modified base dockerfile for Picnic

Dockerfile.base

FROM ubuntu:16.04

RUN apt-get update && apt-get upgrade -y \
  && apt-get install -yq --no-install-recommends \
    apt-transport-https \
    build-essential \
    ca-certificates \
    curl \
    git \
    libssl-dev \
    rsync \
    software-properties-common \
    git \
    wget \
    openssh-client

RUN echo "deb http://packages.cloud.google.com/apt cloud-sdk-xenial main" > /etc/apt/sources.list.d/google-cloud-sdk.list \
  && curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - \
  && echo "deb http://apt.postgresql.org/pub/repos/apt/ trusty-pgdg main" > /etc/apt/sources.list.d/pgdg.list \
  && wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \
  && add-apt-repository ppa:certbot/certbot

# if changing versions, keep the python image versions in sync
ENV NODE_VERSION 9.11.1
ENV YARN_VERSION 1.5.1
RUN set -ex \
  && for key in \
    94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \
    FD3A5288F042B6850C66B31F09FE44734EB7990E \
    71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \
    DD8F2338BAE7501E3DD5AC78C273792F7D83545D \
    C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \
    B9AE9905FFD7803F25714661B63B535A4C206CA9 \
    77984A986EBC2AA786BC0F66B01FBB92821C587A \
    6A010C5166006599AA17F08146C2130DFD2497F5 \
  ; do \
    gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \
    gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \
    gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \
  done \
  && ARCH='x64' \
  && curl -SLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \
  && curl -SLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \
  && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \
  && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \
  && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
  && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \
  && ln -s /usr/local/bin/node /usr/local/bin/nodejs \
  && curl -fSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
  && curl -fSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \
  && gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \
  && mkdir -p /opt/yarn \
  && tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/yarn --strip-components=1 \
  && ln -s /opt/yarn/bin/yarn /usr/local/bin/yarn \
  && ln -s /opt/yarn/bin/yarn /usr/local/bin/yarnpkg \
  && rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz

RUN apt-get update && apt-get upgrade -y \
  && apt-get install -yq --no-install-recommends \
    ghostscript \
    poppler-utils \
    redis-tools \
    postgresql-client-9.6 \
    libpq-dev \
    libgif-dev \
    pdftk \
    pkg-config \
    libcairo2-dev \
    imagemagick \
    libjpeg-dev \
    fontconfig \
    certbot \
    google-cloud-sdk \
  && rm -rf /var/lib/apt/lists/*

# delete imagemagick restriction on pdf
# note: if we use newer ubuntu image, we need to migrate convert command to magick command
RUN sed -i 's/<policy domain="coder" rights="none" pattern="PDF".*//g' /etc/ImageMagick-6/policy.xml

RUN mkdir -p ~/.ssh \
  && ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts

RUN wget --quiet https://s3-us-west-2.amazonaws.com/assets.picnichealth.com/fonts/Lucida+Grande+Regular.ttf \
 && wget --quiet https://s3-us-west-2.amazonaws.com/assets.picnichealth.com/fonts/Lucida+Grande+Bold.ttf \
 && mv *.ttf /usr/share/fonts/ \
 && fc-cache -f -v

ENV NODE_ENV development