diff --git a/.github/workflows/pr_pre-commit.yml b/.github/workflows/pr_pre-commit.yml
index 10bceb36..adfc6acc 100644
--- a/.github/workflows/pr_pre-commit.yml
+++ b/.github/workflows/pr_pre-commit.yml
@@ -18,7 +18,7 @@ jobs:
         with:
           persist-credentials: false
           fetch-depth: 0
-      - uses: stackabletech/actions/run-pre-commit@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+      - uses: stackabletech/actions/run-pre-commit@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
           hadolint: ${{ env.HADOLINT_VERSION }}
diff --git a/template/.github/workflows/build.yaml.j2 b/template/.github/workflows/build.yaml.j2
index 94e5c7f0..a954ac7e 100644
--- a/template/.github/workflows/build.yaml.j2
+++ b/template/.github/workflows/build.yaml.j2
@@ -48,7 +48,7 @@ jobs:
 
       - name: Check for changed files
         id: check
-        uses: stackabletech/actions/detect-changes@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+        uses: stackabletech/actions/detect-changes@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           patterns: |
             - '.github/workflows/build.yaml'
@@ -166,7 +166,7 @@ jobs:
 
       - name: Build Container Image
         id: build
-        uses: stackabletech/actions/build-container-image@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+        uses: stackabletech/actions/build-container-image@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           image-name: ${{ env.OPERATOR_NAME }}
           image-index-manifest-tag: ${{ steps.version.outputs.OPERATOR_VERSION }}
@@ -175,7 +175,7 @@ jobs:
 
       - name: Publish Container Image
         if: ${{ !github.event.pull_request.head.repo.fork }}
-        uses: stackabletech/actions/publish-image@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+        uses: stackabletech/actions/publish-image@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           image-registry-uri: oci.stackable.tech
           image-registry-username: robot$sdp+github-action-build
@@ -203,7 +203,7 @@ jobs:
           persist-credentials: false
 
       - name: Publish and Sign Image Index
-        uses: stackabletech/actions/publish-image-index-manifest@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+        uses: stackabletech/actions/publish-image-index-manifest@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           image-registry-uri: oci.stackable.tech
           image-registry-username: robot$sdp+github-action-build
@@ -230,7 +230,7 @@ jobs:
           submodules: recursive
 
       - name: Package, Publish, and Sign Helm Chart
-        uses: stackabletech/actions/publish-helm-chart@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+        uses: stackabletech/actions/publish-helm-chart@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           chart-registry-uri: oci.stackable.tech
           chart-registry-username: robot$sdp-charts+github-action-build
@@ -260,7 +260,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Run OpenShift Preflight Check
-        uses: stackabletech/actions/run-openshift-preflight@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+        uses: stackabletech/actions/run-openshift-preflight@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           image-index-uri: oci.stackable.tech/sdp/${{ env.OPERATOR_NAME }}:${{ needs.build-container-image.outputs.operator-version }}
           image-architecture: ${{ matrix.arch }}
@@ -300,7 +300,7 @@ jobs:
           persist-credentials: false
 
       - name: Send Notification
-        uses: stackabletech/actions/send-slack-notification@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+        uses: stackabletech/actions/send-slack-notification@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           publish-helm-chart-result: ${{ needs.publish-helm-chart.result }}
           publish-manifests-result: ${{ needs.publish-index-manifest.result }}
diff --git a/template/.github/workflows/integration-test.yml b/template/.github/workflows/integration-test.yml
index 6ef8c57d..34b20680 100644
--- a/template/.github/workflows/integration-test.yml
+++ b/template/.github/workflows/integration-test.yml
@@ -41,7 +41,7 @@ jobs:
       # TODO: Enable the scheduled runs which hard-code what profile to use
       - name: Run Integration Test
         id: test
-        uses: stackabletech/actions/run-integration-test@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+        uses: stackabletech/actions/run-integration-test@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           replicated-api-token: ${{ secrets.REPLICATED_API_TOKEN }}
           test-mode-input: ${{ inputs.test-mode-input }}
@@ -51,7 +51,7 @@ jobs:
 
       - name: Send Notification
         if: ${{ failure() || github.run_attempt > 1 }}
-        uses: stackabletech/actions/send-slack-notification@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+        uses: stackabletech/actions/send-slack-notification@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           slack-token: ${{ secrets.SLACK_INTEGRATION_TEST_TOKEN }}
           failed-tests: ${{ steps.test.outputs.failed-tests }}
diff --git a/template/.github/workflows/pr_pre-commit.yaml.j2 b/template/.github/workflows/pr_pre-commit.yaml.j2
index 6cccfa02..5188616b 100644
--- a/template/.github/workflows/pr_pre-commit.yaml.j2
+++ b/template/.github/workflows/pr_pre-commit.yaml.j2
@@ -27,7 +27,7 @@ jobs:
           persist-credentials: false
           submodules: recursive
           fetch-depth: 0
-      - uses: stackabletech/actions/run-pre-commit@9848c5593dff4793aacba240116a648c02f20fa4 # v0.13.1
+      - uses: stackabletech/actions/run-pre-commit@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0
         with:
           python-version: ${{ env.PYTHON_VERSION }}
           rust: ${{ env.RUST_TOOLCHAIN_VERSION }}
diff --git a/template/Makefile.j2 b/template/Makefile.j2
index 5c2308ef..eae8dca9 100644
--- a/template/Makefile.j2
+++ b/template/Makefile.j2
@@ -76,3 +76,9 @@ run-dev: check-nix check-kubernetes
 
 stop-dev: check-nix check-kubernetes
 	nix run --extra-experimental-features "nix-command flakes" -f. tilt -- down
+
+helm-install:
+	helm install \
+		--values deploy/helm/airflow-operator/values.yaml \
+		--values deploy/helm/airflow-operator/values/$(OCI_REGISTRY_HOSTNAME).yaml \
+		airflow-operator deploy/helm/airflow-operator
diff --git a/template/Tiltfile b/template/Tiltfile
index 53c3a8e4..778bcaa3 100644
--- a/template/Tiltfile
+++ b/template/Tiltfile
@@ -1,16 +1,18 @@
+# Load the metadata first, so that we immediately get access to the operator name
+meta = read_json('nix/meta.json')
+operator_name = meta['operator']['name']
+
 # If tilt_options.json exists read it and load the default_registry value from it
 settings = read_json('tilt_options.json', default={})
-registry = settings.get('default_registry', 'oci.stackable.tech/sandbox')
+registry = settings.get('default_registry', 'oci.stackable.tech')
+repository = settings.get('default_repository', 'sandbox' + '/' + operator_name)
 
 # Configure default registry either read from config file above, or with default value of "oci.stackable.tech/sandbox"
 default_registry(registry)
 
-meta = read_json('nix/meta.json')
-operator_name = meta['operator']['name']
-
 custom_build(
-    registry + '/' + operator_name,
-    'make regenerate-nix && nix-build . -A docker --argstr dockerName "${EXPECTED_REGISTRY}/' + operator_name + '" && ./result/load-image | docker load',
+    registry + '/' + repository,
+    'make regenerate-nix && nix-build . -A docker --argstr dockerName "${EXPECTED_REGISTRY}/' + repository + '" && ./result/load-image | docker load',
     deps=['rust', 'Cargo.toml', 'Cargo.lock', 'default.nix', "nix", 'build.rs', 'vendor'],
     ignore=['*.~undo-tree~'],
     # ignore=['result*', 'Cargo.nix', 'target', *.yaml],
@@ -28,13 +30,15 @@ k8s_kind('DaemonSet', image_json_path='{.spec.template.metadata.annotations.inte
 # supported by helm(set).
 helm_values = settings.get('helm_values', None)
 
-helm_override_image_repository = 'image.repository=' + registry + '/' + operator_name
+helm_override_image_registry = 'image.registry=' + registry
+helm_override_image_repository = 'image.repository=' + repository
 
 k8s_yaml(helm(
    'deploy/helm/' + operator_name,
    name=operator_name,
    namespace="stackable-operators",
    set=[
+      helm_override_image_registry,
       helm_override_image_repository,
    ],
    values=helm_values,
diff --git a/template/deploy/helm/[[operator]]/.helmignore b/template/deploy/helm/[[operator]]/.helmignore
index fef44b7e..85530816 100644
--- a/template/deploy/helm/[[operator]]/.helmignore
+++ b/template/deploy/helm/[[operator]]/.helmignore
@@ -6,6 +6,8 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
+# Ignore the file itself
+.helmignore
 .DS_Store
 # Common VCS dirs
 .git/
@@ -26,3 +28,5 @@
 .idea/
 *.tmproj
 .vscode/
+# Partial, unmerged, registry-specific values files
+values/
diff --git a/template/deploy/helm/[[operator]]/templates/_helpers.tpl b/template/deploy/helm/[[operator]]/templates/_helpers.tpl
index 1096ffc6..80f2848b 100644
--- a/template/deploy/helm/[[operator]]/templates/_helpers.tpl
+++ b/template/deploy/helm/[[operator]]/templates/_helpers.tpl
@@ -77,3 +77,10 @@ Labels for Kubernetes objects created by helm test
 {{- define "operator.testLabels" -}}
 helm.sh/test: {{ include "operator.chart" . }}
 {{- end }}
+
+{{/*
+Build the full container image reference.
+*/}}
+{{- define "operator.image" -}}
+{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (.Values.image.tag | default .Chart.AppVersion) -}}
+{{- end }}
diff --git a/template/deploy/helm/[[operator]]/templates/deployment.yaml.j2 b/template/deploy/helm/[[operator]]/templates/deployment.yaml.j2
index 459403e3..d6866402 100644
--- a/template/deploy/helm/[[operator]]/templates/deployment.yaml.j2
+++ b/template/deploy/helm/[[operator]]/templates/deployment.yaml.j2
@@ -16,7 +16,7 @@ spec:
   template:
     metadata:
       annotations:
-        internal.stackable.tech/image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+        internal.stackable.tech/image: {{ include "operator.image" . }}
         checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
         {{- with .Values.podAnnotations }}
         {{- toYaml . | nindent 8 }}
@@ -38,7 +38,7 @@ spec:
         - name: {{ include "operator.appname" . }}
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          image: {{ include "operator.image" . }}
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
@@ -71,6 +71,15 @@ spec:
             - name: OPERATOR_SERVICE_NAME
               value: {{ include "operator.fullname" . }}
 
+            # The URI of the image registry, like "oci.stackable.tech". Used to derive product image
+            # name.
+            - name: IMAGE_REGISTRY_URI
+              value: {{ .Values.image.registry }}
+
+            # The image repository, like "sdp/airflow-operator"
+            - name: IMAGE_REPOSITORY
+              value: {{ .Values.image.repository }}
+
             # Operators need to know the node name they are running on, to e.g. discover the
             # Kubernetes domain name from the kubelet API.
             - name: KUBERNETES_NODE_NAME
diff --git a/template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml b/template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml
new file mode 100644
index 00000000..06f5dd12
--- /dev/null
+++ b/template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml
@@ -0,0 +1,5 @@
+---
+# Values overlay for chart packages published to oci.stackable.tech.
+image:
+  registry: oci.stackable.tech
+  repository: sdp/airflow-operator