diff --git a/hack/helm-reference-gen/fixtures/full-values.golden b/hack/helm-reference-gen/fixtures/full-values.golden
deleted file mode 100644
index 703d8fc..0000000
--- a/hack/helm-reference-gen/fixtures/full-values.golden
+++ /dev/null
@@ -1,178 +0,0 @@
-## Top-Level Stanzas
-
-Use these links to navigate to a particular top-level stanza.
-
-- [`controller`](#h-controller)
-- [`metricsService`](#h-metricsservice)
-- [`defaultVaultConnection`](#h-defaultvaultconnection)
-- [`defaultAuthMethod`](#h-defaultauthmethod)
-- [`tests`](#h-tests)
-
-## All Values
-
-### controller ((#h-controller))
-
-- `controller` ((#v-controller)) - Top level configuration for the vault secrets operator deployment.
-  This is comprised of a controller and a kube rbac proxy container.
-
-  - `replicas` ((#v-controller-replicas)) (`integer: 1`) - Set the number of replicas for the operator.
-
-  - `kubeRbacProxy` ((#v-controller-kuberbacproxy)) - Settings related to the kubeRbacProxy container. This container is an HTTP proxy for the
-    controller manager which performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
-
-    - `image` ((#v-controller-kuberbacproxy-image)) - Image sets the repo and tag of the kube-rbac-proxy image to use for the controller.
-
-      - `repository` ((#v-controller-kuberbacproxy-image-repository)) (`string: gcr.io/kubebuilder/kube-rbac-proxy`)
-
-      - `tag` ((#v-controller-kuberbacproxy-image-tag)) (`string: v0.11.0`)
-
-    - `resources` ((#v-controller-kuberbacproxy-resources)) (`map`) - Configures the default resources for the kube rbac proxy container.
-      For more information on configuring resources, see the K8s documentation:
-      https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-
-      - `limits` ((#v-controller-kuberbacproxy-resources-limits))
-
-        - `cpu` ((#v-controller-kuberbacproxy-resources-limits-cpu)) (`string: 500m`)
-
-        - `memory` ((#v-controller-kuberbacproxy-resources-limits-memory)) (`string: 128Mi`)
-
-      - `requests` ((#v-controller-kuberbacproxy-resources-requests))
-
-        - `cpu` ((#v-controller-kuberbacproxy-resources-requests-cpu)) (`string: 5m`)
-
-        - `memory` ((#v-controller-kuberbacproxy-resources-requests-memory)) (`string: 64Mi`)
-
-  - `manager` ((#v-controller-manager)) - Settings related to the vault-secrets-operator container.
-
-    - `image` ((#v-controller-manager-image)) - Image sets the repo and tag of the vault-secrets-operator image to use for the controller.
-
-      - `repository` ((#v-controller-manager-image-repository)) (`string: hashicorp/vault-secrets-operator`)
-
-      - `tag` ((#v-controller-manager-image-tag)) (`string: 0.0.0-dev`)
-
-    - `resources` ((#v-controller-manager-resources)) (`map`) - Configures the default resources for the vault-secrets-operator container.
-      For more information on configuring resources, see the K8s documentation:
-      https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-
-      - `limits` ((#v-controller-manager-resources-limits))
-
-        - `cpu` ((#v-controller-manager-resources-limits-cpu)) (`string: 500m`)
-
-        - `memory` ((#v-controller-manager-resources-limits-memory)) (`string: 128Mi`)
-
-      - `requests` ((#v-controller-manager-resources-requests))
-
-        - `cpu` ((#v-controller-manager-resources-requests-cpu)) (`string: 10m`)
-
-        - `memory` ((#v-controller-manager-resources-requests-memory)) (`string: 64Mi`)
-
-  - `controllerConfigMapYaml` ((#v-controller-controllerconfigmapyaml)) (`map`) - Sets the configuration settings used by the controller. Any custom changes will be reflected in the
-    data field of the configmap.
-    For more information on configuring resources, see the K8s documentation:
-    https://kubernetes.io/docs/concepts/configuration/configmap/
-
-    - `health` ((#v-controller-controllerconfigmapyaml-health))
-
-      - `healthProbeBindAddress` ((#v-controller-controllerconfigmapyaml-health-healthprobebindaddress)) (`string: :8081`)
-
-    - `leaderElection` ((#v-controller-controllerconfigmapyaml-leaderelection))
-
-      - `leaderElect` ((#v-controller-controllerconfigmapyaml-leaderelection-leaderelect)) (`boolean: true`)
-
-      - `resourceName` ((#v-controller-controllerconfigmapyaml-leaderelection-resourcename)) (`string: b0d477c0.hashicorp.com`)
-
-    - `metrics` ((#v-controller-controllerconfigmapyaml-metrics))
-
-      - `bindAddress` ((#v-controller-controllerconfigmapyaml-metrics-bindaddress)) (`string: 127.0.0.1:8080`)
-
-    - `webhook` ((#v-controller-controllerconfigmapyaml-webhook))
-
-      - `port` ((#v-controller-controllerconfigmapyaml-webhook-port)) (`integer: 9443`)
-
-  - `kubernetesClusterDomain` ((#v-controller-kubernetesclusterdomain)) (`string: cluster.local`) - Configures the environment variable KUBERNETES_CLUSTER_DOMAIN used by KubeDNS.
-
-### metricsService ((#h-metricsservice))
-
-- `metricsService` ((#v-metricsservice)) (`map`) - Configure the metrics service ports used by the metrics service.
-  Set the configuration fo the metricsService port.
-
-  - `ports` ((#v-metricsservice-ports)) (`map`) - Set the port settings for the metrics service.
-    For more information on configuring resources, see the K8s documentation:
-    https://kubernetes.io/docs/concepts/services-networking/service/
-
-  - `name` ((#v-metricsservice-ports-name)) (`string: https`)
-
-  - `port` ((#v-metricsservice-ports-port)) (`integer: 8443`)
-
-  - `protocol` ((#v-metricsservice-ports-protocol)) (`string: TCP`)
-
-  - `targetPort` ((#v-metricsservice-ports-targetport)) (`string: https`)
-
-  - `type` ((#v-metricsservice-type)) (`string: ClusterIP`)
-
-### defaultVaultConnection ((#h-defaultvaultconnection))
-
-- `defaultVaultConnection` ((#v-defaultvaultconnection)) - Configures the default VaultConnection CR which will be used by resources
-  if they do not specify a VaultConnection reference. The name is 'default' and will
-  always be installed in the same namespace as the operator.
-
-  - `enabled` ((#v-defaultvaultconnection-enabled)) (`boolean: false`) - toggles the deployment of the VaultAuthMethod CR
-
-  - `address` ((#v-defaultvaultconnection-address)) (`string: http://vault.default.svc.cluster.local:8200`) - Address of the Vault Server
-
-  - `caCertSecret` ((#v-defaultvaultconnection-cacertsecret)) (`string: ""`) - CACertSecret containing the trusted PEM encoded CA certificate chain.
-    Note: This secret must exist prior to deploying the CR.
-
-  - `tlsServerName` ((#v-defaultvaultconnection-tlsservername)) (`string: ""`) - TLSServerName to use as the SNI host for TLS connections.
-
-  - `skipTLSVerify` ((#v-defaultvaultconnection-skiptlsverify)) (`boolean: false`) - SkipTLSVerify for TLS connections.
-
-  - `headers` ((#v-defaultvaultconnection-headers)) (`string: ""`) - Headers to be included in all Vault requests.
-    headers: |
-      "vault-something1": "foo"
-      "vault-something2": "bar"
-      "vault-something3": "baz"
-
-### defaultAuthMethod ((#h-defaultauthmethod))
-
-- `defaultAuthMethod` ((#v-defaultauthmethod)) - Configures and deploys the default VaultAuthMethod CR which will be used by resources
-  if they do not specify a VaultAuthMethod reference. The name is 'default' and will
-  always be installed in the same namespace as the operator.
-
-  - `enabled` ((#v-defaultauthmethod-enabled)) (`boolean: false`) - toggles the deployment of the VaultAuthMethod CR
-
-  - `namespace` ((#v-defaultauthmethod-namespace)) (`string: default`) - Vault namespace for the VaultAuthMethod CR
-
-  - `method` ((#v-defaultauthmethod-method)) (`string: kubernetes`) - Vault Auth method to be used with the VaultAuthMethod CR
-
-  - `mount` ((#v-defaultauthmethod-mount)) (`string: kubernetes`) - Mount path for the Vault Auth Method.
-
-  - `kubernetes` ((#v-defaultauthmethod-kubernetes)) - Vault Kubernetes auth method specific configuration
-
-    - `role` ((#v-defaultauthmethod-kubernetes-role)) (`string: demo`) - Vault Auth Role to use
-      This is a required field and must be setup in Vault prior to deploying the helm chart
-      if `defaultAuthMethod.enabled=true`
-      TODO: mark required in the charts.
-
-    - `serviceAccount` ((#v-defaultauthmethod-kubernetes-serviceaccount)) (`string: default`) - Kubernetes ServiceAccount associated with the default Vault Auth Role
-
-    - `tokenAudiences` ((#v-defaultauthmethod-kubernetes-tokenaudiences)) (`array<string>: []`) - Token Audience is required and should match whatever the audience
-      of the vault kubernetes auth role has set.
-
-  - `params` ((#v-defaultauthmethod-params)) (`string: ""`) - Params to use when authenticating to Vault
-    params: |
-      "vault-something1": "foo"
-      "vault-something2": "bar"
-      "vault-something3": "baz"
-
-  - `headers` ((#v-defaultauthmethod-headers)) (`string: ""`) - Headers to be included in all Vault requests.
-    headers: |
-      "vault-something1": "foo"
-      "vault-something2": "bar"
-      "vault-something3": "baz"
-
-### tests ((#h-tests))
-
-- `tests` ((#v-tests)) - # Used by unit tests, and will not be rendered except when using `helm template`, this can be safely ignored.
-
-  - `enabled` ((#v-tests-enabled)) (`boolean: true`)
diff --git a/hack/helm-reference-gen/fixtures/full-values.yaml b/hack/helm-reference-gen/fixtures/full-values.yaml
deleted file mode 100644
index 564f291..0000000
--- a/hack/helm-reference-gen/fixtures/full-values.yaml
+++ /dev/null
@@ -1,183 +0,0 @@
-# Copyright (c) HashiCorp, Inc.
-# SPDX-License-Identifier: MPL-2.0
-
-# Top level configuration for the vault secrets operator deployment.
-# This is comprised of a controller and a kube rbac proxy container.
-controller:
-
-  # Set the number of replicas for the operator.
-  # @type: integer
-  replicas: 1
-
-  # Settings related to the kubeRbacProxy container. This container is an HTTP proxy for the
-  # controller manager which performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
-  kubeRbacProxy:
-    # Image sets the repo and tag of the kube-rbac-proxy image to use for the controller.
-    image:
-      repository: gcr.io/kubebuilder/kube-rbac-proxy
-      tag: v0.11.0
-
-    # Configures the default resources for the kube rbac proxy container.
-    # For more information on configuring resources, see the K8s documentation:
-    # https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-    # @recurse: true
-    # @type: map
-    resources:
-      limits:
-        cpu: 500m
-        memory: 128Mi
-      requests:
-        cpu: 5m
-        memory: 64Mi
-
-  # Settings related to the vault-secrets-operator container.
-  manager:
-    # Image sets the repo and tag of the vault-secrets-operator image to use for the controller.
-    image:
-      repository: hashicorp/vault-secrets-operator
-      tag: 0.0.0-dev
-
-    # Configures the default resources for the vault-secrets-operator container.
-    # For more information on configuring resources, see the K8s documentation:
-    # https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-    # @recurse: true
-    # @type: map
-    resources:
-      limits:
-        cpu: 500m
-        memory: 128Mi
-      requests:
-        cpu: 10m
-        memory: 64Mi
-
-  # Sets the configuration settings used by the controller. Any custom changes will be reflected in the
-  # data field of the configmap.
-  # For more information on configuring resources, see the K8s documentation:
-  # https://kubernetes.io/docs/concepts/configuration/configmap/ 
-  # @recurse: true
-  # @type: map
-  controllerConfigMapYaml:
-    health:
-      healthProbeBindAddress: :8081
-    leaderElection:
-      leaderElect: true
-      resourceName: b0d477c0.hashicorp.com
-    metrics:
-      bindAddress: 127.0.0.1:8080
-    webhook:
-      port: 9443
-
-  # Configures the environment variable KUBERNETES_CLUSTER_DOMAIN used by KubeDNS.
-  # @type: string
-  kubernetesClusterDomain: cluster.local
-
-
-# Configure the metrics service ports used by the metrics service.
-# Set the configuration fo the metricsService port.
-# @recurse: true
-# @type: map
-metricsService:
-  # Set the port settings for the metrics service.
-  # For more information on configuring resources, see the K8s documentation:
-  # https://kubernetes.io/docs/concepts/services-networking/service/ 
-  # @type: map
-  ports:
-  - name: https
-    port: 8443
-    protocol: TCP
-    targetPort: https
-  type: ClusterIP
-
-# Configures the default VaultConnection CR which will be used by resources
-# if they do not specify a VaultConnection reference. The name is 'default' and will
-# always be installed in the same namespace as the operator.
-defaultVaultConnection:
-  # toggles the deployment of the VaultAuthMethod CR
-  # @type: boolean
-  enabled: false
-
-  # Address of the Vault Server
-  # @type: string
-  address: http://vault.default.svc.cluster.local:8200
-
-  # CACertSecret containing the trusted PEM encoded CA certificate chain.
-  # Note: This secret must exist prior to deploying the CR.
-  # @type: string
-  caCertSecret: ""
-
-  # TLSServerName to use as the SNI host for TLS connections.
-  # @type: string
-  tlsServerName: ""
-
-  # SkipTLSVerify for TLS connections.
-  # @type: boolean
-  skipTLSVerify: false
-
-  # Headers to be included in all Vault requests.
-  # @type: string, eg:
-  # headers: |
-  #   "vault-something1": "foo"
-  #   "vault-something2": "bar"
-  #   "vault-something3": "baz"
-  # @type: string
-  headers: ""
-
-
-# Configures and deploys the default VaultAuthMethod CR which will be used by resources
-# if they do not specify a VaultAuthMethod reference. The name is 'default' and will
-# always be installed in the same namespace as the operator.
-defaultAuthMethod:
-  # toggles the deployment of the VaultAuthMethod CR
-  # @type: boolean
-  enabled: false
-
-  # Vault namespace for the VaultAuthMethod CR
-  # @type: string
-  namespace: default
-
-  # Vault Auth method to be used with the VaultAuthMethod CR
-  # @type: string
-  method: kubernetes
-
-  # Mount path for the Vault Auth Method.
-  # @type: string
-  mount: kubernetes
-
-  # Vault Kubernetes auth method specific configuration
-  kubernetes:
-    # Vault Auth Role to use
-    # This is a required field and must be setup in Vault prior to deploying the helm chart
-    # if `defaultAuthMethod.enabled=true`
-    # TODO: mark required in the charts.
-    # @type: string
-    role: demo
-
-    # Kubernetes ServiceAccount associated with the default Vault Auth Role
-    # @type: string
-    serviceAccount: default
-
-    # Token Audience is required and should match whatever the audience
-    # of the vault kubernetes auth role has set.
-    # @type: array<string>
-    tokenAudiences: []
-
-  # Params to use when authenticating to Vault
-  # params: |
-  #   "vault-something1": "foo"
-  #   "vault-something2": "bar"
-  #   "vault-something3": "baz"
-  # @type: string
-  params: ""
-
-  # Headers to be included in all Vault requests.
-  # headers: |
-  #   "vault-something1": "foo"
-  #   "vault-something2": "bar"
-  #   "vault-something3": "baz"
-  # @type: string
-  headers: ""
-
-## Used by unit tests, and will not be rendered except when using `helm template`, this can be safely ignored. 
-tests:
-  # @type: boolean
-  enabled: true