diff --git a/.github/workflows/flux-kustomize-controller-image.yaml b/.github/workflows/flux-kustomize-controller-image.yaml
new file mode 100644
index 0000000..f05dfdf
--- /dev/null
+++ b/.github/workflows/flux-kustomize-controller-image.yaml
@@ -0,0 +1,28 @@
+name: Build & push flux-kustomize-controller image
+on:
+  pull_request:
+  push:
+    paths:
+      - '.github/workflows/flux-kustomize-controller-image.yaml'
+      - 'dockerfiles/flux-kustomize-controller.Dockerfile'
+    branches:
+      - main
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    name: Build docker image
+    steps:
+      - uses: actions/checkout@master
+
+      - name: 'Artifact: build && push fluxcd/kustomize-controller image'
+        uses: aevea/action-kaniko@v0.10.0
+        with:
+          registry: artifact.onwalk.net
+          username: admin
+          password: ${{ secrets.HELM_REPO_PASSWORD }}
+          build_file: dockerfiles/flux-kustomize-controller.Dockerfile
+          image: k8s/fluxcd/kustomize-controller
+          tag: v0.24.0
+          cache: true
+          cache_registry: cache
diff --git a/dockerfiles/flux-kustomize-controller.Dockerfile b/dockerfiles/flux-kustomize-controller.Dockerfile
new file mode 100755
index 0000000..26b0b4b
--- /dev/null
+++ b/dockerfiles/flux-kustomize-controller.Dockerfile
@@ -0,0 +1,11 @@
+FROM ghcr.io/fluxcd/kustomize-controller:v0.24.0 as build
+
+FROM artifact.onwalk.net/k8s/alpine-ca:3.13 as prod
+
+RUN apk add --no-cache ca-certificates tini git openssh-client && apk add --no-cache gnupg --repository=https://dl-cdn.alpinelinux.org/alpine/edge/main
+
+COPY --from=builder /usr/local/bin/kustomize-controller /usr/local/bin/
+USER 65534:65534
+ENV GNUPGHOME=/tmp
+
+ENTRYPOINT [ "/sbin/tini", "--", "kustomize-controller" ]