diff --git a/helm/cridge/.helmignore b/helm/cridge/.helmignore
new file mode 100644
index 0000000000000000000000000000000000000000..0e8a0eb36f4ca2c939201c0d54b5d82a1ea34778
--- /dev/null
+++ b/helm/cridge/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/helm/cridge/Chart.yaml b/helm/cridge/Chart.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b2f5982d5abee6bd8da4a651e6abb678d3902dc8
--- /dev/null
+++ b/helm/cridge/Chart.yaml
@@ -0,0 +1,23 @@
+apiVersion: v2
+name: cridge
+description: Cridge Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 1.0.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+appVersion: 2024Q4-SNAPSHOT
diff --git a/helm/cridge/files/org.etsi.osl.cridge/kubeconfig.yaml.empty b/helm/cridge/files/org.etsi.osl.cridge/kubeconfig.yaml.empty
new file mode 100644
index 0000000000000000000000000000000000000000..11764038afa4e39de82cc537994a03903690cde2
--- /dev/null
+++ b/helm/cridge/files/org.etsi.osl.cridge/kubeconfig.yaml.empty
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Config
+clusters:
+- name: development-cluster
+  cluster:
+    certificate-authority: path/to/ca.crt # Path to certificate authority file
+    server: https://123.45.67.89:6443 # Cluster API server address
+contexts:
+- name: dev-user@development-cluster
+  context:
+    cluster: development-cluster
+    namespace: development # Default namespace
+    user: dev-user
+current-context: dev-user@development-cluster
+users:
+- name: dev-user
+  user:
+    client-certificate: path/to/cert.crt # Path to the client certificate
+    client-key: path/to/key.key # Path to the client key
diff --git a/helm/cridge/templates/_helpers.tpl b/helm/cridge/templates/_helpers.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..89f9f71fba483f569751099ef78cdfb1da8a3f4c
--- /dev/null
+++ b/helm/cridge/templates/_helpers.tpl
@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "openslice.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "openslice.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "openslice.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "openslice.labels" -}}
+helm.sh/chart: {{ include "openslice.chart" . }}
+{{ include "openslice.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "openslice.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "openslice.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "openslice.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "openslice.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/helm/cridge/templates/deployment.yaml b/helm/cridge/templates/deployment.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..0353795d55c52108050cc68941e183099492838b
--- /dev/null
+++ b/helm/cridge/templates/deployment.yaml
@@ -0,0 +1,57 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:	
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ include "openslice.fullname" . }}
+    org.etsi.osl.service: cridge
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+    {{- include "openslice.labels" . | nindent 4 }}
+  name: {{ include "openslice.fullname" . }}-cridge
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ include "openslice.fullname" . }}
+      org.etsi.osl.service: cridge
+      {{- include "openslice.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "openslice.fullname" . }}
+        org.etsi.osl.service: cridge
+        {{- include "openslice.selectorLabels" . | nindent 8 }}
+    spec:
+      containers:
+        - image: "{{ .Values.image.cridge.repository }}:{{ .Values.image.cridge.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.cridge.pullPolicy | default "Always" }}
+          name: {{ include "openslice.fullname" . }}-cridge
+          env:
+            - name: SPRING_APPLICATION_JSON
+              value: >-
+                {
+                  "spring.activemq.brokerUrl": "{{ .Values.oscreds.activemq.brokerUrl }}",  
+                  "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", 
+                  "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}",
+                  "logging.level.org.springframework" : "{{ .Values.spring.logLevel | default "INFO" }}",
+                  "logging.level.org.etsi.osl.cridge" : "{{ .Values.logLevel | default "INFO" }}" 
+                }
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          securityContext:
+            {{- if .Values.securityContext.enabled }}
+            allowPrivilegeEscalation: {{ .Values.securityContext.allowPrivilegeEscalation }}
+            capabilities:
+              drop: {{ .Values.securityContext.capabilities.drop }}
+            seccompProfile:
+              type: {{ .Values.securityContext.seccompProfile.type }}
+            {{- end }}
+          volumeMounts:
+            - name: kubeconfig
+              readOnly: true
+              mountPath: /root/.kube
+      restartPolicy: Always
+      volumes:
+        - name: kubeconfig
+          secret:
+            secretName: {{ include "openslice.fullname" . }}-kubeconfig
diff --git a/helm/cridge/templates/secret.yaml b/helm/cridge/templates/secret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..5d0e729ff52f96a3f218498446febbf07d0ac9d4
--- /dev/null
+++ b/helm/cridge/templates/secret.yaml
@@ -0,0 +1,28 @@
+{{- $kubeconfigBase64 := .Values.kubeconfig.base64 | default "" -}}
+{{- $kubeconfigFile := .Values.kubeconfig.raw | default (.Files.Get "files/org.etsi.osl.cridge/kubeconfig.yaml") -}}
+{{- $kubeconfig := "" -}}
+
+{{- if $kubeconfigBase64 }}
+  {{- $kubeconfig = $kubeconfigBase64 | b64dec }}
+{{- else if $kubeconfigFile }}
+  {{- $kubeconfig = $kubeconfigFile }}
+{{- end }}
+
+apiVersion: v1
+kind: Secret
+metadata:
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ include "openslice.fullname" . }}
+    org.etsi.osl.service: cridge
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+    {{- include "openslice.labels" . | nindent 4 }}
+  name: {{ include "openslice.fullname" . }}-kubeconfig
+type: Opaque
+data:
+  config: |-
+    {{- if $kubeconfig }}
+    {{ $kubeconfig | b64enc | nindent 4 }}
+    {{- else }}
+    {{- required "A kubeconfig file is required." ($kubeconfig | b64enc) | nindent 4 }}
+    {{- end }}
diff --git a/helm/cridge/values.yaml b/helm/cridge/values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1d87a532db9f2dedef0881fd3a0de007c17f54fb
--- /dev/null
+++ b/helm/cridge/values.yaml
@@ -0,0 +1,32 @@
+# Default values for cridge.
+
+replicaCount: 1
+
+image:
+  cridge:
+    repository: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge
+    pullPolicy: Always
+    # Overrides the image tag whose default is the chart appVersion.
+    tag: "develop"
+
+oscreds:
+  activemq:
+    brokerUrl: tcp://openslice-artemis:61616?jms.watchTopicAdvisories=false # Where the cridge should connect to
+    user: artemis
+    password: artemis
+
+logLevel: INFO
+spring:
+  loglevel: INFO
+
+securityContext:
+  enabled: true
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop: ["ALL"]
+  seccompProfile:
+    type: RuntimeDefault
+
+kubeconfig:
+  base64: ""   # Provide base64-encoded kubeconfig here if available
+  raw: ""      # Provide raw kubeconfig here if available