diff --git a/pkg/webhooks/resource/handlers_test.go b/pkg/webhooks/resource/handlers_test.go
index c30d82b13c4e..e3941f0ec8e4 100644
--- a/pkg/webhooks/resource/handlers_test.go
+++ b/pkg/webhooks/resource/handlers_test.go
@@ -631,10 +631,10 @@ func makeKey(policy kyverno.PolicyInterface) string {
 }
 
 type mockPolicyContextBuilder struct {
+	sync.Mutex
 	configuration config.Configuration
 	jp            jmespath.Interface
 	contexts      []*engine.PolicyContext
-	count         int
 }
 
 func newMockPolicyContextBuilder(
@@ -645,11 +645,13 @@ func newMockPolicyContextBuilder(
 		configuration: configuration,
 		jp:            jp,
 		contexts:      make([]*policycontext.PolicyContext, 0),
-		count:         0,
 	}
 }
 
 func (b *mockPolicyContextBuilder) Build(request admissionv1.AdmissionRequest, roles, clusterRoles []string, gvk schema.GroupVersionKind) (*engine.PolicyContext, error) {
+	b.Lock()
+	defer b.Unlock()
+
 	userRequestInfo := kyvernov1beta1.RequestInfo{
 		AdmissionUserInfo: *request.UserInfo.DeepCopy(),
 		Roles:             roles,
@@ -659,7 +661,6 @@ func (b *mockPolicyContextBuilder) Build(request admissionv1.AdmissionRequest, r
 	if err != nil {
 		return nil, err
 	}
-	b.count += 1
 	b.contexts = append(b.contexts, pc)
 	return pc, err
 }
diff --git a/pkg/webhooks/resource/updaterequest.go b/pkg/webhooks/resource/updaterequest.go
index 85d38b318cbc..fdf9c722635d 100644
--- a/pkg/webhooks/resource/updaterequest.go
+++ b/pkg/webhooks/resource/updaterequest.go
@@ -26,14 +26,15 @@ func (h *resourceHandlers) handleBackgroundApplies(ctx context.Context, logger l
 }
 
 func (h *resourceHandlers) handleMutateExisting(ctx context.Context, logger logr.Logger, request handlers.AdmissionRequest, policies []kyvernov1.PolicyInterface, admissionRequestTimestamp time.Time, wg *sync.WaitGroup) {
+	if wg != nil { // for unit testing purposes
+		defer wg.Done()
+	}
+
 	policyContext, err := h.buildPolicyContextFromAdmissionRequest(logger, request)
 	if err != nil {
 		logger.Error(err, "failed to create policy context")
 		return
 	}
-	if wg != nil { // for unit testing purposes
-		defer wg.Done()
-	}
 
 	if request.AdmissionRequest.Operation == admissionv1.Delete {
 		policyContext = policyContext.WithNewResource(policyContext.OldResource())
@@ -95,14 +96,15 @@ func (h *resourceHandlers) handleMutateExisting(ctx context.Context, logger logr
 }
 
 func (h *resourceHandlers) handleGenerate(ctx context.Context, logger logr.Logger, request handlers.AdmissionRequest, generatePolicies []kyvernov1.PolicyInterface, ts time.Time, wg *sync.WaitGroup) {
+	if wg != nil { // for unit testing purposes
+		defer wg.Done()
+	}
+
 	policyContext, err := h.buildPolicyContextFromAdmissionRequest(logger, request)
 	if err != nil {
 		logger.Error(err, "failed to create policy context")
 		return
 	}
-	if wg != nil { // for unit testing purposes
-		defer wg.Done()
-	}
 
 	gh := generation.NewGenerationHandler(logger, h.engine, h.client, h.kyvernoClient, h.nsLister, h.urLister, h.cpolLister, h.polLister, h.urGenerator, h.eventGen, h.metricsConfig, h.backgroundServiceAccountName)
 	var policies []kyvernov1.PolicyInterface