Update packages in docker image; supress pip warning; improve cache use apk to update packages in image to get security fixes pip warns when run as root. In a dcker environment this can be ignored as the entire image is effectively a venv. Move inclusion of specific pip packages lower in the build procedure so we can cache all prior layers. Including it earlier resulted in layers that could be cached being invalidated.

def init_severity(db, cl, nodeid, newvalues):
    """Make sure severity is set on new issues"""
    if 'severity' in newvalues and newvalues['severity']:
        return

    normal = db.severity.lookup('normal')
    newvalues['severity'] = normal

def init(db):
    db.issue.audit('create', init_severity)