Better pin Python dependencies in project Docker image

[jaclyn-taroni]

Context

We think we ran into the problem noted in #991 (see also: #1003) because there was some underlying Python dependency that did not have a hardcoded version in the Dockerfile and changed between builds of the project image. Something like this has happened before, and we pinned many of the Python dependencies at the time but not all of them.

Idea and potential next steps

We should specify versions for every Python dependency on the project Docker image. The first thing to do is build the image and get a list of pip-installed packages on there.

I believe the following should do it:

./scripts/run_in_ci.sh pip3 freeze > requirements.txt

(Whoever is implementing this may also consider adding --no-cache here.)

There are a couple ways we could go from there. We could either hardcode all of these into the Dockerfile or we could use a requirements.txt file that's tracked in the repo to install everything. We should consider which of these options is easier to document and for multiple people to update.

Who will complete these steps?

Someone from the CCDL.