diff --git a/base-jdk11/Dockerfile b/base-jdk11/Dockerfile
index b3ebab2..c98a911 100644
--- a/base-jdk11/Dockerfile
+++ b/base-jdk11/Dockerfile
@@ -1,38 +1,133 @@
-FROM jenkins/jnlp-slave:latest-jdk11
+FROM openjdk:11-jdk-slim-buster
+
 LABEL maintainer="SoftwareHeritage"
+
 USER root
 
 RUN \
   export DEBIAN_FRONTEND=noninteractive && \
   apt-get update && \
-  apt-get install -y apt-transport-https && \
-  echo deb http://deb.debian.org/debian/ stretch-backports main > /etc/apt/sources.list.d/backports.list && \
-  echo deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main > /etc/apt/sources.list.d/postgres.list && \
-  wget --quiet -O /etc/apt/trusted.gpg.d/postgresql.asc https://www.postgresql.org/media/keys/ACCC4CF8.asc && \
+  apt-get install -y apt-transport-https curl ca-certificates && \
+  echo deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main > /etc/apt/sources.list.d/postgres.list && \
+  curl --create-dirs -fsSLo /etc/apt/trusted.gpg.d/postgresql.asc https://www.postgresql.org/media/keys/ACCC4CF8.asc && \
   echo deb https://dl.yarnpkg.com/debian/ stable main > /etc/apt/sources.list.d/yarnpkg.list && \
-  wget --quiet -O /etc/apt/trusted.gpg.d/yarnpkg.asc https://dl.yarnpkg.com/debian/pubkey.gpg && \
+  curl --create-dirs -fsSLo /etc/apt/trusted.gpg.d/yarnpkg.asc https://dl.yarnpkg.com/debian/pubkey.gpg && \
   apt-get update && \
   apt-get upgrade -y && \
-  apt-get install -y -t stretch-backports \
-    nodejs && \
   apt-get install -y \
-    arcanist \
-    build-essential \
-    curl \
-    jq \
-    libsvn-dev \
-    libsystemd-dev \
-    maven \
-    pkg-config \
-    postgresql-10 \
-    postgresql-client-10 \
-    postgresql-server-dev-10 \
-    python3-dev \
-    python3-pip \
-    python3-venv \
-    yarn \
+  arcanist \
+  build-essential \
+  git-lfs \
+  jq \
+  libsvn-dev \
+  libsystemd-dev \
+  maven \
+  pkg-config \
+  postgresql-11 \
+  postgresql-client-11 \
+  postgresql-server-dev-11 \
+  python3-dev \
+  python3-pip \
+  python3-venv \
+  yarn \
   && \
   apt-get clean && \
   rm -rf /var/lib/apt/lists/*
 
-USER jenkins
+## vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv ##
+# inlined from https://raw.githubusercontent.com/jenkinsci/docker-slave/master/Dockerfile-jdk11
+#
+# The MIT License
+#
+#  Copyright (c) 2015-2019, CloudBees, Inc. and other Jenkins contributors
+#
+#  Permission is hereby granted, free of charge, to any person obtaining a copy
+#  of this software and associated documentation files (the "Software"), to deal
+#  in the Software without restriction, including without limitation the rights
+#  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+#  copies of the Software, and to permit persons to whom the Software is
+#  furnished to do so, subject to the following conditions:
+#
+#  The above copyright notice and this permission notice shall be included in
+#  all copies or substantial portions of the Software.
+#
+#  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+#  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+#  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+#  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+#  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+#  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+#  THE SOFTWARE.
+
+#(overridden)## FROM openjdk:11-jdk
+#(overridden)## MAINTAINER Oleg Nenashev <o.v.nenashev@gmail.com>
+
+ARG VERSION=3.35
+ARG user=jenkins
+ARG group=jenkins
+ARG uid=1000
+ARG gid=1000
+
+RUN groupadd -g ${gid} ${group}
+RUN useradd -c "Jenkins user" -d /home/${user} -u ${uid} -g ${gid} -m ${user}
+#(overridden)## LABEL Description="This is a base image, which provides the Jenkins agent executable (slave.jar)" Vendor="Jenkins project" Version="${VERSION}"
+
+ARG AGENT_WORKDIR=/home/${user}/agent
+
+#(buster image)## RUN echo 'deb http://deb.debian.org/debian stretch-backports main' > /etc/apt/sources.list.d/stretch-backports.list
+#(moved later)## RUN apt-get update && apt-get install git-lfs
+RUN curl --create-dirs -fsSLo /usr/share/jenkins/agent.jar https://repo.jenkins-ci.org/public/org/jenkins-ci/main/remoting/${VERSION}/remoting-${VERSION}.jar \
+  && chmod 755 /usr/share/jenkins \
+  && chmod 644 /usr/share/jenkins/agent.jar \
+  && ln -sf /usr/share/jenkins/agent.jar /usr/share/jenkins/slave.jar
+
+USER ${user}
+ENV AGENT_WORKDIR=${AGENT_WORKDIR}
+RUN mkdir /home/${user}/.jenkins && mkdir -p ${AGENT_WORKDIR}
+
+VOLUME /home/${user}/.jenkins
+VOLUME ${AGENT_WORKDIR}
+WORKDIR /home/${user}
+
+## ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ##
+
+## vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv ##
+# inlined from https://raw.githubusercontent.com/jenkinsci/docker-jnlp-slave/master/Dockerfile-jdk11
+#
+# The MIT License
+#
+#  Copyright (c) 2015-2017, CloudBees, Inc.
+#
+#  Permission is hereby granted, free of charge, to any person obtaining a copy
+#  of this software and associated documentation files (the "Software"), to deal
+#  in the Software without restriction, including without limitation the rights
+#  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+#  copies of the Software, and to permit persons to whom the Software is
+#  furnished to do so, subject to the following conditions:
+#
+#  The above copyright notice and this permission notice shall be included in
+#  all copies or substantial portions of the Software.
+#
+#  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+#  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+#  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+#  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+#  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+#  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+#  THE SOFTWARE.
+
+#(overridden)## FROM jenkins/slave:3.35-3-jdk11
+#(overridden)## MAINTAINER Oleg Nenashev <o.v.nenashev@gmail.com>
+#(overridden)## LABEL Description="This is a base image, which allows connecting Jenkins agents via JNLP protocols" Vendor="Jenkins project" Version="3.35-2"
+
+#(already present)## ARG user=jenkins
+
+USER root
+COPY jenkins-agent /usr/local/bin/jenkins-agent
+RUN chmod +x /usr/local/bin/jenkins-agent &&\
+    ln -s /usr/local/bin/jenkins-agent /usr/local/bin/jenkins-slave
+USER ${user}
+
+ENTRYPOINT ["jenkins-slave"]
+
+## ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ##
diff --git a/base-jdk11/jenkins-agent b/base-jdk11/jenkins-agent
new file mode 100644
index 0000000..9b2d31a
--- /dev/null
+++ b/base-jdk11/jenkins-agent
@@ -0,0 +1,117 @@
+#!/usr/bin/env sh
+
+# The MIT License
+#
+#  Copyright (c) 2015-2019, CloudBees, Inc.
+#
+#  Permission is hereby granted, free of charge, to any person obtaining a copy
+#  of this software and associated documentation files (the "Software"), to deal
+#  in the Software without restriction, including without limitation the rights
+#  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+#  copies of the Software, and to permit persons to whom the Software is
+#  furnished to do so, subject to the following conditions:
+#
+#  The above copyright notice and this permission notice shall be included in
+#  all copies or substantial portions of the Software.
+#
+#  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+#  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+#  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+#  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+#  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+#  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+#  THE SOFTWARE.
+
+# Usage jenkins-agent.sh [options] -url http://jenkins [SECRET] [AGENT_NAME]
+# Optional environment variables :
+# * JENKINS_TUNNEL : HOST:PORT for a tunnel to route TCP traffic to jenkins host, when jenkins can't be directly accessed over network
+# * JENKINS_URL : alternate jenkins URL
+# * JENKINS_SECRET : agent secret, if not set as an argument
+# * JENKINS_AGENT_NAME : agent name, if not set as an argument
+# * JENKINS_AGENT_WORKDIR : agent work directory, if not set by optional parameter -workDir
+# * JENKINS_DIRECT_CONNECTION: Connect directly to this TCP agent port, skipping the HTTP(S) connection parameter download.
+#                              Value: "<HOST>:<PORT>"
+# * JENKINS_INSTANCE_IDENTITY: The base64 encoded InstanceIdentity byte array of the Jenkins master. When this is set,
+#                              the agent skips connecting to an HTTP(S) port for connection info.
+# * JENKINS_PROTOCOLS:         Specify the remoting protocols to attempt when instanceIdentity is provided.
+
+if [ $# -eq 1 ]; then
+
+	# if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image
+	exec "$@"
+
+else
+
+	# if -tunnel is not provided, try env vars
+	case "$@" in
+		*"-tunnel "*) ;;
+		*)
+		if [ ! -z "$JENKINS_TUNNEL" ]; then
+			TUNNEL="-tunnel $JENKINS_TUNNEL"
+		fi ;;
+	esac
+
+	# if -workDir is not provided, try env vars
+	if [ ! -z "$JENKINS_AGENT_WORKDIR" ]; then
+		case "$@" in
+			*"-workDir"*) echo "Warning: Work directory is defined twice in command-line arguments and the environment variable" ;;
+			*)
+			WORKDIR="-workDir $JENKINS_AGENT_WORKDIR" ;;
+		esac
+	fi
+
+	if [ -n "$JENKINS_URL" ]; then
+		URL="-url $JENKINS_URL"
+	fi
+
+	if [ -n "$JENKINS_NAME" ]; then
+		JENKINS_AGENT_NAME="$JENKINS_NAME"
+	fi
+
+	if [ -z "$JNLP_PROTOCOL_OPTS" ]; then
+		echo "Warning: JnlpProtocol3 is disabled by default, use JNLP_PROTOCOL_OPTS to alter the behavior"
+		JNLP_PROTOCOL_OPTS="-Dorg.jenkinsci.remoting.engine.JnlpProtocol3.disabled=true"
+	fi
+
+	if [ -n "$JENKINS_PROTOCOLS" ]; then
+		PROTOCOLS="-protocols $JENKINS_PROTOCOLS"
+	fi
+
+	if [ -n "$JENKINS_DIRECT_CONNECTION" ]; then
+		DIRECT="-direct $JENKINS_DIRECT_CONNECTION"
+	fi
+
+	if [ -n "$JENKINS_INSTANCE_IDENTITY" ]; then
+		INSTANCE_IDENTITY="-instanceIdentity $JENKINS_INSTANCE_IDENTITY"
+	fi
+
+	# if java home is defined, use it
+	JAVA_BIN="java"
+	if [ "$JAVA_HOME" ]; then
+		JAVA_BIN="$JAVA_HOME/bin/java"
+	fi
+
+	# if both required options are defined, do not pass the parameters
+	OPT_JENKINS_SECRET=""
+	if [ -n "$JENKINS_SECRET" ]; then
+		case "$@" in
+			*"${JENKINS_SECRET}"*) echo "Warning: SECRET is defined twice in command-line arguments and the environment variable" ;;
+			*)
+			OPT_JENKINS_SECRET="${JENKINS_SECRET}" ;;
+		esac
+	fi
+	
+	OPT_JENKINS_AGENT_NAME=""
+	if [ -n "$JENKINS_AGENT_NAME" ]; then
+		case "$@" in
+			*"${JENKINS_AGENT_NAME}"*) echo "Warning: AGENT_NAME is defined twice in command-line arguments and the environment variable" ;;
+			*)
+			OPT_JENKINS_AGENT_NAME="${JENKINS_AGENT_NAME}" ;;
+		esac
+	fi
+
+	#TODO: Handle the case when the command-line and Environment variable contain different values.
+	#It is fine it blows up for now since it should lead to an error anyway.
+
+	exec $JAVA_BIN $JAVA_OPTS $JNLP_PROTOCOL_OPTS -cp /usr/share/jenkins/agent.jar hudson.remoting.jnlp.Main -headless $TUNNEL $URL $WORKDIR $DIRECT $PROTOCOLS $INSTANCE_IDENTITY $OPT_JENKINS_SECRET $OPT_JENKINS_AGENT_NAME "$@"
+fi