Split the setcap image from the base images, make them easier to override

build/server-image/Dockerfile

@@ -14,10 +14,9 @@
 
 # Dockerfile used for the server images.
 
-ARG BASE_IMAGE_REGISTRY
-ARG BASE_IMAGE_NAME
+ARG BASEIMAGE
 ARG BINARY
 
 
-FROM "${BASE_IMAGE_REGISTRY}/${BASE_IMAGE_NAME}"
+FROM "${BASEIMAGE}"
 COPY ${BINARY} /usr/local/bin/${BINARY}

build/server-image/kube-apiserver/Dockerfile

@@ -13,17 +13,18 @@
 # limitations under the License.
 
 # This file create the kube-apiserver image.
-ARG BASE_IMAGE_REGISTRY
-ARG BASE_IMAGE_NAME
+ARG BASEIMAGE
+ARG SETCAP_IMAGE
+
 # we use the hosts platform to apply the capabilities to avoid the need
 # to setup qemu for the builder.
-FROM --platform=linux/$BUILDARCH ${BASE_IMAGE_REGISTRY}/setcap:buster-v1.4.0
+FROM --platform=linux/$BUILDARCH ${SETCAP_IMAGE}
 ARG BINARY
 COPY ${BINARY} /${BINARY}
 # We apply cap_net_bind_service so that kube-apiserver can be run as
 # non-root and still listen on port less than 1024
 RUN setcap cap_net_bind_service=+ep /${BINARY}
 
-FROM --platform=linux/$TARGETARCH ${BASE_IMAGE_REGISTRY}/${BASE_IMAGE_NAME}
+FROM --platform=linux/$TARGETARCH ${BASEIMAGE}
 ARG BINARY
 COPY --from=0 /${BINARY} /usr/local/bin/${BINARY}