diff --git a/smardigo/templates/connect/secret.yml b/smardigo/templates/connect/secret.yml
index 01731dc..8c905e0 100644
--- a/smardigo/templates/connect/secret.yml
+++ b/smardigo/templates/connect/secret.yml
@@ -10,21 +10,11 @@ metadata:
 data:
   # try to get the old secret
   # keep in mind, that a dry-run only returns an empty map 
-  {{- $old_sec := lookup "v1" "Secret" .Release.Namespace $secret_name }}
+  {{- $old_sec := lookup "v1" "Secret" .Release.Namespace $secret_name | default dict }}
+  {{- $old_sec_data := (get $old_sec "data") | default dict }}
 
- # check, if a secret is already set
-  {{- if or (not $old_sec) (not $old_sec.data) }}
-  {{- if ($old_sec.data.JWT_SECRET) }}
-  # if set, then use the old value
-  JWT_SECRET: {{ index $old_sec.data "JWT_SECRET" }}
-  {{ else }}
-  # if not set, then generate a new password
-  JWT_SECRET: {{ randAlphaNum 32 | b64enc }}
-  {{ end }}
-  {{ else }}
-  # if not set, then generate a new password
-  JWT_SECRET: {{ randAlphaNum 32 | b64enc }}
-  {{ end }}
+  {{- $jwtSecret := (get $old_sec_data "JWT_SECRET") | default (randAlphaNum 32 | b64enc) }}
+  JWT_SECRET: {{ $jwtSecret | quote }}
 
   ADMIN_PASSWORD: "{{ .Values.connect.database.password | b64enc}}"
   DATASOURCE_USERNAME: "{{ .Values.connect.database.username | b64enc }}"