diff --git a/install/installer/leeway.Dockerfile b/install/installer/leeway.Dockerfile
index 42083f71bc17d0..979615ae0fadbb 100644
--- a/install/installer/leeway.Dockerfile
+++ b/install/installer/leeway.Dockerfile
@@ -3,6 +3,7 @@
 # See License-AGPL.txt in the project root for license information.
 
 FROM alpine:3.15
+COPY --from=alpine/helm:3.8.0 /usr/bin/helm /usr/bin/helm
 COPY install-installer--app/installer install-installer--app/provenance-bundle.jsonl /app/
 RUN apk add --no-cache curl yq  \
     && curl -L "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" -o /usr/local/bin/kubectl \
diff --git a/install/kots/manifests/gitpod-installer-job.yaml b/install/kots/manifests/gitpod-installer-job.yaml
index 171caa880855ad..428c44fd2db68b 100644
--- a/install/kots/manifests/gitpod-installer-job.yaml
+++ b/install/kots/manifests/gitpod-installer-job.yaml
@@ -43,7 +43,7 @@ spec:
       containers:
         - name: installer
           # This will normally be the release tag - using this tag as need the license evaluator
-          image: 'eu.gcr.io/gitpod-core-dev/build/installer:sje-licensing.24'
+          image: 'eu.gcr.io/gitpod-core-dev/build/installer:sje-kots-helm.7'
           volumeMounts:
             - mountPath: /config-patch
               name: config-patch
@@ -182,16 +182,39 @@ spec:
               config=$(cat "${CONFIG_FILE}")
               echo "Gitpod: ${CONFIG_FILE}=${config}"
 
-              /app/installer render -c "${CONFIG_FILE}" --namespace {{repl Namespace }} > /tmp/gitpod.yaml
+              echo "Gitpod: Create a Helm template directory"
+              rm -Rf "${GITPOD_OBJECTS}"
+              mkdir -p "${GITPOD_OBJECTS}/templates"
+              cat <<EOF >> "${GITPOD_OBJECTS}/Chart.yaml"
+              apiVersion: v2
+              name: gitpod-kots
+              description: Always ready-to-code
+              Version: "1.0.0"
+              appVersion: "$(/app/installer version | yq e '.version' -)"
+              EOF
+
+              /app/installer render -c "${CONFIG_FILE}" --namespace {{repl Namespace }} > "${GITPOD_OBJECTS}/templates/gitpod.yaml"
 
               # Workaround for #8532 and #8529
               echo "Gitpod: Remove the StatefulSet status object for OpenVSX Proxy"
               yq eval-all --inplace \
                 'del(select(.kind == "StatefulSet" and .metadata.name == "openvsx-proxy").status)' \
-                /tmp/gitpod.yaml
+                "${GITPOD_OBJECTS}/templates/gitpod.yaml"
 
+              # The long timeout is to ensure the TLS cert is created (if required)
               echo "Gitpod: Apply the Kubernetes objects"
-              kubectl apply -f /tmp/gitpod.yaml
+              helm upgrade \
+                --atomic \
+                --cleanup-on-fail \
+                --create-namespace \
+                --install \
+                --namespace="{{repl Namespace }}" \
+                --reset-values \
+                --timeout 1h \
+                --wait \
+                --wait-for-jobs \
+                gitpod \
+                "${GITPOD_OBJECTS}"
 
               echo "Gitpod: Installer job finished - goodbye"
       volumes: