diff --git a/Dockerfile.alpine b/Dockerfile.alpine
index b07ad8f..ca159d8 100644
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@@ -5,7 +5,7 @@ ARG PYTHON_VERSION=3.12
 ARG SOURCE_IMAGE=docker.io/python:${PYTHON_VERSION}-alpine${ALPINE_VERSION}
 ARG BASE_IMAGE_DIGEST
 
-FROM --platform=$BUILDPLATFORM $SOURCE_IMAGE@${BASE_IMAGE_DIGEST} AS buildroot
+FROM --platform=$BUILDPLATFORM ${SOURCE_IMAGE}@${BASE_IMAGE_DIGEST} AS buildroot
 ARG PYTHON_VERSION=3.12
 
 ARG BUILD_ROOT='/dest'
@@ -20,6 +20,7 @@ ENV BUILD_ROOT=$BUILD_ROOT \
     _ln="chroot $BUILD_ROOT ln" \
     _chroot="chroot $BUILD_ROOT"
 
+ADD --chmod=0755 chroot-apk.sh /usr/local/bin/chroot-apk
 RUN set -eu ; \
     python -m pip install -U pip setuptools ; \
     # Add to buildroot:
@@ -88,7 +89,6 @@ RUN set -eu ; \
     # regenerate the ca-certs!
     chroot $BUILD_ROOT update-ca-certificates
 
-
 FROM scratch AS distroless-python
 ARG ALPINE_VERSION=3.20
 ARG PYTHON_VERSION=3.12
diff --git a/README.rst b/README.rst
index 0524ef7..d8ec230 100644
--- a/README.rst
+++ b/README.rst
@@ -92,6 +92,10 @@ Given the following ``Dockerfile``, we will add ``httpie`` to the image and refe
     ENTRYPOINT ["http"]
 
 
+
+As an additional helper, the ``chroot-apk`` command in the buildroot environment can
+be used to install apk packages.
+
 Build and test the image!
 
 .. code:: bash
diff --git a/chroot-apk.sh b/chroot-apk.sh
new file mode 100755
index 0000000..a15fc43
--- /dev/null
+++ b/chroot-apk.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/env sh
+
+if [ "x$CACHE_ROOT" = 'x' ] || [ "x$BUILD_ROOT" = 'x' ]; then
+    >&2 echo "CACHE_ROOT (${CACHE_ROOT:-not-set}) and/or BUILD_ROOT (${BUILD_ROOT:-not-set}) is not set!"
+    exit 1
+fi
+
+set -e
+set -o pipefail
+
+setup () {
+    >&2 echo "Grafting $CACHE_ROOT into $BUILD_ROOT..."
+    tar -C "$CACHE_ROOT" -cpf - . | tar -C "$BUILD_ROOT" -xpf -
+    return $?
+}
+
+fini () {
+    >&2 echo "Removing APK data from $BUILD_ROOT, storing in $CACHE_ROOT"
+    tar -C "$BUILD_ROOT" -cpf - etc/apk bin/ln bin/busybox var/cache/apk usr/share/apk | tar -C "$CACHE_ROOT" -xpf -
+    rm -rf $BUILD_ROOT/bin/ln $BUILD_ROOT/bin/busybox $BUILD_ROOT/etc/apk $BUILD_ROOT/var/cache/apk $BUILD_ROOT/usr/share/apk
+    return $?
+}
+
+trap fini EXIT
+setup
+set -x
+apk --root "$BUILD_ROOT" $@
\ No newline at end of file