diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index b54e4b94..0862fd14 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -38,6 +38,13 @@ jobs:
         exclude:
           - install: static
             single_namespace: true
+        include:
+          - install: helm
+            enable_webhook: false
+            emqx: [EMQX, emqx, "config/samples/emqx/v2beta1/emqx-slim.yaml"]
+          - install: helm
+            enable_webhook: false
+            emqx: [EMQX, emqx, "config/samples/emqx/v2beta1/emqx-full.yaml"]
 
     steps:
       - run: minikube start
diff --git a/deploy/charts/emqx-operator/templates/cert-manager.yaml b/deploy/charts/emqx-operator/templates/cert-manager.yaml
index b5b41dad..807b7dd1 100644
--- a/deploy/charts/emqx-operator/templates/cert-manager.yaml
+++ b/deploy/charts/emqx-operator/templates/cert-manager.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.webhook.enabled }}
 {{- if (index .Values "cert-manager" "enable") }}
 ---
 apiVersion: cert-manager.io/v1
@@ -22,3 +23,4 @@ spec:
     name: {{ include "emqx-operator.fullname" . }}-selfsigned-issuer
   secretName: {{ index .Values "cert-manager" "secretName" | default (printf "%s-webhook-server-cert" (include "emqx-operator.fullname" .)) }}
 {{- end }}
+{{- end }}
diff --git a/deploy/charts/emqx-operator/templates/controller-manager-webhook-service.yaml b/deploy/charts/emqx-operator/templates/controller-manager-webhook-service.yaml
index fc478652..b82e46b5 100644
--- a/deploy/charts/emqx-operator/templates/controller-manager-webhook-service.yaml
+++ b/deploy/charts/emqx-operator/templates/controller-manager-webhook-service.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.webhook.enabled -}}
 ---
 apiVersion: v1
 kind: Service
@@ -11,3 +12,4 @@ spec:
   selector:
     control-plane: controller-manager
     {{- include "emqx-operator.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/deploy/charts/emqx-operator/templates/controller-manager.yaml b/deploy/charts/emqx-operator/templates/controller-manager.yaml
index 71dd6d77..e936140b 100644
--- a/deploy/charts/emqx-operator/templates/controller-manager.yaml
+++ b/deploy/charts/emqx-operator/templates/controller-manager.yaml
@@ -27,6 +27,9 @@ spec:
       imagePullSecrets:
         {{- toYaml . | nindent 8 }}
       {{- end }}
+      env:
+      - name: ENABLE_WEBHOOKS
+        value: {{ .Values.webhook.enabled | quote }}
       containers:
       - args:
         - --leader-elect
@@ -48,9 +51,11 @@ spec:
         - containerPort: 8080
           name: metrics
           protocol: TCP
+        {{- if .Values.webhook.enabled }}
         - containerPort: 9443
           name: webhook-server
           protocol: TCP
+        {{- end }}
         {{- if .Values.singleNamespace }}
         env:
         - name: WATCH_NAMESPACE
@@ -68,19 +73,23 @@ spec:
           {{- toYaml .Values.resources | nindent 12 }}
         securityContext:
           {{- toYaml .Values.containerSecurityContext | nindent 12 }}
+        {{- if .Values.webhook.enabled }}
         volumeMounts:
         - mountPath: /tmp/k8s-webhook-server/serving-certs
           name: cert
           readOnly: true
+        {{- end }}
       securityContext:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       serviceAccountName: {{ include "emqx-operator.serviceAccountName" . }}
       terminationGracePeriodSeconds: 10
+      {{- if .Values.webhook.enabled }}
       volumes:
       - name: cert
         secret:
           defaultMode: 420
           secretName: {{ index .Values "cert-manager" "secretName" | default (printf "%s-webhook-server-cert" (include "emqx-operator.fullname" .)) }}
+      {{- end }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
diff --git a/deploy/charts/emqx-operator/templates/webhook-mutating-configuration.yaml b/deploy/charts/emqx-operator/templates/webhook-mutating-configuration.yaml
index 5d3d8815..a4083c90 100644
--- a/deploy/charts/emqx-operator/templates/webhook-mutating-configuration.yaml
+++ b/deploy/charts/emqx-operator/templates/webhook-mutating-configuration.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.webhook.enabled }}
 ---
 apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
@@ -69,3 +70,4 @@ webhooks:
     resources:
     - emqxplugins
   sideEffects: None
+{{- end -}}
diff --git a/deploy/charts/emqx-operator/templates/webhook-validating-configuration.yaml b/deploy/charts/emqx-operator/templates/webhook-validating-configuration.yaml
index a3204a80..3323f720 100644
--- a/deploy/charts/emqx-operator/templates/webhook-validating-configuration.yaml
+++ b/deploy/charts/emqx-operator/templates/webhook-validating-configuration.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.webhook.enabled }}
 ---
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingWebhookConfiguration
@@ -90,3 +91,4 @@ webhooks:
     resources:
     - emqxplugins
   sideEffects: None
+{{- end -}}
diff --git a/deploy/charts/emqx-operator/values.yaml b/deploy/charts/emqx-operator/values.yaml
index ec0b3ccb..303ca497 100644
--- a/deploy/charts/emqx-operator/values.yaml
+++ b/deploy/charts/emqx-operator/values.yaml
@@ -27,6 +27,9 @@ imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
 
+webhook:
+  enabled: true
+
 serviceAccount:
   # Specifies whether a service account should be created
   create: true