.yaml
index 18e1c73d..2a3de254 100644
--- a/scaffolder-templates/quarkus-web-template/template.yaml
+++ b/scaffolder-templates/quarkus-web-template/template.yaml
@@ -62,7 +62,6 @@ spec:
           default: image-registry.openshift-image-registry.svc:5000
         image_name:
           title: Image Name
-          default: my-quarkus-dev/my-quarkus-app
           type: string
           description: Build Image Name <NAMESPACE><COMPONENT_ID> to use internal registry
         image_tag:
@@ -132,6 +131,9 @@ spec:
           description: ${{ parameters.description }}
           destination: https://github.com/${{ (parameters.repoUrl | parseRepoUrl).owner }}/${{ (parameters.repoUrl | parseRepoUrl).repo }}-gitops
           source_repository: https://github.com/${{ (parameters.repoUrl | parseRepoUrl).owner }}/${{ (parameters.repoUrl | parseRepoUrl).repo }}
+          repository_name: ${{ (parameters.repoUrl | parseRepoUrl).repo }}
+          git_owner: ${{ (parameters.repoUrl | parseRepoUrl).owner }}
+          cluster: baseurl.cluster-example.com
           namespace: ${{ parameters.component_id }}-dev
           image_host: ${{ parameters.image_host }}
           image_name: ${{ parameters.image_name }}