Admission webhook TLS secret job not running when deploying kube-prometheus-stack via ArgoCD ApplicationSet

[bashok3186]

Describe the bug a clear and concise description of what the bug is.

Issue Description

When deploying kube-prometheus-stack using ArgoCD ApplicationSet (multi-cluster goTemplate generator), the admission webhook TLS secret creation job (*-admission-create) does not run.

Because of this:

the admission webhook TLS secret (-admission) is never generated,

the Prometheus Operator fails to start due to missing certificate files,

validating/mutating webhooks fail with TLS errors.

This issue occurs:

✔️ During fresh installation of kube-prometheus-stack
✔️ AND when the existing admission secret is deleted manually

→ the secret is not recreated, because the hook job is never executed.

What's your helm version?

v3.16.2

What's your kubectl version?

v1.33.3

Which chart?

kube-prometheus-stack

What's the chart version?

kube-prometheus-stack: 73.2.0 (appVersion v0.82.2) kube-prometheus-stack: 79.8.2 (appVersion v0.86.2)

What happened?

No response

What you expected to happen?

No response

How to reproduce it?

No *-admission-create Job appears in the namespace at any point.

Enter the changed values of values.yaml?

generators:

• clusters:
  selector:
  matchLabels:
  prom-operator: "true"

template:
spec:
source:
repoURL: ssh://git@bitbucket...
path: prometheus-operator
helm:
valueFiles: ["values.yaml"]

Enter the command that you execute and failing/misfunctioning.

Deployed via argo appset Argo CD v3.0.11+240a183

Anything else we need to know?

No response