diff --git a/charts/lightdash/Chart.yaml b/charts/lightdash/Chart.yaml
index 3e7d392..55d51b6 100644
--- a/charts/lightdash/Chart.yaml
+++ b/charts/lightdash/Chart.yaml
@@ -6,7 +6,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.5.5
+version: 1.5.6
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
diff --git a/charts/lightdash/README.md b/charts/lightdash/README.md
index f7c83ff..686f657 100644
--- a/charts/lightdash/README.md
+++ b/charts/lightdash/README.md
@@ -140,4 +140,4 @@ If you don't want helm to manage this, you may wish to separately create a secre
 | tolerations | list | `[]` |  |
 
 ----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.7.0](https://github.com/norwoodj/helm-docs/releases/v1.7.0)
+Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
diff --git a/charts/lightdash/templates/_helpers.tpl b/charts/lightdash/templates/_helpers.tpl
index 8b77ce4..358d436 100644
--- a/charts/lightdash/templates/_helpers.tpl
+++ b/charts/lightdash/templates/_helpers.tpl
@@ -157,3 +157,28 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
 {{- define "lightdash.headlessBrowser.port" -}}
     {{- printf ((index .Values "browserless-chrome").service.port | toString) -}}
 {{- end -}}
+
+
+{{/* 
+Generate checksum using both standard and encrypted secret file types
+Usage: {{ include "checksums.secrets" . }}
+*/}}
+{{- define "checksums.secrets" -}}
+{{- $files := list -}}
+{{- $path := $.Template.BasePath -}}
+
+{{/* Add standard secrets */}}
+{{- $files = append $files (print $path "/secrets.yaml") -}}
+
+{{/* Add encrypted secret files if they exist */}}
+{{- $encryptedFiles := concat (.Files.Glob "*secrets.yaml.encrypted") (.Files.Glob "*secrets.enc.yaml") -}}
+{{- if $encryptedFiles -}}
+    {{- range $encryptedFiles -}}
+        {{- $files = append $files . -}}
+    {{- end -}}
+{{- end -}}
+
+{{/* Generate combined checksum from secret file(s) */}}
+{{- range $files }}
+{{- include . $ | sha256sum -}}
+{{- end -}}
diff --git a/charts/lightdash/templates/backendDeployment.yaml b/charts/lightdash/templates/backendDeployment.yaml
index d94a91e..1d79ca1 100644
--- a/charts/lightdash/templates/backendDeployment.yaml
+++ b/charts/lightdash/templates/backendDeployment.yaml
@@ -20,7 +20,7 @@ spec:
           {{- toYaml . | nindent 8 }}
         {{- end }}
         checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
-        checksum/secrets: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
+        checksum/secrets: {{ include "checksums.secrets" . }}
       labels:
         {{- include "lightdash.selectorLabels" . | nindent 8 }}
         app.kubernetes.io/component: backend
diff --git a/charts/lightdash/templates/workerDeployment.yaml b/charts/lightdash/templates/workerDeployment.yaml
index 5e696d5..aedd4c1 100644
--- a/charts/lightdash/templates/workerDeployment.yaml
+++ b/charts/lightdash/templates/workerDeployment.yaml
@@ -19,7 +19,7 @@ spec:
           {{- toYaml . | nindent 8 }}
         {{- end }}
         checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
-        checksum/secrets: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
+        checksum/secrets: {{ include "checksums.secrets" . }}
       labels:
         {{- include "lightdash.selectorLabels" . | nindent 8 }}
         app.kubernetes.io/component: worker