diff --git a/dropgz/build/cni.Dockerfile b/dropgz/build/cni.Dockerfile
index 34f13239db..de55d6d916 100644
--- a/dropgz/build/cni.Dockerfile
+++ b/dropgz/build/cni.Dockerfile
@@ -1,30 +1,37 @@
-FROM mcr.microsoft.com/oss/cilium/cilium:1.12.1.1 as cilium
+FROM mcr.microsoft.com/cbl-mariner/base/core:2.0 AS certs
+RUN tdnf upgrade -y && tdnf install -y ca-certificates
 
-FROM mcr.microsoft.com/oss/go/microsoft/golang:1.19 AS azure-ipam
+FROM mcr.microsoft.com/cbl-mariner/base/core:2.0 AS tar
+RUN tdnf install -y tar
+
+FROM tar AS azure-ipam
 ARG VERSION
+ARG OS
+ARG ARCH
 WORKDIR /azure-ipam
 COPY ./azure-ipam .
-RUN CGO_ENABLED=0 go build -a -o bin/azure-ipam -trimpath -ldflags "-X main.version="$VERSION"" -gcflags="-dwarflocationlists=true" .
+COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
+RUN curl -LO --cacert /etc/ssl/certs/ca-certificates.crt https://github.com/Azure/azure-container-networking/releases/download/azure-ipam%2Fv0.0.3/azure-ipam-$OS-$ARCH-v0.0.3.tgz && tar -xvf azure-ipam-$OS-$ARCH-v0.0.3.tgz
 
-FROM mcr.microsoft.com/oss/go/microsoft/golang:1.19 AS azure-vnet
+FROM tar AS azure-vnet
 ARG VERSION
 ARG OS
 ARG ARCH
 WORKDIR /azure-container-networking
 COPY . .
-RUN curl -LO https://github.com/Azure/azure-container-networking/releases/download/v1.4.29/azure-vnet-cni-swift-$OS-$ARCH-v1.4.29.tgz && tar -xvf azure-vnet-cni-swift-$OS-$ARCH-v1.4.29.tgz
+COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
+RUN curl -LO --cacert /etc/ssl/certs/ca-certificates.crt https://github.com/Azure/azure-container-networking/releases/download/v1.4.29/azure-vnet-cni-swift-$OS-$ARCH-v1.4.29.tgz && tar -xvf azure-vnet-cni-swift-$OS-$ARCH-v1.4.29.tgz
 
 FROM mcr.microsoft.com/cbl-mariner/base/core:2.0 AS compressor
 ARG OS
 WORKDIR /dropgz
 COPY dropgz .
 COPY --from=azure-ipam /azure-ipam/*.conflist pkg/embed/fs
-COPY --from=azure-ipam /azure-ipam/bin/* pkg/embed/fs
+COPY --from=azure-ipam /azure-ipam/azure-ipam pkg/embed/fs
 COPY --from=azure-vnet /azure-container-networking/cni/azure-$OS-swift.conflist pkg/embed/fs/azure-swift.conflist
 COPY --from=azure-vnet /azure-container-networking/azure-vnet pkg/embed/fs
 COPY --from=azure-vnet /azure-container-networking/azure-vnet-telemetry pkg/embed/fs
 COPY --from=azure-vnet /azure-container-networking/azure-vnet-ipam pkg/embed/fs
-COPY --from=cilium /opt/cni/bin/cilium-cni pkg/embed/fs
 RUN cd pkg/embed/fs/ && sha256sum * > sum.txt
 RUN gzip --verbose --best --recursive pkg/embed/fs && for f in pkg/embed/fs/*.gz; do mv -- "$f" "${f%%.gz}"; done