diff --git a/infra/helm/charts/common/Chart.yaml b/infra/helm/charts/common/Chart.yaml
index e35c2d0e7a..4dfb28608c 100644
--- a/infra/helm/charts/common/Chart.yaml
+++ b/infra/helm/charts/common/Chart.yaml
@@ -1,23 +1,26 @@
+# Copyright VMware, Inc.
+# SPDX-License-Identifier: APACHE-2.0
+
 annotations:
   category: Infrastructure
   licenses: Apache-2.0
 apiVersion: v2
-appVersion: 2.9.2
-description: A Library Helm Chart for grouping common logic between bitnami charts.
-  This chart is not deployable by itself.
+# Please make sure that version and appVersion are always the same.
+appVersion: 2.13.3
+description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself.
 home: https://bitnami.com
 icon: https://bitnami.com/downloads/logos/bitnami-mark.png
 keywords:
-- common
-- helper
-- template
-- function
-- bitnami
+  - common
+  - helper
+  - template
+  - function
+  - bitnami
 maintainers:
-- name: VMware, Inc.
-  url: https://github.com/bitnami/charts
+  - name: VMware, Inc.
+    url: https://github.com/bitnami/charts
 name: common
 sources:
-- https://github.com/bitnami/charts
+  - https://github.com/bitnami/charts
 type: library
-version: 2.10.0
+version: 2.13.3
diff --git a/infra/helm/charts/common/README.md b/infra/helm/charts/common/README.md
index fe6a010003..a76fa46a26 100644
--- a/infra/helm/charts/common/README.md
+++ b/infra/helm/charts/common/README.md
@@ -24,18 +24,18 @@ data:
   myvalue: "Hello World"
 ```
 
+Looking to use our applications in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog.
+
 ## Introduction
 
 This chart provides a common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager.
 
 Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters.
 
-Looking to use our applications in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog.
-
 ## Prerequisites
 
-- Kubernetes 1.19+
-- Helm 3.2.0+
+- Kubernetes 1.23+
+- Helm 3.8.0+
 
 ## Parameters
 
diff --git a/infra/helm/charts/common/templates/_capabilities.tpl b/infra/helm/charts/common/templates/_capabilities.tpl
index c6d115fe51..115674af87 100644
--- a/infra/helm/charts/common/templates/_capabilities.tpl
+++ b/infra/helm/charts/common/templates/_capabilities.tpl
@@ -172,6 +172,50 @@ Return the appropriate apiVersion for Vertical Pod Autoscaler.
 {{- end -}}
 {{- end -}}
 
+{{/*
+Returns true if PodSecurityPolicy is supported
+*/}}
+{{- define "common.capabilities.psp.supported" -}}
+{{- if semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .) -}}
+  {{- true -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Returns true if AdmissionConfiguration is supported
+*/}}
+{{- define "common.capabilities.admissionConfiguration.supported" -}}
+{{- if semverCompare ">=1.23-0" (include "common.capabilities.kubeVersion" .) -}}
+  {{- true -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the appropriate apiVersion for AdmissionConfiguration.
+*/}}
+{{- define "common.capabilities.admissionConfiguration.apiVersion" -}}
+{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) -}}
+{{- print "apiserver.config.k8s.io/v1alpha1" -}}
+{{- else if semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .) -}}
+{{- print "apiserver.config.k8s.io/v1beta1" -}}
+{{- else -}}
+{{- print "apiserver.config.k8s.io/v1" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the appropriate apiVersion for PodSecurityConfiguration.
+*/}}
+{{- define "common.capabilities.podSecurityConfiguration.apiVersion" -}}
+{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) -}}
+{{- print "pod-security.admission.config.k8s.io/v1alpha1" -}}
+{{- else if semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .) -}}
+{{- print "pod-security.admission.config.k8s.io/v1beta1" -}}
+{{- else -}}
+{{- print "pod-security.admission.config.k8s.io/v1" -}}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Returns true if the used Helm version is 3.3+.
 A way to check the used Helm version was not introduced until version 3.3.0 with .Capabilities.HelmVersion, which contains an additional "{}}"  structure.
diff --git a/infra/helm/charts/common/templates/_images.tpl b/infra/helm/charts/common/templates/_images.tpl
index 2181f32245..1bcb779df5 100644
--- a/infra/helm/charts/common/templates/_images.tpl
+++ b/infra/helm/charts/common/templates/_images.tpl
@@ -38,13 +38,21 @@ Return the proper Docker Image Registry Secret Names (deprecated: use common.ima
 
   {{- if .global }}
     {{- range .global.imagePullSecrets -}}
-      {{- $pullSecrets = append $pullSecrets . -}}
+      {{- if kindIs "map" . -}}
+        {{- $pullSecrets = append $pullSecrets .name -}}
+      {{- else -}}
+        {{- $pullSecrets = append $pullSecrets . -}}
+      {{- end }}
     {{- end -}}
   {{- end -}}
 
   {{- range .images -}}
     {{- range .pullSecrets -}}
-      {{- $pullSecrets = append $pullSecrets . -}}
+      {{- if kindIs "map" . -}}
+        {{- $pullSecrets = append $pullSecrets .name -}}
+      {{- else -}}
+        {{- $pullSecrets = append $pullSecrets . -}}
+      {{- end -}}
     {{- end -}}
   {{- end -}}
 
@@ -66,13 +74,21 @@ Return the proper Docker Image Registry Secret Names evaluating values as templa
 
   {{- if $context.Values.global }}
     {{- range $context.Values.global.imagePullSecrets -}}
-      {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
+      {{- if kindIs "map" . -}}
+        {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" .name "context" $context)) -}}
+      {{- else -}}
+        {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
+      {{- end -}}
     {{- end -}}
   {{- end -}}
 
   {{- range .images -}}
     {{- range .pullSecrets -}}
-      {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
+      {{- if kindIs "map" . -}}
+        {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" .name "context" $context)) -}}
+      {{- else -}}
+        {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
+      {{- end -}}
     {{- end -}}
   {{- end -}}
 
@@ -83,3 +99,19 @@ imagePullSecrets:
     {{- end }}
   {{- end }}
 {{- end -}}
+
+{{/*
+Return the proper image version (ingores image revision/prerelease info & fallbacks to chart appVersion)
+{{ include "common.images.version" ( dict "imageRoot" .Values.path.to.the.image "chart" .Chart ) }}
+*/}}
+{{- define "common.images.version" -}}
+{{- $imageTag := .imageRoot.tag | toString -}}
+{{/* regexp from https://github.com/Masterminds/semver/blob/23f51de38a0866c5ef0bfc42b3f735c73107b700/version.go#L41-L44 */}}
+{{- if regexMatch `^([0-9]+)(\.[0-9]+)?(\.[0-9]+)?(-([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?(\+([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?$` $imageTag -}}
+    {{- $version := semver $imageTag -}}
+    {{- printf "%d.%d.%d" $version.Major $version.Minor $version.Patch -}}
+{{- else -}}
+    {{- print .chart.AppVersion -}}
+{{- end -}}
+{{- end -}}
+
diff --git a/infra/helm/charts/common/templates/_labels.tpl b/infra/helm/charts/common/templates/_labels.tpl
index fac46076a5..d90a6cdc0c 100644
--- a/infra/helm/charts/common/templates/_labels.tpl
+++ b/infra/helm/charts/common/templates/_labels.tpl
@@ -11,21 +11,19 @@ Kubernetes standard labels
 */}}
 {{- define "common.labels.standard" -}}
 {{- if and (hasKey . "customLabels") (hasKey . "context") -}}
-{{ merge
-        (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml)
-        (dict
-            "app.kubernetes.io/name" (include "common.names.name" .context)
-            "helm.sh/chart" (include "common.names.chart" .context)
-            "app.kubernetes.io/instance" .context.Release.Name
-            "app.kubernetes.io/managed-by" .context.Release.Service
-        )
-    | toYaml
-}}
+{{- $default := dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service -}}
+{{- with .context.Chart.AppVersion -}}
+{{- $_ := set $default "app.kubernetes.io/version" . -}}
+{{- end -}}
+{{ template "common.tplvalues.merge" (dict "values" (list .customLabels $default) "context" .context) }}
 {{- else -}}
 app.kubernetes.io/name: {{ include "common.names.name" . }}
 helm.sh/chart: {{ include "common.names.chart" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- with .Chart.AppVersion }}
+app.kubernetes.io/version: {{ . | quote }}
+{{- end -}}
 {{- end -}}
 {{- end -}}
 
@@ -40,14 +38,7 @@ overwrote them on metadata.labels fields.
 */}}
 {{- define "common.labels.matchLabels" -}}
 {{- if and (hasKey . "customLabels") (hasKey . "context") -}}
-{{ merge
-        (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance")
-        (dict
-            "app.kubernetes.io/name" (include "common.names.name" .context)
-            "app.kubernetes.io/instance" .context.Release.Name
-        )
-    | toYaml
-}}
+{{ merge (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") (dict "app.kubernetes.io/name" (include "common.names.name" .context) "app.kubernetes.io/instance" .context.Release.Name ) | toYaml }}
 {{- else -}}
 app.kubernetes.io/name: {{ include "common.names.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
diff --git a/infra/helm/charts/common/templates/_utils.tpl b/infra/helm/charts/common/templates/_utils.tpl
index c87040cd91..bfbddf0547 100644
--- a/infra/helm/charts/common/templates/_utils.tpl
+++ b/infra/helm/charts/common/templates/_utils.tpl
@@ -65,3 +65,13 @@ Usage:
 {{- end -}}
 {{- printf "%s" $key -}} 
 {{- end -}}
+
+{{/*
+Checksum a template at "path" containing a *single* resource (ConfigMap,Secret) for use in pod annotations, excluding the metadata (see #18376).
+Usage:
+{{ include "common.utils.checksumTemplate" (dict "path" "/configmap.yaml" "context" $) }}
+*/}}
+{{- define "common.utils.checksumTemplate" -}}
+{{- $obj := include (print .context.Template.BasePath .path) .context | fromYaml -}}
+{{ omit $obj "apiVersion" "kind" "metadata" | toYaml | sha256sum }}
+{{- end -}}
diff --git a/infra/helm/redis/charts b/infra/helm/redis/charts
new file mode 120000
index 0000000000..a54fc9838d
--- /dev/null
+++ b/infra/helm/redis/charts
@@ -0,0 +1 @@
+../charts
\ No newline at end of file
diff --git a/infra/tf/k8s_infra/redis.tf b/infra/tf/k8s_infra/redis.tf
index 73024fc54d..57965ce426 100644
--- a/infra/tf/k8s_infra/redis.tf
+++ b/infra/tf/k8s_infra/redis.tf
@@ -66,9 +66,10 @@ resource "helm_release" "redis" {
 
 	name = "redis"
 	namespace = kubernetes_namespace.redis[each.key].metadata.0.name
-	repository = "https://charts.bitnami.com/bitnami"
-	chart = "redis"
-	version = "18.4.0"
+	chart = "../../helm/redis"
+	# repository = "https://charts.bitnami.com/bitnami"
+	# chart = "redis"
+	# version = "18.4.0"
 	values = [yamlencode({
 		architecture = "replication"