diff --git a/.changeset/fast-pumpkins-tickle.md b/.changeset/fast-pumpkins-tickle.md
new file mode 100644
index 00000000..27e324e5
--- /dev/null
+++ b/.changeset/fast-pumpkins-tickle.md
@@ -0,0 +1,5 @@
+---
+"@cartesi/sdk": patch
+---
+
+add cartesi/rollups-database container image release
diff --git a/.changeset/honest-spoons-appear.md b/.changeset/honest-spoons-appear.md
new file mode 100644
index 00000000..c38b6855
--- /dev/null
+++ b/.changeset/honest-spoons-appear.md
@@ -0,0 +1,5 @@
+---
+"@cartesi/sdk": patch
+---
+
+bump debian base image to bookworm-20250317-slim
diff --git a/.changeset/hot-timers-repair.md b/.changeset/hot-timers-repair.md
new file mode 100644
index 00000000..01ef3599
--- /dev/null
+++ b/.changeset/hot-timers-repair.md
@@ -0,0 +1,5 @@
+---
+"@cartesi/sdk": patch
+---
+
+create databases and run migrations for preinitialized PostgreSQL database
diff --git a/.github/workflows/database.yaml b/.github/workflows/database.yaml
new file mode 100644
index 00000000..cf33965a
--- /dev/null
+++ b/.github/workflows/database.yaml
@@ -0,0 +1,91 @@
+name: database
+on:
+    workflow_call:
+        secrets:
+            DOCKERHUB_USERNAME:
+                required: true
+            DOCKERHUB_TOKEN:
+                required: true
+    pull_request:
+        paths:
+            - .github/workflows/database.yaml
+            - packages/sdk/**
+concurrency:
+    group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
+    cancel-in-progress: true
+permissions:
+    contents: read
+    packages: write
+    id-token: write
+    actions: write
+jobs:
+    build:
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout
+              uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+            - name: Get package tag/version
+              id: package-version
+              if: ${{ github.event_name == 'push' }}
+              run: |
+                  jq -r '"PACKAGE_VERSION=\(.version)"' packages/sdk/package.json >> "$GITHUB_OUTPUT"
+
+            - name: Docker meta
+              id: meta
+              uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
+              with:
+                  images: |
+                      docker.io/cartesi/rollups-database,enable=${{ github.event_name != 'pull_request' }}
+                      ghcr.io/cartesi/rollups-database
+                  tags: |
+                      type=raw,value=${{ steps.package-version.outputs.PACKAGE_VERSION }},enable=${{ github.event_name == 'push' }}
+                      type=ref,event=pr
+                  labels: |
+                      org.opencontainers.image.title=Cartesi Rollups Database
+                      org.opencontainers.image.description=Cartesi Rollups SDK Database with pre-initialized PostgreSQL Database
+
+            - name: Set up Docker Buildx
+              uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+
+            - name: Login to GitHub Container Registry
+              uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+              with:
+                  registry: ghcr.io
+                  username: ${{ github.actor }}
+                  password: ${{ secrets.GITHUB_TOKEN }}
+
+            - name: Login to DockerHub
+              uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+              with:
+                  username: ${{ secrets.DOCKERHUB_USERNAME }}
+                  password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+            - name: Build and push
+              uses: docker/bake-action@4a9a8d494466d37134e2bfca2d3a8de8fb2681ad # v5.13.0
+              if: ${{ !startsWith(github.ref, 'refs/tags/sdk@') }}
+              with:
+                  workdir: packages/sdk
+                  targets: database
+                  files: |
+                      ./docker-bake.hcl
+                      ./docker-bake.platforms.hcl
+                      ${{ steps.meta.outputs.bake-file }}
+                  set: |
+                      *.cache-from=type=gha
+                      *.cache-to=type=gha,mode=max
+                  push: true
+
+            - uses: depot/setup-action@b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5 # v1.6.0
+            - name: Build and push (depot)
+              uses: depot/bake-action@58d7160c6bfa64eb85e384209e6f2f5ad17948bb # v1.11.0
+              if: ${{ startsWith(github.ref, 'refs/tags/sdk@') }}
+              with:
+                  project: ${{ vars.DEPOT_PROJECT }}
+                  workdir: packages/sdk
+                  targets: database
+                  files: |
+                      ./docker-bake.hcl
+                      ./docker-bake.platforms.hcl
+                      ${{ steps.meta.outputs.bake-file }}
+                  push: true
diff --git a/.github/workflows/runtime.yaml b/.github/workflows/runtime.yaml
new file mode 100644
index 00000000..e31f92a0
--- /dev/null
+++ b/.github/workflows/runtime.yaml
@@ -0,0 +1,91 @@
+name: runtime
+on:
+    workflow_call:
+        secrets:
+            DOCKERHUB_USERNAME:
+                required: true
+            DOCKERHUB_TOKEN:
+                required: true
+    pull_request:
+        paths:
+            - .github/workflows/runtime.yaml
+            - packages/sdk/**
+concurrency:
+    group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
+    cancel-in-progress: true
+permissions:
+    contents: read
+    packages: write
+    id-token: write
+    actions: write
+jobs:
+    build:
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout
+              uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+            - name: Get package tag/version
+              id: package-version
+              if: ${{ github.event_name == 'push' }}
+              run: |
+                  jq -r '"PACKAGE_VERSION=\(.version)"' packages/sdk/package.json >> "$GITHUB_OUTPUT"
+
+            - name: Docker meta
+              id: meta
+              uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
+              with:
+                  images: |
+                      docker.io/cartesi/sdk-node,enable=${{ github.event_name != 'pull_request' }}
+                      ghcr.io/cartesi/sdk-node
+                  tags: |
+                      type=raw,value=${{ steps.package-version.outputs.PACKAGE_VERSION }},enable=${{ github.event_name == 'push' }}
+                      type=ref,event=pr
+                  labels: |
+                      org.opencontainers.image.title=Cartesi Rollups SDK Node
+                      org.opencontainers.image.description=Cartesi Rollups SDK Node with optional services
+
+            - name: Set up Docker Buildx
+              uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+
+            - name: Login to GitHub Container Registry
+              uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+              with:
+                  registry: ghcr.io
+                  username: ${{ github.actor }}
+                  password: ${{ secrets.GITHUB_TOKEN }}
+
+            - name: Login to DockerHub
+              uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+              with:
+                  username: ${{ secrets.DOCKERHUB_USERNAME }}
+                  password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+            - name: Build and push
+              uses: docker/bake-action@4a9a8d494466d37134e2bfca2d3a8de8fb2681ad # v5.13.0
+              if: ${{ !startsWith(github.ref, 'refs/tags/sdk@') }}
+              with:
+                  workdir: packages/sdk
+                  targets: runtime
+                  files: |
+                      ./docker-bake.hcl
+                      ./docker-bake.platforms.hcl
+                      ${{ steps.meta.outputs.bake-file }}
+                  set: |
+                      *.cache-from=type=gha
+                      *.cache-to=type=gha,mode=max
+                  push: true
+
+            - uses: depot/setup-action@b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5 # v1.6.0
+            - name: Build and push (depot)
+              uses: depot/bake-action@58d7160c6bfa64eb85e384209e6f2f5ad17948bb # v1.11.0
+              if: ${{ startsWith(github.ref, 'refs/tags/sdk@') }}
+              with:
+                  project: ${{ vars.DEPOT_PROJECT }}
+                  workdir: packages/sdk
+                  targets: runtime
+                  files: |
+                      ./docker-bake.hcl
+                      ./docker-bake.platforms.hcl
+                      ${{ steps.meta.outputs.bake-file }}
+                  push: true
diff --git a/packages/sdk/Dockerfile b/packages/sdk/Dockerfile
index 2c00f7f5..80818f41 100644
--- a/packages/sdk/Dockerfile
+++ b/packages/sdk/Dockerfile
@@ -1,25 +1,15 @@
 # syntax=docker.io/docker/dockerfile:1
-ARG BASE_IMAGE
-ARG CARTESI_ESPRESSO_READER_VERSION
-ARG CARTESI_IMAGE_KERNEL_VERSION
-ARG CARTESI_MACHINE_EMULATOR_VERSION
-ARG CARTESI_ROLLUPS_GRAPHQL_VERSION
-ARG CRANE_VERSION
-ARG ESPRESSO_DEV_NODE_TAG
-ARG FOUNDRY_VERSION
-ARG LINUX_KERNEL_VERSION
-ARG NODEJS_VERSION
-ARG POSTGRES_VERSION
-ARG SU_EXEC_VERSION
-ARG XGENEXT2_VERSION
+ARG CARTESI_BASE_IMAGE
+ARG ESPRESSO_DEV_NODE_BASE_IMAGE
+ARG POSTGRES_BASE_IMAGE
 
 ################################################################################
 # https://github.com/EspressoSystems/espresso-sequencer/pkgs/container/espresso-sequencer%2Fespresso-dev-node
-FROM ghcr.io/espressosystems/espresso-sequencer/espresso-dev-node:${ESPRESSO_DEV_NODE_TAG} AS espresso-dev-node
+FROM ${ESPRESSO_DEV_NODE_BASE_IMAGE} AS espresso-dev-node
 
 ################################################################################
 # base image
-FROM ${BASE_IMAGE} AS base
+FROM ${CARTESI_BASE_IMAGE} AS base
 SHELL ["/bin/bash", "-euo", "pipefail", "-c"]
 ARG DEBIAN_FRONTEND=noninteractive
 RUN <<EOF
@@ -130,28 +120,136 @@ curl -fsSL "https://github.com/cartesi/rollups-espresso-reader/archive/refs/tags
     | tar --wildcards -xz -C ${ESPRESSO_DEST_FOLDER} --strip-components=6 '*/migrations/*.sql'
 EOF
 
+################################################################################
+# cartesi runtime target
+FROM base AS runtime
+ARG CARTESI_MACHINE_EMULATOR_VERSION
+ARG CARTESI_ROLLUPS_NODE_VERSION
+ARG TARGETARCH
+
+USER root
+ARG DEBIAN_FRONTEND=noninteractive
+RUN <<EOF
+apt-get install -y --no-install-recommends \
+    libslirp0 \
+    lua5.4 \
+    xz-utils
+rm -rf /var/lib/apt/lists/*
+EOF
+
+RUN <<EOF
+set -e
+addgroup --system --gid 102 cartesi
+adduser --system --uid 102 \
+    --disabled-login \
+    --gecos "cartesi user" \
+    --home /nonexistent \
+    --ingroup cartesi \
+    --no-create-home \
+    --shell /bin/false \
+    cartesi
+EOF
+
+# Install cartesi-machine emulator
+RUN <<EOF
+curl -fsSL https://github.com/cartesi/machine-emulator/releases/download/v${CARTESI_MACHINE_EMULATOR_VERSION}/cartesi-machine-v${CARTESI_MACHINE_EMULATOR_VERSION}_${TARGETARCH}.deb \
+    -o /tmp/cartesi-machine.deb
+dpkg -i /tmp/cartesi-machine.deb
+rm /tmp/cartesi-machine.deb
+cartesi-machine --version-json
+EOF
+
+# Install cartesi-rollups-node
+RUN <<EOF
+curl -fsSL https://github.com/cartesi/rollups-node/releases/download/v${CARTESI_ROLLUPS_NODE_VERSION}/cartesi-rollups-node-v${CARTESI_ROLLUPS_NODE_VERSION%%-*}_${TARGETARCH}.deb \
+    -o /tmp/cartesi-rollups-node.deb
+dpkg -i /tmp/cartesi-rollups-node.deb
+rm /tmp/cartesi-rollups-node.deb
+mkdir -p /var/lib/cartesi-rollups-node/snapshots
+chmod 755 /var/lib/cartesi-rollups-node/snapshots
+chown cartesi:cartesi /var/lib/cartesi-rollups-node/snapshots
+cartesi-rollups-node --version
+EOF
+
+COPY --from=graphql /usr/local/bin/cartesi-rollups-graphql /usr/local/bin/
+COPY --from=espresso-reader /usr/local/bin/cartesi-rollups-espresso-reader /usr/local/bin/
+
+USER cartesi
+
 ################################################################################
 # postgresql initdb
-FROM postgres:${POSTGRES_VERSION} AS postgresql-initdb
-ENV POSTGRES_PASSWORD=password
+FROM ${POSTGRES_BASE_IMAGE} AS postgresql-initdb
+
+ARG DEBIAN_FRONTEND=noninteractive
+RUN <<EOF
+set -eo
+apt-get update
+apt-get install -y --no-install-recommends \
+    libslirp0
+EOF
+
+COPY --from=runtime /usr/bin/cartesi-rollups-cli /usr/bin/
+COPY --from=runtime /usr/lib/libcartesi* /usr/lib/
+COPY --from=go-migrate /usr/local/bin/migrate /usr/local/bin/
+COPY --from=graphql-migration /usr/share/cartesi/rollups-graphql/migrations /usr/share/cartesi/rollups-graphql/migrations
+COPY --from=espresso-reader-migration /usr/share/cartesi/rollups-espresso-reader/migrations /usr/share/cartesi/rollups-espresso-reader/migrations
+
+ARG POSTGRES_PASSWORD=password
+
+# create rollupsdb, graphql and espresso databases
+COPY <<EOF /docker-entrypoint-initdb.d/00-createdb.sql
+CREATE DATABASE rollupsdb;
+CREATE DATABASE graphql;
+CREATE DATABASE espresso;
+EOF
+
+# rollups-node migrations
+COPY <<EOF /docker-entrypoint-initdb.d/01-rollups-node-migrations.sh
+#!/usr/bin/env bash
+set -e
+export CARTESI_DATABASE_CONNECTION="postgres://postgres@/rollupsdb?host=/var/run/postgresql"
+cartesi-rollups-cli db upgrade --verbose
+EOF
+
+# rollups-graphql migrations
+COPY <<EOF /docker-entrypoint-initdb.d/02-graphql-migrations.sh
+#!/usr/bin/env bash
+set -e
+migrate -verbose -path /usr/share/cartesi/rollups-graphql/migrations -database 'postgres://postgres@/graphql?host=/var/run/postgresql' up
+EOF
+
+# espresso-reader migrations
+COPY <<EOF /docker-entrypoint-initdb.d/03-espresso-reader-migrations.sh
+#!/usr/bin/env bash
+set -e
+migrate -verbose -path /usr/share/cartesi/rollups-espresso-reader/migrations -database 'postgres://postgres@/rollupsdb?host=/var/run/postgresql' up
+EOF
+
 RUN /usr/local/bin/docker-ensure-initdb.sh postgres
 
+################################################################################
+# rollups-database image
+FROM ${POSTGRES_BASE_IMAGE} AS database
+COPY --from=postgresql-initdb /var/lib/postgresql/data /var/lib/postgresql/data
+
 ################################################################################
 # sdk final image
-FROM base
+FROM runtime
 ARG ALTO_VERSION
+ARG CARTESI_DEVNET_VERSION
 ARG CARTESI_IMAGE_KERNEL_VERSION
+ARG CARTESI_LINUX_KERNEL_VERSION
 ARG CARTESI_MACHINE_EMULATOR_VERSION
+ARG CARTESI_PAYMASTER_VERSION
 ARG CARTESI_ROLLUPS_NODE_VERSION
-ARG DEVNET_VERSION
-ARG LINUX_KERNEL_VERSION
-ARG PAYMASTER_VERSION
+ARG TARGETARCH
 ARG TARGETARCH
 ARG XGENEXT2_VERSION
 
 USER root
 ARG DEBIAN_FRONTEND=noninteractive
 RUN <<EOF
+apt-get update
 apt-get install -y --no-install-recommends \
     jq \
     libarchive-tools \
@@ -163,8 +261,11 @@ apt-get install -y --no-install-recommends \
     squashfs-tools \
     xxd \
     xz-utils
+rm -rf /var/lib/apt/lists/*
+EOF
 
 # Install e2fsprogs from backports
+RUN <<EOF
 echo 'deb http://deb.debian.org/debian bookworm-backports main' > /etc/apt/sources.list.d/backports.list
 apt-get update
 apt-get install -y --no-install-recommends -t bookworm-backports \
@@ -188,8 +289,8 @@ EOF
 # Install nodejs packages
 RUN <<EOF
 npm install -g \
-    @cartesi/devnet@${DEVNET_VERSION} \
-    @cartesi/mock-verifying-paymaster@${PAYMASTER_VERSION} \
+    @cartesi/devnet@${CARTESI_DEVNET_VERSION} \
+    @cartesi/mock-verifying-paymaster@${CARTESI_PAYMASTER_VERSION} \
     @pimlico/alto@${ALTO_VERSION}
 
 mkdir -p /usr/share/cartesi
@@ -197,6 +298,24 @@ cp /usr/local/lib/node_modules/@cartesi/devnet/export/abi/localhost.json /usr/sh
 cp /usr/local/lib/node_modules/@cartesi/devnet/build/anvil_state.json /usr/share/cartesi/
 EOF
 
+# Install linux kernel image
+RUN <<EOF
+curl -fsSL "https://github.com/cartesi/image-kernel/releases/download/v${CARTESI_IMAGE_KERNEL_VERSION}/linux-${CARTESI_LINUX_KERNEL_VERSION}.bin" \
+    -o /usr/share/cartesi-machine/images/linux.bin
+echo "e4663365ea565792110129a6b479eca896cb31c23f561cb42214609588689f9d3d173a82b4ea27ff74ae05334747cc76ed6bc4c200a7499ac5134abfd2b3045e /usr/share/cartesi-machine/images/linux.bin" \
+    | sha512sum -c
+EOF
+
+# Install linux headers
+RUN <<EOF
+curl -fsSL "https://github.com/cartesi/image-kernel/releases/download/v${CARTESI_IMAGE_KERNEL_VERSION}/linux-headers-${CARTESI_LINUX_KERNEL_VERSION}.tar.xz" \
+    -o "/tmp/linux-headers-${CARTESI_LINUX_KERNEL_VERSION}.tar.xz"
+echo "2ecdb9c9f02a96faed2605ec811ef7188f963feb21b32d057b1ab3278f27ac42887f235a3f52eadd5f5caa56a61e141ad2bb666793d5bdd755c273adba167d45 /tmp/linux-headers-${CARTESI_LINUX_KERNEL_VERSION}.tar.xz" \
+    | sha512sum -c
+tar -xJf "/tmp/linux-headers-${CARTESI_LINUX_KERNEL_VERSION}.tar.xz" -C /
+rm "/tmp/linux-headers-${CARTESI_LINUX_KERNEL_VERSION}.tar.xz"
+EOF
+
 ENV LC_ALL=en_US.UTF-8
 ENV LANG=en_US.UTF-8
 ENV LANGUAGE=en_US:en
@@ -214,52 +333,10 @@ COPY --from=su-exec /usr/local/src/su-exec /usr/local/bin/
 COPY --from=crane /usr/local/bin/crane /usr/local/bin/
 COPY --from=foundry /usr/local/bin/anvil /usr/local/bin/
 COPY --from=foundry /usr/local/bin/cast /usr/local/bin/
+COPY --from=espresso-dev-node /usr/bin/espresso-dev-node /usr/local/bin/
 COPY --from=go-migrate /usr/local/bin/migrate /usr/local/bin/
-COPY --from=graphql /usr/local/bin/cartesi-rollups-graphql /usr/local/bin/
 COPY --from=graphql-migration /usr/share/cartesi/rollups-graphql/migrations /usr/share/cartesi/rollups-graphql/migrations
-COPY --from=espresso-reader /usr/local/bin/cartesi-rollups-espresso-reader /usr/local/bin/
 COPY --from=espresso-reader-migration /usr/share/cartesi/rollups-espresso-reader/migrations /usr/share/cartesi/rollups-espresso-reader/migrations
-COPY --from=espresso-dev-node /usr/bin/espresso-dev-node /usr/local/bin/
-COPY --from=postgresql-initdb /var/lib/postgresql/data /var/lib/postgresql/data
-
-RUN mkdir -p /tmp/.cartesi && chmod 1777 /tmp/.cartesi
-
-# Install cartesi-machine emulator
-RUN <<EOF
-curl -fsSL https://github.com/cartesi/machine-emulator/releases/download/v${CARTESI_MACHINE_EMULATOR_VERSION}/cartesi-machine-v${CARTESI_MACHINE_EMULATOR_VERSION}_${TARGETARCH}.deb \
-    -o /tmp/cartesi-machine.deb
-dpkg -i /tmp/cartesi-machine.deb
-rm /tmp/cartesi-machine.deb
-cartesi-machine --version-json
-EOF
-
-# Install linux kernel image
-RUN <<EOF
-curl -fsSL "https://github.com/cartesi/image-kernel/releases/download/v${CARTESI_IMAGE_KERNEL_VERSION}/linux-${LINUX_KERNEL_VERSION}.bin" \
-    -o /usr/share/cartesi-machine/images/linux.bin
-echo "e4663365ea565792110129a6b479eca896cb31c23f561cb42214609588689f9d3d173a82b4ea27ff74ae05334747cc76ed6bc4c200a7499ac5134abfd2b3045e /usr/share/cartesi-machine/images/linux.bin" \
-    | sha512sum -c
-EOF
-
-# Install linux headers
-RUN <<EOF
-curl -fsSL "https://github.com/cartesi/image-kernel/releases/download/v${CARTESI_IMAGE_KERNEL_VERSION}/linux-headers-${LINUX_KERNEL_VERSION}.tar.xz" \
-    -o "/tmp/linux-headers-$LINUX_KERNEL_VERSION.tar.xz"
-echo "2ecdb9c9f02a96faed2605ec811ef7188f963feb21b32d057b1ab3278f27ac42887f235a3f52eadd5f5caa56a61e141ad2bb666793d5bdd755c273adba167d45 /tmp/linux-headers-${LINUX_KERNEL_VERSION}.tar.xz" \
-    | sha512sum -c
-tar -xJf "/tmp/linux-headers-${LINUX_KERNEL_VERSION}.tar.xz" -C /
-rm "/tmp/linux-headers-${LINUX_KERNEL_VERSION}.tar.xz"
-EOF
-
-# Install cartesi-rollups-node
-RUN <<EOF
-curl -fsSL https://github.com/cartesi/rollups-node/releases/download/v${CARTESI_ROLLUPS_NODE_VERSION}/cartesi-rollups-node-v${CARTESI_ROLLUPS_NODE_VERSION%%-*}_${TARGETARCH}.deb \
-    -o /tmp/cartesi-rollups-node.deb
-dpkg -i /tmp/cartesi-rollups-node.deb
-rm /tmp/cartesi-rollups-node.deb
-mkdir -p /var/lib/cartesi-rollups-node/snapshots
-cartesi-rollups-node --version
-EOF
 
 WORKDIR /mnt
 ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
diff --git a/packages/sdk/docker-bake.hcl b/packages/sdk/docker-bake.hcl
index 84c24de8..f519c22f 100644
--- a/packages/sdk/docker-bake.hcl
+++ b/packages/sdk/docker-bake.hcl
@@ -5,22 +5,31 @@ target "default" {
   inherits = ["docker-metadata-action", "docker-platforms"]
   args = {
     ALTO_VERSION                      = "0.0.4"
-    BASE_IMAGE                        = "debian:bookworm-20250224"
+    CARTESI_BASE_IMAGE                = "docker.io/library/debian:bookworm-20250317-slim@sha256:1209d8fd77def86ceb6663deef7956481cc6c14a25e1e64daec12c0ceffcc19d"
+    CARTESI_DEVNET_VERSION            = "2.0.0-alpha.3"
     CARTESI_ESPRESSO_READER_VERSION   = "0.2.3-node-20250128"
     CARTESI_IMAGE_KERNEL_VERSION      = "0.20.0"
+    CARTESI_LINUX_KERNEL_VERSION      = "6.5.13-ctsi-1-v0.20.0"
     CARTESI_MACHINE_EMULATOR_VERSION  = "0.18.1"
+    CARTESI_PAYMASTER_VERSION         = "0.2.0"
     CARTESI_ROLLUPS_GRAPHQL_VERSION   = "2.3.8"
     CARTESI_ROLLUPS_NODE_VERSION      = "2.0.0-alpha.1"
     CRANE_VERSION                     = "0.19.1"
-    DEVNET_VERSION                    = "2.0.0-alpha.3"
-    ESPRESSO_DEV_NODE_TAG             = "20241120-patch6"
+    ESPRESSO_DEV_NODE_BASE_IMAGE      = "ghcr.io/espressosystems/espresso-sequencer/espresso-dev-node:20241120-patch6@sha256:453264eab19e3313c85a8720c784f16f15e36bacb28ae917034e24342cecf3c3"
     FOUNDRY_VERSION                   = "0.3.0"
     GO_MIGRATE_VERSION                = "4.18.2"
-    LINUX_KERNEL_VERSION              = "6.5.13-ctsi-1-v0.20.0"
-    NODEJS_VERSION                    = "18.19.0"
-    PAYMASTER_VERSION                 = "0.2.0"
-    POSTGRES_VERSION                  = "16"
+    POSTGRES_BASE_IMAGE               = "docker.io/library/postgres:16@sha256:e95b0cb95f719e0ce156c2bc5545c89fbd98a1a692845a5331ddc79ea61f1b1e"
     SU_EXEC_VERSION                   = "0.2"
     XGENEXT2_VERSION                  = "1.5.6"
   }
 }
+
+target "runtime"  {
+  inherits = ["default", "docker-metadata-action", "docker-platforms"]
+  target = "runtime"
+}
+
+target "database"  {
+  inherits = ["default", "docker-metadata-action", "docker-platforms"]
+  target = "database"
+}
diff --git a/packages/sdk/docker-bake.override.hcl b/packages/sdk/docker-bake.override.hcl
index 82daf7cc..cd8e7ead 100644
--- a/packages/sdk/docker-bake.override.hcl
+++ b/packages/sdk/docker-bake.override.hcl
@@ -1,3 +1,11 @@
 target "default" {
   tags = ["cartesi/sdk:devel"]
 }
+
+target "rollups-node" {
+  tags = ["cartesi/sdk-node:devel"]
+}
+
+target "database" {
+  tags = ["cartesi/rollups-database:devel"]
+}