diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index eb3d47bb204..ce559dd0da1 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -1,4 +1,4 @@
-# Copyright 2022-2024 the Kubeapps contributors.
+# Copyright 2022-2025 the Kubeapps contributors.
 # SPDX-License-Identifier: Apache-2.0
 
 ---
@@ -16,8 +16,6 @@ jobs:
   analyze:
     name: Analyze
     runs-on: ubuntu-latest
-    # Known issue for go 1.18 support in codeql-go
-    # ref https://bytemeta.vip/repo/github/codeql-action/issues/1059?page=2
     continue-on-error: true
     permissions:
       actions: read
@@ -28,8 +26,6 @@ jobs:
       fail-fast: false
       matrix:
         language: ["go", "javascript"]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
 
     steps:
       - name: Checkout repository
@@ -43,7 +39,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -55,7 +51,7 @@ jobs:
 
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
+        uses: github/codeql-action/autobuild@v4
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
diff --git a/.github/workflows/kubeapps-custom-commit.yaml b/.github/workflows/kubeapps-custom-commit.yaml
deleted file mode 100644
index a4c84d84efc..00000000000
--- a/.github/workflows/kubeapps-custom-commit.yaml
+++ /dev/null
@@ -1,53 +0,0 @@
-# Copyright 2025 the Kubeapps contributors.
-# SPDX-License-Identifier: Apache-2.0
-
----
-name: Build Custom Commit
-
-on:
-  workflow_dispatch:
-    inputs:
-      git_ref:
-        description: 'Git commit SHA, branch, or tag to build'
-        required: true
-        type: string
-      run_gke_tests:
-        description: 'Run GKE tests (requires cloud setup)'
-        required: false
-        type: boolean
-        default: false
-      run_linters:
-        description: 'Run linters'
-        required: false
-        type: boolean
-        default: false
-      trigger_release:
-        description: 'Trigger release process'
-        required: false
-        type: boolean
-        default: false
-
-jobs:
-  checkout_and_build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository at specified commit
-        uses: actions/checkout@v4
-        with:
-          ref: ${{ inputs.git_ref }}
-          fetch-depth: 0
-
-      - name: Verify checkout
-        run: |
-          echo "Checked out commit: $(git rev-parse HEAD)"
-          echo "Short SHA: $(git rev-parse --short HEAD)"
-          echo "Branch/Tag: $(git describe --all --exact-match 2>/dev/null || echo 'detached HEAD')"
-          git log -1 --oneline
-
-  CI:
-    needs: checkout_and_build
-    uses: ./.github/workflows/kubeapps-general.yaml
-    with:
-      run_linters: ${{ inputs.run_linters }}
-      trigger_release: ${{ inputs.trigger_release }}
-    secrets: inherit
diff --git a/.github/workflows/kubeapps-general.yaml b/.github/workflows/kubeapps-general.yaml
index f5d779b26c5..40fd7daf24a 100644
--- a/.github/workflows/kubeapps-general.yaml
+++ b/.github/workflows/kubeapps-general.yaml
@@ -43,7 +43,7 @@ env:
   # DEBUG_MODE allows to activate some SSH debugging steps, and modify the verbosity level of some scripts (eg. e2e-tests.sh)
   DEBUG_MODE: "false"
   DOCKER_REGISTRY_VERSION: "3.0.0"
-  FLUX_VERSION: "v2.7.3"
+  FLUX_VERSION: "v2.2.3"
   GITHUB_VERSION: "2.83.1"
   GOLANG_VERSION: "1.25.4"
   GOLANGCI_LINT_VERSION: "2.6.2"
diff --git a/chart/kubeapps/CHANGELOG.md b/chart/kubeapps/CHANGELOG.md
index 178084671a2..4771c0f63d1 100644
--- a/chart/kubeapps/CHANGELOG.md
+++ b/chart/kubeapps/CHANGELOG.md
@@ -12,7 +12,6 @@
 * [bitnami/*] Upgrade Helm stable version to v4.0.0
 * [bitnami/*] Upgrade Chartmuseum to 3.10.4
 * [bitnami/*] Upgrade kind to v0.30.0 with kubectl 1.33.4 => kubernetes version 1.33.4
-* [bitnami/*] Upgrade flux to v2.7.3
 * [bitnami/*] Upgrade golangci-lint to v2.6.2
 * [bitnami/build] Upgrade docker registry version to 3.0.0
 * [bitnami/build] Remove support for integration test on GKE
@@ -22,6 +21,8 @@
 * [bitnami/pinniped] Upgrade rust to 1.91.1
 * [bitnami/operator] Upgrade OLM to v0.38.0
 
+**Info**: An upgrade to Flux v2.7 was tried but reverted. The effort is small but there are a few code changes which couldn't be done automatically. Contribution welcomed.
+
 ## 17.1.1 (2024-12-24)
 
 * [bitnami/kubeapps] Release 17.1.1 ([#31153](https://github.com/bitnami/charts/pull/31153))
diff --git a/script/e2e-test.sh b/script/e2e-test.sh
index e22b9d74ec5..62dfd2bfb4c 100755
--- a/script/e2e-test.sh
+++ b/script/e2e-test.sh
@@ -30,7 +30,7 @@ TEST_TIMEOUT_MINUTES=${TEST_TIMEOUT_MINUTES:-"4"}
 DEX_IP=${DEX_IP:-"172.18.0.2"}
 ADDITIONAL_CLUSTER_IP=${ADDITIONAL_CLUSTER_IP:-"172.18.0.3"}
 CHARTMUSEUM_VERSION=${CHARTMUSEUM_VERSION:-"3.10.4"}
-FLUX_VERSION=${FLUX_VERSION:-"v2.7.3"}
+FLUX_VERSION=${FLUX_VERSION:-"v2.2.3"}
 
 # IMG_PREFIX default previously pointed to Docker Hub:
 # IMG_PREFIX=${IMG_PREFIX:-"kubeapps/"}
@@ -70,7 +70,7 @@ fi
 . "${ROOT_DIR}/script/lib/libutil.sh"
 
 # Get the load balancer IP
-LOAD_BALANCER_IP=$(kubectl -n nginx-ingress get service nginx-ingress-ingress-nginx-controller -o jsonpath="{.status.loadBalancer.ingress[].ip}")
+LOAD_BALANCER_IP=$DEX_IP
 
 # Functions for local Docker registry mgmt
 . "${ROOT_DIR}/script/local-docker-registry.sh"
@@ -252,6 +252,10 @@ installFlux() {
   k8s_wait_for_deployment ${namespace} helm-controller
   k8s_wait_for_deployment ${namespace} source-controller
 
+  # Remove Flux NetworkPolicies (kind environment unreliable for NP-based isolation)
+  info "Removing Flux NetworkPolicies to avoid connectivity issues in kind"
+  kubectl get networkpolicy -n ${namespace} -o name | xargs -r kubectl delete -n ${namespace} || true
+
   # Add test repository.
   info "Install flux helm repository"
   #kubectl apply -f https://raw.githubusercontent.com/fluxcd/source-controller/main/config/samples/source_v1_helmrepository.yaml
@@ -735,7 +739,7 @@ if [[ "${TESTS_GROUP}" == "${ALL_TESTS}" || "${TESTS_GROUP}" == "${OPERATOR_TEST
     # re-installing postgres.
     info "Installing latest Kubeapps chart available"
     installOrUpgradeKubeapps "${ROOT_DIR}/chart/kubeapps" \
-      "--set" "packaging.helm.enabled=false" \
+      "--set" "packaging.helm.enabled=true" \
       "--set" "featureFlags.operators=true"
 
     info "Waiting for Kubeapps components to be ready (bitnami chart)..."