diff --git a/pkg/processor/pod/pod.go b/pkg/processor/pod/pod.go
index 08d6bd4..d8a0b68 100644
--- a/pkg/processor/pod/pod.go
+++ b/pkg/processor/pod/pod.go
@@ -9,6 +9,7 @@ import (
 	"github.com/arttor/helmify/pkg/helmify"
 	securityContext "github.com/arttor/helmify/pkg/processor/security-context"
 	"github.com/iancoleman/strcase"
+	"github.com/sirupsen/logrus"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -54,10 +55,13 @@ func ProcessSpec(objName string, appMeta helmify.AppMetadata, spec corev1.PodSpe
 	}
 
 	if appMeta.Config().ImagePullSecrets {
-		if _, defined := specMap["imagePullSecrets"]; !defined {
-			specMap["imagePullSecrets"] = "{{ .Values.imagePullSecrets | default list | toJson }}"
-			values["imagePullSecrets"] = []string{}
+		sourceImagePullSecrets, ok := specMap["imagePullSecrets"].([]interface{})
+		if !ok {
+			logrus.Debug("imagePullSecrets not found in pod spec, setting empty map")
+			sourceImagePullSecrets = []interface{}{}
 		}
+		specMap["imagePullSecrets"] = "{{ .Values.imagePullSecrets | default list | toJson }}"
+		values["imagePullSecrets"] = sourceImagePullSecrets
 	}
 
 	err = securityContext.ProcessContainerSecurityContext(objName, specMap, &values, nindent)
diff --git a/pkg/processor/pod/pod_test.go b/pkg/processor/pod/pod_test.go
index 5ac49c0..4e47273 100644
--- a/pkg/processor/pod/pod_test.go
+++ b/pkg/processor/pod/pod_test.go
@@ -3,6 +3,7 @@ package pod
 import (
 	"testing"
 
+	"github.com/arttor/helmify/pkg/config"
 	"github.com/arttor/helmify/pkg/helmify"
 	"github.com/arttor/helmify/pkg/metadata"
 	appsv1 "k8s.io/api/apps/v1"
@@ -137,6 +138,34 @@ spec:
         runAsNonRoot: true
         runAsUser: 65532
 
+`
+	strDeploymentWithImagePullSecrets = `
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-deployment
+  labels:
+    app: nginx
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:1.14.2
+        args:
+        - --test
+        - --arg
+        ports:
+        - containerPort: 80
+      imagePullSecrets:
+      - name: myregistrykey
 `
 )
 
@@ -376,5 +405,53 @@ func Test_pod_Process(t *testing.T) {
 			},
 		}, tmpl)
 	})
+	t.Run("deployment without imagePullSecrets", func(t *testing.T) {
+		var deploy appsv1.Deployment
+		obj := internal.GenerateObj(strDeployment)
+		err := runtime.DefaultUnstructuredConverter.FromUnstructured(obj.Object, &deploy)
+		assert.NoError(t, err)
+		specMap, _, err := ProcessSpec("nginx", &metadata.Service{}, deploy.Spec.Template.Spec)
+		assert.NoError(t, err)
+
+		// when ImagePullSecrets is disabled in config, spec should not contain imagePullSecrets key
+		_, ok := specMap["imagePullSecrets"]
+		assert.False(t, ok)
+	})
+
+	t.Run("deployment with imagePullSecrets enabled but not provided in source", func(t *testing.T) {
+		var deploy appsv1.Deployment
+		obj := internal.GenerateObj(strDeployment)
+		err := runtime.DefaultUnstructuredConverter.FromUnstructured(obj.Object, &deploy)
+		assert.NoError(t, err)
+		// enable ImagePullSecrets in config via metadata.New but source doesn't include imagePullSecrets
+		svc := metadata.New(config.Config{ImagePullSecrets: true})
+		specMap, tmpl, err := ProcessSpec("nginx", svc, deploy.Spec.Template.Spec)
+		assert.NoError(t, err)
+
+		// spec should contain templated imagePullSecrets
+		assert.Equal(t, "{{ .Values.imagePullSecrets | default list | toJson }}", specMap["imagePullSecrets"])
+
+		assert.Equal(t, []interface{}{}, tmpl["imagePullSecrets"])
+	})
+
+	t.Run("deployment with imagePullSecrets", func(t *testing.T) {
+
+		var deploy appsv1.Deployment
+		obj := internal.GenerateObj(strDeploymentWithImagePullSecrets)
+		err := runtime.DefaultUnstructuredConverter.FromUnstructured(obj.Object, &deploy)
+		assert.NoError(t, err)
+		// enable ImagePullSecrets in config via metadata.New
+		svc := metadata.New(config.Config{ImagePullSecrets: true})
+		specMap, tmpl, err := ProcessSpec("nginx", svc, deploy.Spec.Template.Spec)
+		assert.NoError(t, err)
+
+		// spec should contain templated imagePullSecrets
+		assert.Equal(t, "{{ .Values.imagePullSecrets | default list | toJson }}", specMap["imagePullSecrets"])
+
+		// values should contain the original imagePullSecrets slice
+		assert.Equal(t, []interface{}{
+			map[string]interface{}{"name": "myregistrykey"},
+		}, tmpl["imagePullSecrets"])
+	})
 
 }