diff --git a/charts/renovate/README.md b/charts/renovate/README.md
index 4b1262fa2..dab90fdb2 100644
--- a/charts/renovate/README.md
+++ b/charts/renovate/README.md
@@ -104,6 +104,7 @@ The following table lists the configurable parameters of the chart and the defau
 | renovate.persistence.cache.volumeName | string | `""` | Existing volume, enables binding the pvc to an existing volume |
 | renovate.securityContext | object | `{}` | Renovate Container-level security-context |
 | resources | object | `{}` | Specify resource limits and requests for the renovate container |
+| secretAnnotations | object | `{}` | Annotations to add to secret |
 | secrets | object | `{}` | Environment variables that should be referenced from a k8s secret, cannot be used when existingSecret is set |
 | securityContext | object | `{}` | Pod-level security-context |
 | serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
diff --git a/charts/renovate/templates/config.yaml b/charts/renovate/templates/config.yaml
index 802847804..3459d4955 100644
--- a/charts/renovate/templates/config.yaml
+++ b/charts/renovate/templates/config.yaml
@@ -15,6 +15,10 @@ metadata:
   name: {{ template "renovate.fullname" . }}-config
   labels:
     {{- include "renovate.labels" . | nindent 4 }}
+  {{- with .Values.secretAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 {{- if .Values.renovate.configIsSecret }}
 stringData:
 {{- else }}
diff --git a/charts/renovate/templates/secret.yaml b/charts/renovate/templates/secret.yaml
index f9423d854..11b43bdf5 100644
--- a/charts/renovate/templates/secret.yaml
+++ b/charts/renovate/templates/secret.yaml
@@ -5,6 +5,10 @@ metadata:
   name: {{ template "renovate.fullname" . }}-secret
   labels:
     {{- include "renovate.labels" . | nindent 4 }}
+  {{- with .Values.secretAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 type: Opaque
 data:
   {{- range $k, $v := index .Values.secrets }}
diff --git a/charts/renovate/templates/ssh-secret.yaml b/charts/renovate/templates/ssh-secret.yaml
index 413fa5179..c6944be76 100644
--- a/charts/renovate/templates/ssh-secret.yaml
+++ b/charts/renovate/templates/ssh-secret.yaml
@@ -5,6 +5,10 @@ metadata:
   name: {{ template "renovate.sshSecretName" . }}
   labels:
     {{- include "renovate.labels" . | nindent 4 }}
+  {{- with .Values.secretAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 type: Opaque
 data:
 {{- if .Values.ssh_config.config }}
diff --git a/charts/renovate/values.yaml b/charts/renovate/values.yaml
index 5117f3d07..270a480ca 100644
--- a/charts/renovate/values.yaml
+++ b/charts/renovate/values.yaml
@@ -10,6 +10,8 @@ global:
 nameOverride: ''
 # -- Override the fully qualified app name
 fullnameOverride: ''
+# -- Annotations to add to secret
+secretAnnotations: {}
 
 cronjob:
   # -- Schedules the job to run using cron notation