diff --git a/.github/workflows/manual-docker-min-unprv-publish.yml b/.github/workflows/manual-docker-min-unprv-publish.yml
new file mode 100644
index 0000000..9887398
--- /dev/null
+++ b/.github/workflows/manual-docker-min-unprv-publish.yml
@@ -0,0 +1,31 @@
+# This workflow builds and uploads a the minimal docker image
+# It's only meant to be manually invoked when the automated python-docker-publish.yml
+# file errors out and the image needs to be rebuilt.
+
+name: Manual Docker Min Build
+
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: "docker image tag"
+        required: true
+        type: string
+
+jobs:
+  docker-image:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Docker Setup Buildx
+        uses: docker/setup-buildx-action@v3.3.0
+      - name: Build and push the Docker image
+        env:
+          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+          DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+          DOCKERIMAGE_TAG: ${{ inputs.tag }}
+        run: |
+          docker login -u $DOCKERHUB_USERNAME -p $DOCKERHUB_PASSWORD
+          docker buildx build . --push --file Dockerfile.minimal-unprivileged \
+          --tag netapp/astra-toolkits:latest-minimal-unprivileged --tag netapp/astra-toolkits:$DOCKERIMAGE_TAG-minimal-unprivileged \
+          --platform linux/amd64,linux/arm64
diff --git a/Dockerfile.minimal-unprivileged b/Dockerfile.minimal-unprivileged
new file mode 100644
index 0000000..b2c5d37
--- /dev/null
+++ b/Dockerfile.minimal-unprivileged
@@ -0,0 +1,8 @@
+FROM python:3.12.3-alpine3.19
+RUN apk add --no-cache jq curl
+RUN adduser -D worker
+USER worker
+WORKDIR /home/worker
+ENV PATH="/home/worker/.local/bin:${PATH}"
+RUN pip install --user actoolkit
+CMD ["/bin/sh"]