diff --git a/.github/workflows/warden-verify.yaml b/.github/workflows/warden-verify.yaml
index d149367a..ea47280e 100644
--- a/.github/workflows/warden-verify.yaml
+++ b/.github/workflows/warden-verify.yaml
@@ -46,5 +46,18 @@ jobs:
       with:
         go-version: '1.21'
         cache: true
+    - name: setup pre-submit envs
+      if: github.event_name == 'pull_request'
+      run: |
+        echo "IMG_DIRECTORY=dev" >> $GITHUB_ENV
+        echo "IMG_VERSION=PR-${{ github.event.number }}" >> $GITHUB_ENV
+    - name: setup post-submit envs
+      if: github.event_name == 'push'
+      run: |
+        echo "IMG_DIRECTORY=prod" >> $GITHUB_ENV
+        echo "IMG_VERSION=${{github.sha}}" >> $GITHUB_ENV
     - name: run test
       run: make verify-on-cluster
+    - name: Show Warden Logs
+      if: failure()
+      run: kubectl logs -l app=warden -n kyma-system --prefix=true;
\ No newline at end of file
diff --git a/Makefile b/Makefile
index 3c79aa18..801436fa 100644
--- a/Makefile
+++ b/Makefile
@@ -120,12 +120,15 @@ configure-git-origin:
 	@git remote | grep '^origin$$' -q || \
 		git remote add origin https://github.com/kyma-project/warden
 
-
+# deprecated - no longer called on prow ?
 .PHONY: k3d-integration-test
-k3d-integration-test: run-on-k3d verify-status run-integration-tests
+k3d-integration-test: 
+	@IMG_VERSION="main" IMG_DIRECTORY="prod" make replace-chart-images run-on-k3d verify-status run-integration-tests
 
 .PHONY: verify-on-cluster
-verify-on-cluster: run-on-cluster verify-status run-integration-tests
+verify-on-cluster:
+	@echo "this target requires IMG_VERSION and IMG_DIRECTORY envs"
+	@IMG_VERSION=${IMG_VERSION} IMG_DIRECTORY=${IMG_DIRECTORY} make replace-chart-images run-on-cluster verify-status run-integration-tests
 
 .PHONY: create-k3d
 create-k3d: ## Create k3d
@@ -145,6 +148,15 @@ run-on-cluster: configure-git-origin render-manifest
 verify-status:
 	@./hack/verify_warden_status.sh
 
+.PHONY: replace-chart-images
+replace-chart-images:
+	yq -i ".global.operator.image = \"europe-docker.pkg.dev/kyma-project/${IMG_DIRECTORY}/warden/operator:${IMG_VERSION}\"" charts/warden/values.yaml
+	yq -i ".global.admission.image = \"europe-docker.pkg.dev/kyma-project/${IMG_DIRECTORY}/warden/admission:${IMG_VERSION}\"" charts/warden/values.yaml
+	@echo "==== Local Changes ===="
+	yq '.global.operator.image' charts/warden/values.yaml
+	yq '.global.admission.image' charts/warden/values.yaml
+	@echo "==== End of Local Changes ===="
+
 ##@ Deployment
 
 ifndef ignore-not-found
diff --git a/charts/warden/values.yaml b/charts/warden/values.yaml
index b8e315e9..9ce058c8 100644
--- a/charts/warden/values.yaml
+++ b/charts/warden/values.yaml
@@ -1,26 +1,21 @@
 # Default values for warden.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
-
 replicaCount: 1
-
 imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
-
 admission:
   enabled: false
-
 operator:
   enabled: true
-
 #Service configuration
 global:
   name: warden
   wardenPriorityClassName: warden-priority
   wardenPriorityClassValue: 2000000
   operator:
-    image: europe-docker.pkg.dev/kyma-project/dev/warden/operator:PR-170
+    image: 'europe-docker.pkg.dev/kyma-project/prod/warden/operator:main'
     resources:
       requests:
         cpu: 10m
@@ -28,9 +23,8 @@ global:
       limits:
         cpu: 300m
         memory: 160Mi
-
   admission:
-    image: europe-docker.pkg.dev/kyma-project/dev/warden/admission:PR-170
+    image: 'europe-docker.pkg.dev/kyma-project/prod/warden/admission:main'
     resources:
       requests:
         cpu: 10m
@@ -38,7 +32,6 @@ global:
       limits:
         cpu: 300m
         memory: 300Mi
-
   config:
     dir: /workspace
     filename: config.yaml
@@ -65,7 +58,6 @@ global:
       logging:
         format: json
         level: info
-
   securityContext:
     runAsNonRoot: true
     runAsUser: 1000
@@ -73,8 +65,6 @@ global:
       drop:
         - ALL
     readOnlyRootFilesystem: true
-
-
 #TODO: group k8s related settings under kubernetes?
 serviceAccount:
   # Specifies whether a service account should be created
@@ -84,30 +74,23 @@ serviceAccount:
   # The name of the service account to use.
   # If not set and create is true, a name is generated using the fullname template
   name: "warden-controller-manager"
-
 service:
   type: ClusterIP
   port: 8443
-
 resources:
-   limits:
-     cpu: 256m
-     memory: 128Mi
-   requests:
-     cpu: 20m
-     memory: 64Mi
-
+  limits:
+    cpu: 256m
+    memory: 128Mi
+  requests:
+    cpu: 20m
+    memory: 64Mi
 autoscaling:
   enabled: false
   minReplicas: 1
   maxReplicas: 100
   targetCPUUtilizationPercentage: 80
   # targetMemoryUtilizationPercentage: 80
-
 nodeSelector: {}
-
 tolerations: []
-
 affinity: {}
-
 imageRenderer: {}
diff --git a/tests/namespace_test.go b/tests/namespace_test.go
index 11a71197..1fd24ffc 100644
--- a/tests/namespace_test.go
+++ b/tests/namespace_test.go
@@ -5,6 +5,9 @@ package tests
 import (
 	"context"
 	"fmt"
+	"testing"
+	"time"
+
 	"github.com/kyma-project/warden/pkg"
 	"github.com/stretchr/testify/require"
 	corev1 "k8s.io/api/core/v1"
@@ -14,8 +17,6 @@ import (
 	"k8s.io/client-go/dynamic"
 	ctrl "sigs.k8s.io/controller-runtime"
 	ctrlclient "sigs.k8s.io/controller-runtime/pkg/client"
-	"testing"
-	"time"
 	"warden.kyma-project.io/tests/helpers"
 )
 
@@ -38,7 +39,7 @@ func TestNamespaceWithLabel_AfterPodCreation(t *testing.T) {
 	require.NoError(t, k8sClient.Create(ctx, untrustedPod))
 
 	//WHEN
-	ns = tc.Namespace().WithValidation(true).Build()
+	ns = tc.Namespace().WithName(ns.ObjectMeta.Name).WithValidation(true).Build()
 	require.NoError(t, k8sClient.Update(ctx, ns))
 
 	//THEN