diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 8a90ccaa9..2aa7cee60 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,4 +4,17 @@ updates:
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
-      interval: "daily"
\ No newline at end of file
+      interval: "daily"
+    labels: ["dependencies"]
+    groups:
+      github-actions-breaking:
+        update-types:
+          - major
+      github-actions-backward-compatible:
+        update-types:
+          - minor
+          - patch
+    # only update internal github actions, external github actions are handled
+    # by https://github.com/hashicorp/security-tsccr/tree/main/automation
+    allow:
+      - dependency-name: "hashicorp/*"
diff --git a/.github/workflows/jira.yaml b/.github/workflows/jira.yaml
index 0f73ec380..333579bf3 100644
--- a/.github/workflows/jira.yaml
+++ b/.github/workflows/jira.yaml
@@ -14,4 +14,4 @@ jobs:
       JIRA_SYNC_USER_EMAIL: ${{ secrets.JIRA_SYNC_USER_EMAIL }}
       JIRA_SYNC_API_TOKEN: ${{ secrets.JIRA_SYNC_API_TOKEN }}
     with:
-      teams-array: '["ecosystem", "foundations-eco"]'
+      teams-array: '["vault-eco"]'
diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml
index a9b738c43..4b277d919 100644
--- a/.github/workflows/tests.yaml
+++ b/.github/workflows/tests.yaml
@@ -10,14 +10,14 @@ jobs:
   chart-verifier:
     runs-on: ubuntu-latest
     env:
-      CHART_VERIFIER_VERSION: '1.13.3'
+      CHART_VERIFIER_VERSION: '1.13.4'
     steps:
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
       - name: Setup test tools
         uses: ./.github/actions/setup-test-tools
       - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
         with:
-          go-version: '1.22.2'
+          go-version: '1.22.5'
       - run: go install "github.com/redhat-certification/chart-verifier@${CHART_VERIFIER_VERSION}"
       - run: bats --tap --timing ./test/chart
 permissions:
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 72e58a878..552ee4241 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,20 @@
 ## Unreleased
 
+## 0.28.1 (July 11, 2024)
+
+Changes:
+
+* Default `vault` version updated to 1.17.2
+* Default `vault-k8s` version updated to 1.4.2
+* Default `vault-csi-provider` version updated to 1.4.3
+* Tested with Kubernetes versions 1.26-1.30
+
+Improvements:
+
+* Configurable `tlsConfig` and `authorization` for Prometheus ServiceMonitor [GH-1025](https://github.com/hashicorp/vault-helm/pull/1025)
+* Remove UPDATE from injector-mutating-webhook [GH-783](https://github.com/hashicorp/vault-helm/pull/783)
+* Add scope to mutating webhook [GH-1037](https://github.com/hashicorp/vault-helm/pull/1037)
+
 ## 0.28.0 (April 8, 2024)
 
 Changes:
diff --git a/Chart.yaml b/Chart.yaml
index 20e514e92..9aca92afe 100644
--- a/Chart.yaml
+++ b/Chart.yaml
@@ -3,8 +3,8 @@
 
 apiVersion: v2
 name: vault
-version: 0.28.0
-appVersion: 1.16.1
+version: 0.28.1
+appVersion: 1.17.2
 kubeVersion: ">= 1.20.0-0"
 description: Official HashiCorp Vault Chart
 home: https://www.vaultproject.io
diff --git a/README.md b/README.md
index 256bd8b91..18eaf889e 100644
--- a/README.md
+++ b/README.md
@@ -21,7 +21,7 @@ this README. Please refer to the Kubernetes and Helm documentation.
 The versions required are:
 
   * **Helm 3.6+**
-  * **Kubernetes 1.22+** - This is the earliest version of Kubernetes tested.
+  * **Kubernetes 1.26+** - This is the earliest version of Kubernetes tested.
     It is possible that this chart works with earlier versions but it is
     untested.
 
diff --git a/values.openshift.yaml b/values.openshift.yaml
index 62a85a6d5..369489f77 100644
--- a/values.openshift.yaml
+++ b/values.openshift.yaml
@@ -9,16 +9,16 @@ global:
 injector:
   image:
     repository: "registry.connect.redhat.com/hashicorp/vault-k8s"
-    tag: "1.4.1-ubi"
+    tag: "1.4.2-ubi"
 
   agentImage:
     repository: "registry.connect.redhat.com/hashicorp/vault"
-    tag: "1.16.1-ubi"
+    tag: "1.17.2-ubi"
 
 server:
   image:
     repository: "registry.connect.redhat.com/hashicorp/vault"
-    tag: "1.16.1-ubi"
+    tag: "1.17.2-ubi"
 
   readinessProbe:
     path: "/v1/sys/health?uninitcode=204"
diff --git a/values.schema.json b/values.schema.json
index 3f0871f2c..7d62c133f 100644
--- a/values.schema.json
+++ b/values.schema.json
@@ -1236,6 +1236,9 @@
                 "serviceMonitor": {
                     "type": "object",
                     "properties": {
+                        "authorization": {
+                            "type": "object"
+                        },
                         "enabled": {
                             "type": "boolean"
                         },
@@ -1247,6 +1250,9 @@
                         },
                         "selectors": {
                             "type": "object"
+                        },
+                        "tlsConfig": {
+                            "type": "object"
                         }
                     }
                 }
diff --git a/values.yaml b/values.yaml
index fe7a2582f..7496d6031 100644
--- a/values.yaml
+++ b/values.yaml
@@ -68,7 +68,7 @@ injector:
   # image sets the repo and tag of the vault-k8s image to use for the injector.
   image:
     repository: "hashicorp/vault-k8s"
-    tag: "1.4.1"
+    tag: "1.4.2"
     pullPolicy: IfNotPresent
 
   # agentImage sets the repo and tag of the Vault image to use for the Vault Agent
@@ -76,7 +76,7 @@ injector:
   # required.
   agentImage:
     repository: "hashicorp/vault"
-    tag: "1.16.1"
+    tag: "1.17.2"
 
   # The default values for the injected Vault Agent containers.
   agentDefaults:
@@ -377,7 +377,7 @@ server:
 
   image:
     repository: "hashicorp/vault"
-    tag: "1.16.1"
+    tag: "1.17.2"
     # Overrides the default Image Pull Policy
     pullPolicy: IfNotPresent
 
@@ -1087,7 +1087,7 @@ csi:
 
   image:
     repository: "hashicorp/vault-csi-provider"
-    tag: "1.4.2"
+    tag: "1.4.3"
     pullPolicy: IfNotPresent
 
   # volumes is a list of volumes made available to all containers. These are rendered
@@ -1172,7 +1172,7 @@ csi:
 
     image:
       repository: "hashicorp/vault"
-      tag: "1.16.1"
+      tag: "1.17.2"
       pullPolicy: IfNotPresent
 
     logFormat: standard