diff --git a/argo1/install-crds.sh b/argo1/install-crds.sh
index 6388b27..c3426ea 100644
--- a/argo1/install-crds.sh
+++ b/argo1/install-crds.sh
@@ -1,15 +1,58 @@
 #!/bin/bash
 
-cd "$(dirname "$0")"
+MAINDIR="$(dirname "$0")"
+cd "$MAINDIR"
+
+application_chart_info() {
+  F="$1"
+  yq -o json . "$F" | jq -r '
+      .spec.source
+    | (
+      @sh "CHART=\(.chart)",
+      @sh "VERSION=\(.targetRevision)",
+      @sh "REPO=\(.repoURL)"
+    )
+  '
+}
+
+dependency_chart_info() {
+  F="${1:-"$MAINDIR"/Chart.yaml}"
+  DEP="${2:-0}"
+
+  yq -o json . "$F" | jq -r --argjson d "$DEP" '
+      .dependencies[$d]
+    | (
+      @sh "CHART=\(.name)",
+      @sh "VERSION=\(.version)",
+      @sh "REPO=\(.repository)"
+    )
+  '
+}
 
 (
     set -e
-    eval "$(yq -o json . Chart.yaml | jq -r '.dependencies[0] | @sh "CHART=\(.name)\nVERSION=\(.version)\nREPO=\(.repository)"')"
-    helm template argocd-crds "$CHART" --repo "$REPO" --version "$VERSION" | yq 'select(.kind == "CustomResourceDefinition")' | kubectl apply -f -
+    eval "$(dependency_chart_info)"
+    set -x
+    helm template argocd-crds --include-crds "$CHART" --repo "$REPO" --version "$VERSION" | yq 'select(.kind == "CustomResourceDefinition")' | kubectl apply -f -
 )
 
 RC=$?
 if [ $RC -ne 0 ];then
-    1>&2 echo "exiting due to error"
+    1>&2 echo "exiting due to error creating ArgoCD CRDs"
+    exit $RC
+fi
+
+
+for f in templates/*.yaml
+(
+    set -e
+    eval "$(application_chart_info templates/sealed-secrets.yaml)"
+    set -x
+    helm template sealed-secrets-crds --include-crds "$CHART" --repo "$REPO" --version "$VERSION" | yq 'select(.kind == "CustomResourceDefinition")' | kubectl apply -f -
+)
+
+RC=$?
+if [ $RC -ne 0 ];then
+    1>&2 echo "exiting due to error creating Sealed Secrets CRDs"
     exit $RC
 fi
diff --git a/argo1/templates/sealed-secrets.yaml b/argo1/templates/sealed-secrets.yaml
index f69e3b9..431a925 100644
--- a/argo1/templates/sealed-secrets.yaml
+++ b/argo1/templates/sealed-secrets.yaml
@@ -11,6 +11,9 @@ spec:
     targetRevision: 2.7.4
     helm:
       releaseName: sealed-secrets
+      values: |
+        commonAnnotations:
+          argocd.argoproj.io/sync-wave: "-3"
   destination:
     server: "https://kubernetes.default.svc"
     namespace: kube-system