diff --git a/charts/kyverno/templates/admission-controller/role.yaml b/charts/kyverno/templates/admission-controller/role.yaml
index 689d48f52b..fb43d0160f 100644
--- a/charts/kyverno/templates/admission-controller/role.yaml
+++ b/charts/kyverno/templates/admission-controller/role.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.rbac.create }}
+{{- if .Values.rbac.create -}}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
@@ -50,8 +50,15 @@ rules:
       - apps
     resources:
       - deployments
+      {{- if .Values.webhooksCleanup.enabled }}
+      - deployments/scale
+      {{- end }}
     verbs:
       - get
       - list
       - watch
-{{- end }}
+      {{- if .Values.webhooksCleanup.enabled }}
+      - patch
+      - update
+      {{- end }}
+{{- end -}}
diff --git a/charts/kyverno/templates/admission-controller/rolebinding.yaml b/charts/kyverno/templates/admission-controller/rolebinding.yaml
index de7f9b9560..299f05ab8e 100644
--- a/charts/kyverno/templates/admission-controller/rolebinding.yaml
+++ b/charts/kyverno/templates/admission-controller/rolebinding.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.rbac.create }}
+{{- if .Values.rbac.create -}}
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
@@ -14,4 +14,4 @@ subjects:
   - kind: ServiceAccount
     name: {{ template "kyverno.admission-controller.serviceAccountName" . }}
     namespace: {{ template "kyverno.namespace" . }}
-{{- end }}
+{{- end -}}
diff --git a/charts/kyverno/templates/hooks/_helpers.tpl b/charts/kyverno/templates/hooks/_helpers.tpl
new file mode 100644
index 0000000000..edc290b663
--- /dev/null
+++ b/charts/kyverno/templates/hooks/_helpers.tpl
@@ -0,0 +1,15 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "kyverno.hooks.labels" -}}
+{{- template "kyverno.labels.merge" (list
+  (include "kyverno.labels.common" .)
+  (include "kyverno.hooks.matchLabels" .)
+) -}}
+{{- end -}}
+
+{{- define "kyverno.hooks.matchLabels" -}}
+{{- template "kyverno.labels.merge" (list
+  (include "kyverno.matchLabels.common" .)
+  (include "kyverno.labels.component" "hooks")
+) -}}
+{{- end -}}
diff --git a/charts/kyverno/templates/helm-pre-delete-hook.yaml b/charts/kyverno/templates/hooks/pre-delete.yaml
similarity index 68%
rename from charts/kyverno/templates/helm-pre-delete-hook.yaml
rename to charts/kyverno/templates/hooks/pre-delete.yaml
index 9bde8360ef..5ce1e46ad8 100644
--- a/charts/kyverno/templates/helm-pre-delete-hook.yaml
+++ b/charts/kyverno/templates/hooks/pre-delete.yaml
@@ -1,11 +1,11 @@
-{{- if .Values.webhooksCleanup.enabled }}
+{{- if .Values.webhooksCleanup.enabled -}}
 apiVersion: batch/v1
 kind: Job
 metadata:
   name: {{ template "kyverno.fullname" . }}-hook-pre-delete
   namespace: {{ template "kyverno.namespace" . }}
   labels:
-    {{- include "kyverno.admission-controller.labels" . | nindent 4 }}
+    {{- include "kyverno.hooks.labels" . | nindent 4 }}
   annotations:
     "helm.sh/hook": pre-delete
     "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
@@ -19,9 +19,11 @@ spec:
           command:
             - sh
             - '-c'
-            - >-
-              kubectl delete validatingwebhookconfiguration -l webhook.kyverno.io/managed-by=kyverno;
-              kubectl delete mutatingwebhookconfiguration -l webhook.kyverno.io/managed-by=kyverno;
+            - |-
+              kubectl scale -n {{ template "kyverno.namespace" . }} deployment --all --replicas=0
+              sleep 30
+              kubectl delete validatingwebhookconfiguration -l webhook.kyverno.io/managed-by=kyverno
+              kubectl delete mutatingwebhookconfiguration -l webhook.kyverno.io/managed-by=kyverno
       restartPolicy: Never
   backoffLimit: 2
-{{- end }}
\ No newline at end of file
+{{- end -}}