diff --git a/.github/workflows/_build.yml b/.github/workflows/_build.yml
index a0e2e09..373f416 100644
--- a/.github/workflows/_build.yml
+++ b/.github/workflows/_build.yml
@@ -11,14 +11,6 @@ on:
         description: "Runner version"
         type: string
         default: "latest" # https://github.com/actions/runner/releases
-      gh_version:
-        description: "GitHub CLI version"
-        type: string
-        default: "2.57.0" # https://github.com/cli/cli/releases
-      docker_compose_version:
-        description: "Docker compose version"
-        type: string
-        default: "2.29.5" # https://github.com/docker/compose/releases
       platforms:
         description: "Platforms to build for"
         type: string
@@ -44,7 +36,5 @@ jobs:
           cache-to: type=gha,mode=max
           build-args: |
             RUNNER_VERSION=${{ inputs.runner_version }}
-            GH_VERSION=${{ inputs.gh_version }}
-            DOCKER_COMPOSE_VERSION=${{ inputs.docker_compose_version }}
           secrets: |
             github_token=${{ secrets.GITHUB_TOKEN }}
diff --git a/Dockerfile b/Dockerfile
index 9da1fa8..80cfd4a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,37 +9,38 @@ RUN apt-get update && \
     build-essential \
     curl \
     git \
+    jc \
     jq \
     liblzma-dev \
     libmysqlclient-dev \
     libssl-dev \
     libxml2-dev \
     libyaml-dev \
-    patch \
     openssh-client \
+    patch \
+    wget \
     zlib1g-dev \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/*
 
-ARG GH_VERSION=latest
-RUN --mount=type=secret,id=github_token,dst=/run/secrets/github_token \
-    ARCH="$(uname -m | sed 's/x86_64/amd64/; s/aarch64/arm64/')" && \
-    if [ "${GH_VERSION}" = "latest" ]; then \
-    TOKEN="$(cat /run/secrets/github_token 2>/dev/null || true)" && \
-    ([ -n "$TOKEN" ] && CURL_OPTS="-H \"Authorization: token $TOKEN\"" || CURL_OPTS="") && \
-    curl $CURL_OPTS -s "https://api.github.com/repos/cli/cli/releases/latest" | \
-    jq -r --arg arch "$ARCH" '.assets[] | select(.name | endswith("_linux_" + $arch + ".deb")) | .browser_download_url' | \
-    xargs curl -L -o /tmp/gh-cli.deb; \
-    else \
-    curl -L "https://github.com/cli/cli/releases/download/v${GH_VERSION}/gh_${GH_VERSION}_linux_$ARCH.deb" -o /tmp/gh-cli.deb; \
-    fi; \
-    dpkg -i /tmp/gh-cli.deb && rm /tmp/gh-cli.deb
-
-ARG DOCKER_COMPOSE_VERSION=latest
-RUN [ "${DOCKER_COMPOSE_VERSION}" = "latest" ] \
-    && curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/lib/docker/cli-plugins/docker-compose \
-    || curl -L "https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/lib/docker/cli-plugins/docker-compose \
-    && chmod +x /usr/local/lib/docker/cli-plugins/docker-compose \
+# Install ubi — https://github.com/houseabsolute/ubi
+RUN --mount=type=secret,id=github_token,env=GITHUB_TOKEN \
+    curl -s https://raw.githubusercontent.com/houseabsolute/ubi/master/bootstrap/bootstrap-ubi.sh | sh \
+    && ubi --version
+
+# Install yq — https://github.com/mikefarah/yq
+RUN --mount=type=secret,id=github_token,env=GITHUB_TOKEN \
+    ubi --in /usr/local/bin --project mikefarah/yq \
+    && yq --version
+
+# Install gh (GitHub CLI) — https://github.com/cli/cli
+RUN --mount=type=secret,id=github_token,env=GITHUB_TOKEN \
+    ubi --in /usr/local/bin --project cli/cli --exe gh \
+    && gh --version
+
+# Install docker-compose — https://github.com/docker/compose
+RUN --mount=type=secret,id=github_token,env=GITHUB_TOKEN \
+    ubi --in /usr/local/lib/docker/cli-plugins/ --project docker/compose --exe docker-compose \
     && ln -s /usr/local/lib/docker/cli-plugins/docker-compose /usr/local/bin/docker-compose \
     && docker compose version \
     && docker-compose version