FROM python:3.6-alpine as base

FROM base as staging

# Add system dependencies, use cache by copying requirements
RUN apk add --update --no-cache postgresql-dev jpeg-dev build-base gzip zlib-dev libmagic libxml2-dev libxslt-dev

# Install long buildtime deps
# Uses a source archive instead of full local copy to speedup docker build
ADD requirements.txt /requirements.txt
RUN pip install --install-option="--prefix=/build" -r requirements.txt

# Restart from base, using staging build
FROM base

# Import from staging the python build, so the final image is slimmer
# and has no build tool
COPY --from=staging /build /usr
ENV PYTHONPATH=/usr/lib/python3.6/site-packages

# Add runtime system deps
RUN apk add --update --no-cache wget gzip libmagic git unzip libpq libxslt libjpeg imagemagick poppler-utils

# Add unprivilegied user
RUN addgroup -g 1000 teklia && adduser -D -u 1000 -G teklia ark

# Add archi local CA
COPY ./dev-ca.pem /usr/local/share/ca-certificates/arkindex-dev.crt
RUN update-ca-certificates
ENV REQUESTS_CA_BUNDLE /etc/ssl/certs/ca-certificates.crt