diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 3920aee114959f69242b80abff6d5c66b9f6acca..7ac9cff5e89af2bae881d0d41bc79b9033b704cd 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -35,10 +35,16 @@ bootstrap:
   script:
     - echo "hostname $HOSTNAME, subdomain $SUBDOMAIN, domain $DOMAIN, address $ADDRESS"
     - python3 -m openappstack $HOSTNAME create --create-droplet $DOMAIN --hostname $HOSTNAME --ssh-key-id $SSH_KEY_ID --create-domain-records --subdomain $SUBDOMAIN
+    # Allows ansible debugging early in the beginning
+    - chmod 700 ansible
+    - cp clusters/ci-${CI_PIPELINE_ID}/inventory.yml ansible/
+    - cp clusters/ci-${CI_PIPELINE_ID}/settings.yml ansible/group_vars/all/
     - python3 -m openappstack $HOSTNAME install --ansible-param='--skip-tags=helmfile'
   artifacts:
     paths:
     - ./clusters
+    - ansible/inventory.yml
+    - ansible/group_vars/all/settings.yml
     expire_in: 1 month
     when: always
   only:
@@ -55,10 +61,14 @@ install:
   script:
     - python3 -m openappstack $HOSTNAME install --ansible-param='--tags=helmfile'
     # Show versions of installed apps/binaries
+    - chmod 700 ansible
+    - cd ansible
     - ansible master -m shell -a 'oas-version-info.sh 2>&1'
   artifacts:
     paths:
     - ./clusters
+    - ansible/inventory.yml
+    - ansible/group_vars/all/settings.yml
     expire_in: 1 month
     when: always
   only:
diff --git a/.gitlab/ci_templates/kaniko.yml b/.gitlab/ci_templates/kaniko.yml
index 9ea7d296769c52ac8180609ba92d28ac8b081d8b..c1cea5b7a488b32ac97fe1fc4b0c6d4b4d8586e6 100644
--- a/.gitlab/ci_templates/kaniko.yml
+++ b/.gitlab/ci_templates/kaniko.yml
@@ -8,6 +8,10 @@
 #
 # - KANIKO_CONTEXT: The subdir which holds the Dockerfile, leave unset if
 #                   the Dockerfile is located at root level of the project.
+#
+# - KANIKO_ADDITIONAL_ARGS: This variable allows you to pass in ARG values that
+#   are used at build time. Similarly to Docker you can specify multiple arguments
+#   using the format `--build-arg NAME=VALUE` as many times as you need.
 .kaniko_build:
   stage: build
   image:
@@ -18,4 +22,4 @@
   script:
     - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
     - if [ -n "${KANIKO_BUILD_IMAGENAME}" ]; then  export IMAGENAME="/${KANIKO_BUILD_IMAGENAME}"; fi
-    - /kaniko/executor --context ${CI_PROJECT_DIR}/${KANIKO_CONTEXT:-.} --dockerfile ${CI_PROJECT_DIR}/${KANIKO_CONTEXT:-.}/Dockerfile --destination ${CI_REGISTRY_IMAGE}${IMAGENAME}:${CI_COMMIT_REF_NAME}
+    - /kaniko/executor --context ${CI_PROJECT_DIR}/${KANIKO_CONTEXT:-.} --dockerfile ${CI_PROJECT_DIR}/${KANIKO_CONTEXT:-.}/Dockerfile --destination ${CI_REGISTRY_IMAGE}${IMAGENAME}:${CI_COMMIT_REF_NAME} ${KANIKO_ADDITIONAL_ARGS}
diff --git a/ansible/group_vars/all/oas.yml b/ansible/group_vars/all/oas.yml
index e138b95352463d27af27e9c040186159ae91ed79..b68260c44d105909cf3bbc3b37e8e107e74fafc0 100644
--- a/ansible/group_vars/all/oas.yml
+++ b/ansible/group_vars/all/oas.yml
@@ -60,3 +60,6 @@ cert_manager:
   # the helm chart. See https://hub.helm.sh/charts/jetstack/cert-manager for
   # details
   crd_version: '0.9'
+
+prometheus:
+  crd_version: 'v0.34.0'
diff --git a/ansible/roles/apps/tasks/prometheus.yml b/ansible/roles/apps/tasks/prometheus.yml
index db9e49a8dd6611404832ac3de12819a4e9ff2414..9d4f800114c62132a6820dec7b2a18a486a36ed5 100644
--- a/ansible/roles/apps/tasks/prometheus.yml
+++ b/ansible/roles/apps/tasks/prometheus.yml
@@ -4,8 +4,7 @@
   tags:
     - helmfile
     - prometheus
-  # NOTE: Change the commit hash in the URL when upgrading Prometheus
-  command: '/snap/bin/kubectl apply -f https://raw.githubusercontent.com/coreos/prometheus-operator/v0.31.1/example/prometheus-operator-crd/{{ item }}'
+  command: '/snap/bin/kubectl apply -f https://raw.githubusercontent.com/coreos/prometheus-operator/{{ prometheus.crd_version }}/example/prometheus-operator-crd/{{ item }}'
   loop:
     - alertmanager.crd.yaml
     - prometheus.crd.yaml
@@ -32,7 +31,7 @@
     recurse: true
   when: prometheus_pv_name.stdout
 
-- name: Install prometheus and graphana
+- name: Install prometheus and grafana
   include_role:
     name: "helmfile"
     tasks_from: "apply"
@@ -43,7 +42,7 @@
       environment:
         - GRAFANA_ADMIN_PASSWORD: "{{ grafana_admin_password }}"
   tags:
-    - monitoring
+    - helmfile
     - prometheus
   vars:
       helmfile: '15-monitoring'
diff --git a/helmfiles/helmfile.d/15-monitoring.yaml b/helmfiles/helmfile.d/15-monitoring.yaml
index 1db3eaa6a9f47f555a4c537d26af5ce881654d25..a73e191cac33f9ff881cebb349ceae1bcbebe5c7 100644
--- a/helmfiles/helmfile.d/15-monitoring.yaml
+++ b/helmfiles/helmfile.d/15-monitoring.yaml
@@ -7,9 +7,9 @@ releases:
   - name: "oas-{{ .Environment.Values.releaseName }}-prometheus"
     namespace: "oas"
     chart: "stable/prometheus-operator"
-    # NOTE: If you change this version, also change the commit hash in
-    # ansible/roles/apps/tasks/helmfiles.yml:34
-    version: 5.15.0
+    # NOTE: If you change this version, also update the crd_version number in
+    # ansible/group_vars/all/oas.yml
+    version: "7.4.0"
     values:
     - "../values/prometheus.yaml.gotmpl"
     - "/etc/OpenAppStack/values/apps/prometheus.yaml.gotmpl"
diff --git a/helmfiles/values/nextcloud.yaml.gotmpl b/helmfiles/values/nextcloud.yaml.gotmpl
index 1445ed7d8a29cda5e2c078320bc48276749af706..e0a84e681f3d24f78286b82336749a8bccd96ca0 100644
--- a/helmfiles/values/nextcloud.yaml.gotmpl
+++ b/helmfiles/values/nextcloud.yaml.gotmpl
@@ -1,4 +1,7 @@
 nextcloud:
+  # Set this to true to debug your nextcloud
+  debug: false
+
   nextcloud:
     host: "files.{{ .Environment.Values.domain }}"
     password: "{{ requiredEnv "NEXTCLOUD_PASSWORD" }}"
diff --git a/helmfiles/values/prometheus.yaml.gotmpl b/helmfiles/values/prometheus.yaml.gotmpl
index 4f05cd179e3fe0e6f1aa1c0456686109f7fa854b..1f6b5571b3c3b9c08ff20ff78d84ea9e87986cb6 100644
--- a/helmfiles/values/prometheus.yaml.gotmpl
+++ b/helmfiles/values/prometheus.yaml.gotmpl
@@ -5,6 +5,20 @@ coreDns:
 kubeDns:
   enabled: false
 
+kubeControllerManager:
+  enabled: false
+  # If you enable this, you need the following selector:
+  service:
+    selector:
+      k8s-app: kube-controller-manager
+
+kubeScheduler:
+  enabled: false
+  # If you enable this, you need the following selector:
+  service:
+    selector:
+      k8s-app: kube-scheduler
+
 alertmanager:
   alertmanagerSpec:
     logFormat: logfmt
diff --git a/test/behave/features/grafana.feature b/test/behave/features/grafana.feature
index adc2282d1607d490e62d10122cbac98ea727f88c..e37fdfecc4c94f3d8ff01409f635747e955dfaa9 100644
--- a/test/behave/features/grafana.feature
+++ b/test/behave/features/grafana.feature
@@ -5,12 +5,12 @@ Feature: Test grafana admin login
 
 Scenario: Open grafana
   When I open the grafana URL
-  Then I wait on element "//input[@name='username']" for 25000ms to be visible
+  Then I wait on element "//input[@name='user']" for 25000ms to be visible
   And I expect that element "#inputPassword" is visible
 
 Scenario: Login to grafana
-  Given the element "//input[@name='username']" is visible
-  When I enter the "grafana" "username" in the inputfield "//input[@name='username']"
+  Given the element "//input[@name='user']" is visible
+  When I enter the "grafana" "username" in the inputfield "//input[@name='user']"
   And I enter the "grafana" "password" in the inputfield "#inputPassword"
   And I click on the button "//div[@id='login-view']//button[@type='submit']"
   Then I wait on element "/html/body/grafana-app/sidemenu/a" for 25000ms to be visible