RHOAIENG-26702: Update codeflare-sdk versions and shas for v0.29.0

[kryanbeane]

Description

Updated codeflare-sdk to v0.29.0

How Has This Been Tested?

Merge criteria:

• The commits are squashed in a cohesive manner and have meaningful messages.
• Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
• The developer has manually tested the changes and verified that the changes work

Summary by CodeRabbit

• Chores
  • Upgraded multiple Python package dependencies across various Jupyter and runtime environments, including codeflare-sdk, ray, google-api-core, narwhals, msgpack, huggingface-hub, requests, ruamel.yaml, tomlkit, yarl, and zipp.
  • Updated associated integrity hashes for all upgraded packages.
  • Reflected updated package versions in related image stream manifests.

[coderabbitai]

Walkthrough

This update synchronizes the codeflare-sdk dependency across multiple Jupyter notebook, runtime, and manifest files, upgrading it from version 0.28.x to 0.29.x. Additionally, several other Python package dependencies are upgraded in various requirements.txt files, with corresponding hash updates for integrity. No source code or logic changes are present.

Changes

Files/Paths	Change Summary
All Pipfile files jupyter//ubi9-python-3.11/Pipfile runtimes//ubi9-python-3.11/Pipfile	Bumped codeflare-sdk version specifier from ~0.28.1 to ~0.29.0.
All requirements.txt files jupyter//ubi9-python-3.11/requirements.txt runtimes//ubi9-python-3.11/requirements.txt	Upgraded codeflare-sdk (0.28.1 → 0.29.0) and ray[data,default] (2.44.1 → 2.46.0) with updated hashes.
jupyter/datascience/ubi9-python-3.11/requirements.txt runtimes/datascience/ubi9-python-3.11/requirements.txt	Also upgraded google-api-core (2.25.0 → 2.25.1), msgpack (1.1.0 → 1.1.1), and narwhals (1.42.0 → 1.42.1) with new hashes.
jupyter/pytorch/ubi9-python-3.11/requirements.txt	Upgraded multiple packages including google-api-core, narwhals, requests, ruamel.yaml, tomlkit, yarl, zipp, and msgpack.
jupyter/rocm/pytorch/ubi9-python-3.11/requirements.txt	Upgraded google-api-core, msgpack, narwhals, ray, and others with updated hashes.
jupyter/rocm/tensorflow/ubi9-python-3.11/requirements.txt	Upgraded google-api-core, msgpack, narwhals, ray, and others with updated hashes.
jupyter/tensorflow/ubi9-python-3.11/requirements.txt	Upgraded google-api-core, msgpack, narwhals, ray[data,default] with updated hashes.
jupyter/trustyai/ubi9-python-3.11/requirements.txt	Upgraded google-api-core, huggingface-hub, msgpack, narwhals, ray[data,default] with updated hashes.
runtimes/rocm-tensorflow/ubi9-python-3.11/requirements.txt	Upgraded codeflare-sdk, google-api-core, msgpack, narwhals, and ray[data,default] with updated hashes.
codeserver/ubi9-python-3.11/requirements.txt	Upgraded google-api-core and narwhals with updated hashes.
All manifest files manifests/base/jupyter-*-notebook-imagestream.yaml	Updated Codeflare-SDK version from 0.28 to 0.29 in the "2025.1" image tag.

Poem

🐇
A hop, a skip, a version jump—
Codeflare hops from old to new,
Ray and friends all join the thump,
Hashes fresh as morning dew.
Notebooks ready, dependencies bright,
Let’s code and crunch from day to night!
🌱✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 07714f5 and e9cd14f.

⛔ Files ignored due to path filters (12)

• codeserver/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/datascience/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/pytorch/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/rocm/pytorch/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/rocm/tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/trustyai/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/datascience/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/pytorch/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/rocm-pytorch/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/rocm-tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock

📒 Files selected for processing (12)

• codeserver/ubi9-python-3.11/requirements.txt (2 hunks)
• jupyter/datascience/ubi9-python-3.11/requirements.txt (5 hunks)
• jupyter/pytorch/ubi9-python-3.11/requirements.txt (5 hunks)
• jupyter/rocm/pytorch/ubi9-python-3.11/requirements.txt (5 hunks)
• jupyter/rocm/tensorflow/ubi9-python-3.11/requirements.txt (5 hunks)
• jupyter/tensorflow/ubi9-python-3.11/requirements.txt (5 hunks)
• jupyter/trustyai/ubi9-python-3.11/requirements.txt (6 hunks)
• runtimes/datascience/ubi9-python-3.11/requirements.txt (5 hunks)
• runtimes/pytorch/ubi9-python-3.11/requirements.txt (5 hunks)
• runtimes/rocm-pytorch/ubi9-python-3.11/requirements.txt (5 hunks)
• runtimes/rocm-tensorflow/ubi9-python-3.11/requirements.txt (5 hunks)
• runtimes/tensorflow/ubi9-python-3.11/requirements.txt (5 hunks)

✅ Files skipped from review due to trivial changes (2)

• codeserver/ubi9-python-3.11/requirements.txt
• jupyter/trustyai/ubi9-python-3.11/requirements.txt

🚧 Files skipped from review as they are similar to previous changes (10)

• runtimes/rocm-pytorch/ubi9-python-3.11/requirements.txt
• runtimes/rocm-tensorflow/ubi9-python-3.11/requirements.txt
• runtimes/tensorflow/ubi9-python-3.11/requirements.txt
• jupyter/rocm/pytorch/ubi9-python-3.11/requirements.txt
• jupyter/datascience/ubi9-python-3.11/requirements.txt
• jupyter/pytorch/ubi9-python-3.11/requirements.txt
• runtimes/datascience/ubi9-python-3.11/requirements.txt
• jupyter/rocm/tensorflow/ubi9-python-3.11/requirements.txt
• runtimes/pytorch/ubi9-python-3.11/requirements.txt
• jupyter/tensorflow/ubi9-python-3.11/requirements.txt

⏰ Context from checks skipped due to timeout of 90000ms (13)

• GitHub Check: build (rocm-runtime-tensorflow-ubi9-python-3.11, false) / build
• GitHub Check: build (rocm-runtime-pytorch-ubi9-python-3.11, false) / build
• GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.11, false) / build
• GitHub Check: build (jupyter-datascience-ubi9-python-3.11, false) / build
• GitHub Check: build (runtime-cuda-tensorflow-ubi9-python-3.11, false) / build
• GitHub Check: build (runtime-cuda-pytorch-ubi9-python-3.11, false) / build
• GitHub Check: build (rocm-jupyter-pytorch-ubi9-python-3.11, false) / build
• GitHub Check: build (runtime-datascience-ubi9-python-3.11, false) / build
• GitHub Check: build (jupyter-trustyai-ubi9-python-3.11, false) / build
• GitHub Check: build (codeserver-ubi9-python-3.11, false) / build
• GitHub Check: build (rocm-jupyter-tensorflow-ubi9-python-3.11, false) / build
• GitHub Check: build (cuda-jupyter-pytorch-ubi9-python-3.11, false) / build
• GitHub Check: validation-of-sw-versions-in-imagestreams

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 8

🧹 Nitpick comments (3)

runtimes/pytorch/ubi9-python-3.11/Pipfile (1)

30-30: Ensure lockfile is updated.
After changing the Pipfile, please regenerate Pipfile.lock to capture this new version and commit the updated lockfile to maintain reproducible environments.

Let me know if you’d like help running pipenv lock and committing the result.

runtimes/tensorflow/ubi9-python-3.11/requirements.txt (1)

380-382: Evaluate pre-release colorful version usage.
Switching to an alpha release (0.6.0a1) may introduce instability. Confirm this pre-release is intentional or consider pinning to a stable version.

runtimes/rocm-tensorflow/ubi9-python-3.11/Pipfile (1)

27-27: Bump codeflare-sdk to 0.29.0
The version upgrade looks correct. Please regenerate the Pipfile.lock (e.g. via pipenv lock) to capture the updated SHA256 and ensure reproducible installs. Also verify that codeflare-sdk 0.29.0 is published on PyPI and compatible with your workloads, and confirm this bump is mirrored across all other environment Pipfiles and manifest files.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e98a63e and 245c70d.

⛔ Files ignored due to path filters (10)

• jupyter/datascience/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/pytorch/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/rocm/tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/trustyai/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/datascience/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/pytorch/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/rocm-pytorch/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/rocm-tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock

📒 Files selected for processing (27)

• jupyter/datascience/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/datascience/ubi9-python-3.11/requirements.txt (11 hunks)
• jupyter/pytorch/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/pytorch/ubi9-python-3.11/requirements.txt (11 hunks)
• jupyter/rocm/pytorch/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/rocm/tensorflow/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/rocm/tensorflow/ubi9-python-3.11/requirements.txt (11 hunks)
• jupyter/tensorflow/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/tensorflow/ubi9-python-3.11/requirements.txt (12 hunks)
• jupyter/trustyai/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/trustyai/ubi9-python-3.11/requirements.txt (11 hunks)
• manifests/base/jupyter-datascience-notebook-imagestream.yaml (1 hunks)
• manifests/base/jupyter-pytorch-notebook-imagestream.yaml (1 hunks)
• manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml (1 hunks)
• manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml (1 hunks)
• manifests/base/jupyter-tensorflow-notebook-imagestream.yaml (1 hunks)
• manifests/base/jupyter-trustyai-notebook-imagestream.yaml (1 hunks)
• runtimes/datascience/ubi9-python-3.11/Pipfile (1 hunks)
• runtimes/datascience/ubi9-python-3.11/requirements.txt (6 hunks)
• runtimes/pytorch/ubi9-python-3.11/Pipfile (1 hunks)
• runtimes/pytorch/ubi9-python-3.11/requirements.txt (6 hunks)
• runtimes/rocm-pytorch/ubi9-python-3.11/Pipfile (1 hunks)
• runtimes/rocm-pytorch/ubi9-python-3.11/requirements.txt (6 hunks)
• runtimes/rocm-tensorflow/ubi9-python-3.11/Pipfile (1 hunks)
• runtimes/rocm-tensorflow/ubi9-python-3.11/requirements.txt (6 hunks)
• runtimes/tensorflow/ubi9-python-3.11/Pipfile (1 hunks)
• runtimes/tensorflow/ubi9-python-3.11/requirements.txt (6 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (13)

• GitHub Check: build (jupyter-datascience-ubi9-python-3.11, false) / build
• GitHub Check: build (rocm-runtime-tensorflow-ubi9-python-3.11, false) / build
• GitHub Check: build (rocm-runtime-pytorch-ubi9-python-3.11, false) / build
• GitHub Check: build (runtime-cuda-tensorflow-ubi9-python-3.11, false) / build
• GitHub Check: build (cuda-jupyter-pytorch-ubi9-python-3.11, false) / build
• GitHub Check: build (runtime-datascience-ubi9-python-3.11, false) / build
• GitHub Check: build (runtime-cuda-pytorch-ubi9-python-3.11, false) / build
• GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.11, false) / build
• GitHub Check: build (rocm-jupyter-tensorflow-ubi9-python-3.11, false) / build
• GitHub Check: build (jupyter-trustyai-ubi9-python-3.11, false) / build
• GitHub Check: build (rocm-jupyter-pytorch-ubi9-python-3.11, false) / build
• GitHub Check: validation-of-sw-versions-in-imagestreams
• GitHub Check: code-static-analysis

🔇 Additional comments (95)

runtimes/pytorch/ubi9-python-3.11/Pipfile (1)

30-30: Version bump approved.
Updating codeflare-sdk to ~=0.29.0 aligns with the PR objectives and is consistent with other environment upgrades.

runtimes/tensorflow/ubi9-python-3.11/requirements.txt (6)

377-379: Confirm uniform codeflare-sdk upgrade & integrity.
The dependency has been bumped to 0.29.0 with new SHA256 hashes. Verify this version bump is applied consistently across all Pipfiles and other requirements, and ensure the hashes match the published PyPI artifact.

---

505-507: Assess release candidate bump for defusedxml.
The upgrade to 0.8.0rc2 may carry unvetted changes. Ensure security fixes are validated and compatibility remains intact.

---

686-688: Review RC bump for google-api-core.
Pinning 2.25.1rc0 could introduce breaking changes; confirm integration tests cover new behavior or revert to the latest stable version.

---

1043-1050: Validate msgpack RC version and expanded hash list.
The dependency was updated to 1.1.1rc1 with multiple new hashes. Verify each SHA256 against the actual package and confirm if an RC is acceptable.

---

1377-1379: Verify dev release pin for opencensus-context.
Locking to 0.2.dev0 may introduce untested features. Ensure this dev release is required and covered by tests, or use the latest stable.

---

2199-2224: Approve stable ray[data,default] upgrade to 2.46.0.
The package bump to 2.46.0 with corresponding hashes is correct and aligns with upstream changes.

runtimes/rocm-tensorflow/ubi9-python-3.11/requirements.txt (7)

377-379: Upgrade codeflare-sdk to 0.29.0
Version bump and updated SHA256 checksums align with Pipfile.lock.

---

380-382: Upgrade colorful to 0.6.0a1
The new pre-release version and hashes match the lockfile.

---

505-507: Use defusedxml 0.8.0rc2
This switches to a release candidate—please verify that adopting an RC is intentional for this environment.

---

686-688: Use google-api-core 2.25.1rc0
This upgrade points to an RC build; confirm acceptance of a pre-release within your CI/CD pipeline.

---

1039-1043: Use msgpack 1.1.1rc1
Adopts a release candidate. Ensure downstream compatibility and readiness for this pre-release.

---

1324-1326: Use opencensus-context 0.2.dev0
Switched to a development snapshot—please validate its stability or consider pinning a stable release.

---

2070-2096: Upgrade ray to 2.46.0
Stable version bump with matching hashes. All good here.

jupyter/trustyai/ubi9-python-3.11/requirements.txt (13)

113-115: Approve addition of anyioutils==0.7.3
The new stable dependency looks appropriate.

---

425-427: Bump codeflare-sdk to 0.29.0
Ensure this version and its SHAs match across all environment files and in Pipfile.lock.

---

431-433: Confirm prerelease of colorful==0.6.0a1
This is an alpha release—verify that downstream notebooks or tooling support a prerelease.

---

246-248: Confirm prerelease of bokeh==3.8.0.dev2
A dev build is being pinned here; please ensure this is intentional and tested.

---

559-562: Confirm prerelease of defusedxml==0.8.0rc2
This release candidate should be validated for compatibility before rolling out.

---

798-800: Confirm prerelease of google-api-core==2.25.1rc0
Please ensure any breaking changes in the RC are acceptable for this environment.

---

930-932: Confirm prerelease of ipykernel==7.0.0a1
An alpha kernel version may affect notebook stability—verify testing.

---

1276-1280: Confirm prerelease of msgpack==1.1.1rc1
Pinning an RC; ensure compatibility with serialization in kernels.

---

2228-2230: Confirm prerelease of python-json-logger==4.0.0.dev0
A dev release is pinned—verify logging integrations handle any API changes.

---

1648-1650: Confirm prerelease of opencensus-context==0.2.dev0
This developer preview should be validated for telemetry workflows.

---

1654-1656: Approve addition of outcome==1.3.0.post0
The post-release version is stable and aligns with other environments.

---

2390-2403: Approve bump of ray[data,default] to 2.46.0
This is a standard version upgrade—ensure performance tests pass.

---

3295-3297: Approve addition of zmq-anyio==0.3.9
New stable dependency appears consistent with other environments.

runtimes/rocm-pytorch/ubi9-python-3.11/Pipfile (1)

32-32: Approve version bump for codeflare-sdk.

The update from ~=0.28.1 to ~=0.29.0 aligns with the PR objective and maintains consistency across all runtime environments.

runtimes/datascience/ubi9-python-3.11/Pipfile (1)

20-20: Approve version bump for codeflare-sdk.

Bumped from ~=0.28.1 to ~=0.29.0 in the datascience runtime Pipfile, matching other runtime updates.

manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml (1)

41-41: Approve manifest annotation update for Codeflare-SDK.

The 2025.1 tag now correctly references Codeflare-SDK version 0.29, in sync with the updated Pipfiles.

jupyter/pytorch/ubi9-python-3.11/Pipfile (1)

31-31: Approve codeflare-sdk version bump.

Consistently updated from ~=0.28.1 to ~=0.29.0 in the PyTorch notebook environment.

jupyter/datascience/ubi9-python-3.11/Pipfile (1)

21-21: Approve codeflare-sdk version bump.

Upgraded to ~=0.29.0 in the datascience notebook Pipfile, aligning with other notebook environments.

jupyter/rocm/tensorflow/ubi9-python-3.11/Pipfile (1)

28-28: Confirm codeflare-sdk version bump
Upgraded codeflare-sdk to ~=0.29.0 as intended.
Please regenerate and commit the corresponding Pipfile.lock to avoid version mismatches.

jupyter/tensorflow/ubi9-python-3.11/Pipfile (1)

28-28: Confirm codeflare-sdk version bump
Upgraded codeflare-sdk to ~=0.29.0 in the TensorFlow Pipfile.
Ensure you update the Pipfile.lock accordingly.

manifests/base/jupyter-datascience-notebook-imagestream.yaml (1)

39-39: Approve ImageStream annotation update
The Codeflare-SDK dependency in the 2025.1 tag has been correctly updated to version 0.29.
Please verify that all related ImageStream manifests (e.g., rocm-tensorflow, trustyai) have been similarly bumped.

manifests/base/jupyter-pytorch-notebook-imagestream.yaml (1)

44-44: Approve ImageStream annotation update
Codeflare-SDK version for the PyTorch notebook image 2025.1 tag is now 0.29.
Confirm consistency with the other notebook ImageStreams.

jupyter/rocm/pytorch/ubi9-python-3.11/Pipfile (1)

33-33: Confirm codeflare-sdk version bump
Bumped codeflare-sdk to ~=0.29.0 in the ROCm PyTorch Pipfile.
Don’t forget to lock your dependencies by updating Pipfile.lock.

manifests/base/jupyter-tensorflow-notebook-imagestream.yaml (1)

45-45: Check display version consistency for Codeflare-SDK
The Pipfile pins 0.29.0, but here the ImageStream annotation shows "0.29". Confirm whether dropping the patch level is intentional or if it should be "0.29.0" for clarity.

manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml (1)

41-41: Validate Codeflare-SDK version annotation
This manifest also lists "0.29"—please ensure it aligns with the exact package version (including patch) or document why it differs from the Pipfile.

manifests/base/jupyter-trustyai-notebook-imagestream.yaml (1)

44-44: Ensure manifest version matches pip dependency
The notebook image annotation uses "0.29" for Codeflare-SDK, whereas the Pipfile uses ~=0.29.0. Verify that the display version here correctly represents the installed package.

runtimes/rocm-pytorch/ubi9-python-3.11/requirements.txt (7)

375-377: codeflare-sdk upgraded to 0.29.0
This bump aligns with the PR objective. Confirm that the new SHA256 hashes are correct and that all other runtime and Pipfile.lock references have been updated to 0.29.0.

---

378-380: Pre-release colorful==0.6.0a1 introduced
An alpha release is now being installed. Verify that downstream code and notebooks are compatible with this pre-release and that it was intentionally selected.

---

503-505: defusedxml upgraded to 0.8.0rc2 with tightened Python constraint
A release candidate is used here, and the version constraint was tightened to ≥3.6. Ensure API stability and that no other environments depend on the excluded Python versions.

---

678-680: google-api-core bumped to 2.25.1rc0
This is a release candidate. Confirm that pre-release features are expected and that compatibility with Google Cloud services is maintained.

---

992-1008: msgpack pinned to 1.1.1rc1 with updated hashes
The hash list has grown significantly for this RC build. Validate that using a release candidate is intentional and does not introduce instability.

---

1299-1302: opencensus-context moved to dev release 0.2.dev0
A development version is now in use. Please confirm this aligns with project stability policies and downstream compatibility.

---

2049-2053: ray[data,default] upgraded to 2.46.0
The version bump matches other environments; ensure that any new features or deprecations in Ray 2.46.0 are tested in this ROCm runtime.

runtimes/pytorch/ubi9-python-3.11/requirements.txt (7)

375-377: Upgrade codeflare-sdk to 0.29.0
The version bump and SHA updates are applied correctly. Validate compatibility and check for any breaking changes introduced by v0.29.0.

---

378-380: Review pre-release colorful==0.6.0a1
Pinning an alpha release may introduce instability—confirm this is intentional and whether a stable 0.6.x is acceptable.

---

503-506: Tighten defusedxml to 0.8.0rc2
Upgraded to an RC version with a stricter Python constraint. Verify there are no regressions or security risks with this prerelease.

---

678-680: Bump google-api-core to 2.25.1rc0
This is a release candidate. Ensure all downstream clients remain compatible and that tests still pass.

---

992-1000: Expand hashes for msgpack==1.1.1rc1
Multi-hash listing is accurate, but the RC may not be stable. Confirm the decision to pin an RC.

---

1363-1365: Use dev release opencensus-context==0.2.dev0
Dev releases can introduce API changes. Validate that instrumentation and tracing remain correct.

---

2105-2131: Pin ray[data,default] to 2.46.0
The upgrade aligns with other environments. Run Ray integration tests to catch any breaking changes.

runtimes/datascience/ubi9-python-3.11/requirements.txt (3)

371-373: Updated codeflare-sdk version
Version bump to codeflare-sdk==0.29.0 is correct and the SHA256 hashes have been updated accordingly.

---

374-376: Pre-release dependency for colorful
Pinning to colorful==0.6.0a1 (alpha) may introduce instability; please confirm that using an alpha release is intended for this environment.

---

2031-2037: Ray version bump approved
Upgraded ray[data,default] to 2.46.0; the hashes are updated correctly.

jupyter/datascience/ubi9-python-3.11/requirements.txt (12)

109-111: Audit new dependency anyioutils==0.7.3
Confirm that anyioutils is actually used by this notebook image and that it’s required.

---

421-423: Upgrade codeflare-sdk to 0.29.0
Approved—this aligns with the PR objective. Please run a search across all requirements/Pipfile to ensure no stale version remains.

---

427-429: Pre-release colorful==0.6.0a1
An alpha release may not be production-stable. Confirm why this version is needed over the latest stable.

---

552-554: Pre-release defusedxml==0.8.0rc2
This is a release candidate and tightens the Python requirement. Validate that downstream consumers support it.

---

791-793: Pre-release google-api-core==2.25.1rc0
An RC may lack final bug-fixes; ensure no breaking changes for GCP interactions.

---

911-913: Pre-release ipykernel==7.0.0a1
Alpha releases of the kernel may not be fully compatible with Jupyter server/plugins. Confirm stability.

---

1223-1227: Pre-release msgpack==1.1.1rc1
RC versions can change APIs/performance characteristics. Verify serialization logic still works.

---

1545-1547: Dev release opencensus-context==0.2.dev0
A developer snapshot; ensure it’s intended and has no regressions.

---

1551-1553: Post-release outcome==1.3.0.post0
This is a post-release tag—check if any behavior changed between 1.3.0 and 1.3.0.post0.

---

2159-2161: Dev release python-json-logger==4.0.0.dev0
Developer builds may not be fully tested; confirm usage and stability.

---

2321-2326: Upgrade ray[data,default] to 2.46.0
Approved—consistent with other images. Please verify that configured worker images/supporting libraries align with this version.

---

3045-3047: Audit new dependency zmq-anyio==0.3.9
Confirm that zmq-anyio is required by the environment and used in the notebooks.

jupyter/rocm/tensorflow/ubi9-python-3.11/requirements.txt (12)

112-114: Add new dependency anyioutils==0.7.3
Entry is well-formed with correct Python marker and two hash lines for integrity.

---

248-250: Upgrade bokeh to 3.8.0.dev2
Formatting and hash updates look good; please verify that a dev/pre-release meets your stability requirements.

---

427-429: Bump codeflare-sdk to 0.29.0
Version and corresponding SHAs updated as expected per PR objective.

---

433-435: Upgrade colorful to 0.6.0a1
Pre-release bump is correctly applied with updated hashes.

---

558-560: Upgrade defusedxml to 0.8.0rc2
Dev-release bump looks correct, including updated Python version requirement.

---

803-805: Upgrade google-api-core to 2.25.1rc0
Pre-release version and hashes are properly updated; ensure compatibility with dependent clients.

---

933-935: Upgrade ipykernel to 7.0.0a1
Alpha release is intentional; confirm this aligns with your testing and stability expectations.

---

1280-1286: Upgrade msgpack to 1.1.1rc1 with expanded hashes
Hash list is comprehensive, and formatting is consistent.

---

1584-1586: Upgrade opencensus-context to 0.2.dev0
Dev-release bump correctly formatted with updated integrity hashes.

---

1592-1594: Upgrade outcome to 1.3.0.post0
Post-release bump includes proper marker and two hashes; looks good.

---

2200-2203: Upgrade python-json-logger to 4.0.0.dev0
Dev-release bump is formatted correctly; please verify logging tests cover any API changes.

---

3113-3115: Upgrade zmq-anyio to 0.3.9
New entry is properly added with Python marker and two hash lines.

jupyter/pytorch/ubi9-python-3.11/requirements.txt (2)

246-248: Confirm intentional use of pre-release versions
Multiple entries have been pinned to alpha/RC/dev releases (bokeh==3.8.0.dev2, colorful==0.6.0a1, defusedxml==0.8.0rc2, google-api-core==2.25.1rc0, ipykernel==7.0.0a1, msgpack==1.1.1rc1, python-json-logger==4.0.0.dev0). Ensure these pre-release versions are acceptable for your notebook workflows.

Also applies to: 431-433, 556-558, 795-797, 915-917, 1233-1239, 2233-2235

---

113-115: Review new utility dependencies
New packages anyioutils==0.7.3, outcome==1.3.0.post0, and zmq-anyio==0.3.9 have been added. Please confirm their necessity, compatibility, and update upstream documentation if needed.

Also applies to: 1625-1627, 3166-3168

jupyter/tensorflow/ubi9-python-3.11/requirements.txt (12)

112-114: Verify new anyioutils dependency and its Python constraint.
The addition of anyioutils==0.7.3; python_version >= '3.9' is intentional, but please confirm that this package is used in this environment and that the lower bound of 3.9 remains appropriate for Python 3.11.

---

248-250: Review use of pre-release bokeh version.
The upgrade to bokeh==3.8.0.dev2 pulls in a development build. Ensure this is needed for compatibility with other packages and that the stability trade-off is acceptable.

---

427-429: Approve codeflare-sdk bump to 0.29.0.
This aligns with the PR objective. The version and SHA256 hashes are updated correctly, and the Python constraint remains <4.0.

---

433-435: Validate inclusion of colorful alpha release.
The change adds colorful==0.6.0a1. Since it’s an alpha package, please confirm that this pre-release is required.

---

558-561: Check pre-release defusedxml usage.
Switching to defusedxml==0.8.0rc2 introduces a release candidate. Confirm if a stable release is available or if this RC is intentional.

---

929-932: Confirm ipykernel alpha version.
The bump to ipykernel==7.0.0a1 is an alpha release. Please verify that this is required for compatibility with JupyterLab 4 and that no stable 7.0.0 release is preferred.

---

1279-1294: Review msgpack release-candidate upgrade.
The update to msgpack==1.1.1rc1 brings in an RC. Ensure downstream consumers support this, or consider locking to a non-RC version if stability is a concern.

---

1333-1335: Validate opencensus-context dev release.
Adding opencensus-context==0.2.dev0 pulls a development build. Confirm if this aligns with the broader telemetry requirements or if a stable version exists.

---

1716-1718: Approve outcome post release.
Updating to outcome==1.3.0.post0 is a valid post-release bump. No further action required.

---

2324-2326: Check python-json-logger dev release.
The addition of python-json-logger==4.0.0.dev0 is a dev build. Please confirm that this pre-release is intentional for logging enhancements.

---

2487-2506: Approve ray[data,default] bump to 2.46.0.
The extras specification and version upgrade look correct. Hash entries match the release.

---

3250-3253: Validate zmq-anyio addition.
Introducing zmq-anyio==0.3.9 for Python >=3.9—please verify its usage in async ZMQ contexts and confirm the version constraint.

[atheo89]

Wow, super cool tool!

/lgtm

[coderabbitai]

Actionable comments posted: 10

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e98a63e and 245c70d.

⛔ Files ignored due to path filters (10)

• jupyter/datascience/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/pytorch/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/rocm/tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• jupyter/trustyai/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/datascience/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/pytorch/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/rocm-pytorch/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/rocm-tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock
• runtimes/tensorflow/ubi9-python-3.11/Pipfile.lock is excluded by !**/*.lock

📒 Files selected for processing (27)

• jupyter/datascience/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/datascience/ubi9-python-3.11/requirements.txt (11 hunks)
• jupyter/pytorch/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/pytorch/ubi9-python-3.11/requirements.txt (11 hunks)
• jupyter/rocm/pytorch/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/rocm/tensorflow/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/rocm/tensorflow/ubi9-python-3.11/requirements.txt (11 hunks)
• jupyter/tensorflow/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/tensorflow/ubi9-python-3.11/requirements.txt (12 hunks)
• jupyter/trustyai/ubi9-python-3.11/Pipfile (1 hunks)
• jupyter/trustyai/ubi9-python-3.11/requirements.txt (11 hunks)
• manifests/base/jupyter-datascience-notebook-imagestream.yaml (1 hunks)
• manifests/base/jupyter-pytorch-notebook-imagestream.yaml (1 hunks)
• manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml (1 hunks)
• manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml (1 hunks)
• manifests/base/jupyter-tensorflow-notebook-imagestream.yaml (1 hunks)
• manifests/base/jupyter-trustyai-notebook-imagestream.yaml (1 hunks)
• runtimes/datascience/ubi9-python-3.11/Pipfile (1 hunks)
• runtimes/datascience/ubi9-python-3.11/requirements.txt (6 hunks)
• runtimes/pytorch/ubi9-python-3.11/Pipfile (1 hunks)
• runtimes/pytorch/ubi9-python-3.11/requirements.txt (6 hunks)
• runtimes/rocm-pytorch/ubi9-python-3.11/Pipfile (1 hunks)
• runtimes/rocm-pytorch/ubi9-python-3.11/requirements.txt (6 hunks)
• runtimes/rocm-tensorflow/ubi9-python-3.11/Pipfile (1 hunks)
• runtimes/rocm-tensorflow/ubi9-python-3.11/requirements.txt (6 hunks)
• runtimes/tensorflow/ubi9-python-3.11/Pipfile (1 hunks)
• runtimes/tensorflow/ubi9-python-3.11/requirements.txt (6 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (5)

• GitHub Check: build (cuda-jupyter-pytorch-ubi9-python-3.11, false) / build
• GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.11, false) / build
• GitHub Check: build (rocm-jupyter-tensorflow-ubi9-python-3.11, false) / build
• GitHub Check: build (rocm-jupyter-pytorch-ubi9-python-3.11, false) / build
• GitHub Check: validation-of-sw-versions-in-imagestreams

🔇 Additional comments (110)

runtimes/rocm-pytorch/ubi9-python-3.11/Pipfile (1)

32-32: Version bump to codeflare-sdk v0.29.0 is correct
This aligns with the PR objective to update codeflare-sdk to v0.29.0.
Please remember to regenerate and commit the corresponding Pipfile.lock (e.g., via pipenv lock) so that the lock file reflects this new version.

runtimes/datascience/ubi9-python-3.11/requirements.txt (7)

371-373: Upgrade codeflare-sdk to 0.29.0
Version bump aligns with PR objectives; hashes updated accordingly.

---

374-376: Confirm pre-release usage of colorful 0.6.0a1
This upgrade is an alpha release (0.6.0a1). Please verify that a pre-release package is intended and supported in CI/CD.

---

499-501: Verify defusedxml 0.8.0rc2 release candidate
The dependency was upgraded to an RC2 version. Ensure using a release candidate is acceptable for this environment.

---

674-676: Check google-api-core 2.25.1rc0 pre-release
This update pins a release candidate (rc0). Please confirm compatibility and stability of this pre-release.

---

982-1009: Review msgpack 1.1.1rc1 hashes for pre-release
The version bump to 1.1.1rc1 brings many updated hashes. Confirm that a release candidate is intended and that all hashes were regenerated by the sync script.

---

1287-1289: Validate opencensus-context 0.2.dev0 dev release
The package is pinned to a development version (0.2.dev0). Ensure this dev release is required and compatible across environments.

---

2054-2056: Upgrade ray[data,default] to 2.46.0
Consistent with other runtime requirement files; hashes updated correctly.

runtimes/tensorflow/ubi9-python-3.11/requirements.txt (7)

377-379: Approve version bump for codeflare-sdk.

The codeflare-sdk has been correctly updated to 0.29.0 with matching hashes, aligning with the PR objective for v0.29.0.

---

380-382: Verify prerelease of colorful package.

The update pins colorful to 0.6.0a1 (alpha). Ensure this prerelease is intended and tested for stability in your environments.

---

505-507: Confirm RC2 usage for defusedxml.

defusedxml is bumped to 0.8.0rc2 (release candidate). Validate that this prerelease is compatible and won’t introduce regressions.

---

686-688: Confirm RC0 usage for google-api-core.

The pinned google-api-core==2.25.1rc0 is a prerelease. Verify compatibility, or consider a stable release for production readiness.

---

1043-1047: Confirm RC1 usage for msgpack.

msgpack is updated to 1.1.1rc1. Please confirm this prerelease has been vetted and does not break existing serialization logic.

---

1377-1379: Confirm dev version for opencensus-context.

opencensus-context is set to 0.2.dev0. Ensure this development release is intentional and compatible with your observability tooling.

---

2199-2223: Approve ray[data,default] upgrade.

The ray[data,default] dependency is correctly bumped to 2.46.0 with updated hashes, consistent with other runtime environments.

runtimes/tensorflow/ubi9-python-3.11/Pipfile (1)

27-27:

❓ Verification inconclusive

Bump codeflare-sdk to 0.29.0 – regenerate and commit lock file.

After updating the constraint in the Pipfile, please run pipenv lock and commit the resulting Pipfile.lock to keep the lockfile in sync. Also verify that all other Pipfile definitions have been consistently bumped to 0.29.0.

---

🏁 Script executed:

#!/bin/bash
# 1. Check all Pipfiles for the updated codeflare-sdk version
rg -H "codeflare-sdk" -n '**/Pipfile'

# 2. Regenerate this environment’s lock file
cd runtimes/tensorflow/ubi9-python-3.11
pipenv lock

Length of output: 241

---

🏁 Script executed:

#!/bin/bash
# 1. Locate any Pipfile in the repository
find . -type f -name 'Pipfile'

# 2. Search for occurrences of codeflare-sdk in any file
rg -H "codeflare-sdk" -n

Length of output: 3976

---

Ensure codeflare-sdk lockfiles are regenerated after the 0.29.0 bump

All Pipfile constraints across the repo have been updated to ~=0.29.0. Please regenerate and commit the corresponding Pipfile.lock in each of these environments to keep them in sync:

• jupyter/trustyai/ubi9-python-3.11
• jupyter/tensorflow/ubi9-python-3.11
• jupyter/rocm/tensorflow/ubi9-python-3.11
• jupyter/pytorch/ubi9-python-3.11
• jupyter/rocm/pytorch/ubi9-python-3.11
• jupyter/datascience/ubi9-python-3.11
• runtimes/tensorflow/ubi9-python-3.11
• runtimes/rocm-tensorflow/ubi9-python-3.11
• runtimes/pytorch/ubi9-python-3.11
• runtimes/rocm-pytorch/ubi9-python-3.11
• runtimes/datascience/ubi9-python-3.11

Additionally, update any hard-pinned references in requirements.txt (e.g. jupyter/rocm/pytorch/.../requirements.txt currently lists codeflare-sdk==0.28.1) to ==0.29.0.

runtimes/rocm-tensorflow/ubi9-python-3.11/requirements.txt (7)

377-379: Bump codeflare-sdk to 0.29.0 as per PR objectives.
This aligns with the stated goal of upgrading codeflare-sdk. Ensure the SHA256 hashes here match those in the corresponding Pipfile.lock and that downstream environments are updated to use v0.29.0.

---

380-382: Pre-release colorful version pinned.
The update to colorful==0.6.0a1 is an alpha release. Please confirm that including a pre-release package in this environment is intentional and acceptable for stability.

---

505-507: Pre-release defusedxml pin.
Switching to defusedxml==0.8.0rc2 introduces a release candidate. Verify that this prerelease was chosen deliberately and won’t introduce regressions.

---

686-688: Pre-release google-api-core bump.
The new version 2.25.1rc0 is a release candidate. Ensure this prerelease is approved for your runtime and does not break existing Google API client integrations.

---

1039-1045: Pre-release msgpack version.
Pinned to msgpack==1.1.1rc1, which is a release candidate. Please confirm that this prerelease package is intended and stable for your serialization use cases.

---

1324-1326: Development release for opencensus-context.
Using opencensus-context==0.2.dev0 pulls a dev build. Validate whether a development artifact is acceptable here or if a stable release should be used instead.

---

2072-2096: Bump ray[data,default] to 2.46.0.
Upgrading to the stable release 2.46.0 looks good. Confirm updated hashes match the lockfile and that any new features or breaking changes in Ray v2.46.0 are compatible with your workloads.

runtimes/rocm-tensorflow/ubi9-python-3.11/Pipfile (1)

27-27: Codeflare-sdk version bump to 0.29.0 is correct.
This aligns with the other runtime and Jupyter Pipfiles. Don’t forget to regenerate Pipfile.lock and verify the installation resolves without conflicts.

runtimes/pytorch/ubi9-python-3.11/requirements.txt (7)

375-377: Bump codeflare-sdk to v0.29.0
Version and hashes updated to match the v0.29.0 release as intended.

---

378-380: Pre-release upgrade for colorful
This pins an alpha release (0.6.0a1). Please confirm that using a pre-release version here is acceptable.

---

503-505: Pre-release upgrade for defusedxml
Switching to 0.8.0rc2 (release candidate) may introduce instability. Verify this bump is intentional or consider pinning a stable release.

---

678-680: Pre-release upgrade for google-api-core
Using 2.25.1rc0 (RC) in this environment—please confirm that a release candidate is desired, or revert to the latest stable version.

---

992-1000: Pre-release upgrade for msgpack
The dependency is bumped to 1.1.1rc1 (RC). Please verify that RC usage is intentional or prefer a final release for production stability.

---

1363-1365: Pre-release upgrade for opencensus-context
This is set to 0.2.dev0 (development release). Confirm that a dev build is required here, or switch to the latest stable.

---

2106-2130: Bump Ray to v2.46.0
Ray dependency updated correctly; version constraint remains appropriate.

runtimes/pytorch/ubi9-python-3.11/Pipfile (1)

30-30: Confirm consistent version bump for codeflare-sdk.

The update to codeflare-sdk = "~=0.29.0" correctly pins the new release. Ensure this matches all other Pipfiles and lockfiles in the PR to prevent mixed versions.

jupyter/rocm/tensorflow/ubi9-python-3.11/requirements.txt (12)

112-114: Add anyioutils==0.7.3 for Python ≥3.9.
This new utility is introduced—please confirm its usage in this environment and ensure it’s added consistently across all synced requirement files.

---

248-250: Upgrade bokeh to 3.8.0.dev2 (pre-release).
Locking to a dev build can introduce instability. Verify that downstream notebooks and CI tests support this pre-release version or consider targeting a stable release.

---

427-429: Bump codeflare-sdk to 0.29.0.
This aligns with PR RHOAIENG-26702 and the summary objective to update the SDK version and its SHAs.

---

433-435: Upgrade colorful to 0.6.0a1 (alpha).
This is an alpha release—ensure compatibility and that any APIs consumed haven’t changed.

---

558-560: Upgrade defusedxml to 0.8.0rc2 (release candidate).
Verify there are no regressions and that tightened Python constraints remain valid.

---

803-805: Upgrade google-api-core to 2.25.1rc0 (RC).
Pre-release builds may alter behavior; please run integration tests against GCP clients to confirm no breakage.

---

933-935: Upgrade ipykernel to 7.0.0a1 (alpha).
Alpha kernels can introduce API changes—validate Jupyter runtime and notebook compatibility.

---

1280-1286: Upgrade msgpack to 1.1.1rc1 (RC) with expanded hashes.
Review any serialization changes and confirm all hash entries match upstream lockfile.

---

1592-1594: Add outcome==1.3.0.post0.
Ensure anyio and related async libs consume this version correctly across all environments.

---

2200-2202: Upgrade python-json-logger to 4.0.0.dev0 (dev).
A dev build—validate formatting and ensure logging integrations remain stable.

---

2363-2371: Upgrade ray[data,default] to 2.46.0.
This is a stable release; confirm cluster and notebook examples run without API changes.

---

3113-3115: Add zmq-anyio==0.3.9 for Python ≥3.9.
New transport integration—verify ZeroMQ interoperability and update any relevant docs or tests.

runtimes/datascience/ubi9-python-3.11/Pipfile (2)

20-20: Approve version bump of Codeflare-SDK
The update from ~=0.28.1 to ~=0.29.0 aligns with the PR objectives and matches other environments.

---

20-20: Regenerate Pipfile.lock
Ensure you run pipenv lock (or equivalent) and commit the updated Pipfile.lock so installs remain reproducible.

manifests/base/jupyter-trustyai-notebook-imagestream.yaml (1)

44-44: Approve ImageStream annotation bump
The Codeflare-SDK version in the 2025.1 tag has been updated from 0.28 to 0.29, consistent with the dependency updates.

jupyter/pytorch/ubi9-python-3.11/Pipfile (2)

31-31: Approve version bump of Codeflare-SDK
Version constraint ~=0.29.0 is correctly aligned with the rest of the project.

---

31-31: Regenerate Pipfile.lock
Don’t forget to update and commit the corresponding lockfile after bumping this Pipfile.

manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml (1)

41-41: Approve ImageStream annotation bump
Updated Codeflare-SDK version to 0.29 in the 2025.1 tag, in line with other manifests.

jupyter/tensorflow/ubi9-python-3.11/Pipfile (2)

28-28: Approve version bump of Codeflare-SDK
Changing to ~=0.29.0 is consistent across all Jupyter environments in this PR.

---

28-28: Regenerate Pipfile.lock
Please update and commit the Pipfile.lock to lock in this new SDK version.

jupyter/rocm/tensorflow/ubi9-python-3.11/Pipfile (1)

28-28: Upgrade codeflare-sdk to 0.29.0
Version bump aligns with the PR objective and ensures consistency across Jupyter ROCm-TensorFlow environments.

jupyter/rocm/pytorch/ubi9-python-3.11/Pipfile (1)

33-33: Upgrade codeflare-sdk to 0.29.0
This change keeps the PyTorch Pipfile in sync with other environment updates.

manifests/base/jupyter-pytorch-notebook-imagestream.yaml (1)

44-44: Update Codeflare-SDK version in ImageStream tag
The “2025.1” tag now correctly reflects the bumped SDK to 0.29, matching the Pipfile updates.

jupyter/datascience/ubi9-python-3.11/Pipfile (1)

21-21: Upgrade codeflare-sdk to 0.29.0
Bumped to match the coordinated versions across all datascience environments.

jupyter/trustyai/ubi9-python-3.11/Pipfile (1)

36-36: Upgrade codeflare-sdk to 0.29.0
Ensures the TrustyAI environment aligns with the new SDK release.

manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml (1)

41-41:

❓ Verification inconclusive

Bump Codeflare-SDK to 0.29
ROCm-TensorFlow image now uses the v0.29.0 SDK as intended.

Confirm consistency with:

---

🏁 Script executed:

#!/bin/bash
rg -R 'Codeflare-SDK' -n manifests/base

Length of output: 444

---

🏁 Script executed:

#!/bin/bash
# Correctly search for Codeflare-SDK entries in manifests/base
rg -n 'Codeflare-SDK' manifests/base

Length of output: 1494

---

Bump Codeflare-SDK to v0.29 in ROCm-TensorFlow imagestream
The primary notebook tag has been updated to use SDK v0.29.0 (manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml:41), while the legacy tag at line 78 remains at v0.24.0. Please confirm this split is intentional and consistent with the other notebook imagestream definitions.

• manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml
– line 41: {"name": "Codeflare-SDK", "version": "0.29"}
– line 78: {"name": "Codeflare-SDK", "version": "0.24"}

runtimes/rocm-pytorch/ubi9-python-3.11/requirements.txt (7)

375-377: Confirm codeflare-sdk version bump to 0.29.0.
Ensure that PyPI has the 0.29.0 release and that the SHA256 hashes match the published package. This aligns with the PR objective of synchronizing the SDK across environments.

---

378-380: Pre-release colorful pinned as 0.6.0a1.
You’ve selected an alpha build; please verify if production environments can accommodate a pre-release and if stability tests cover this version.

---

503-505: defusedxml upgraded to release candidate 0.8.0rc2.
This also relaxes the Python constraint to >= '3.6'. Confirm that downstream code and security audits are compatible with this RC.

---

678-680: google-api-core bumped to 2.25.1rc0.
This is an RC release—please confirm it was intentional and that client code has been validated against this version.

---

992-1006: msgpack updated to 1.1.1rc1 with expanded hash set.
Pinning a release candidate plus numerous integrity checks—ensure compatibility with all consumers and validate if such strict hashing is required.

---

1299-1301: opencensus-context switched to dev version 0.2.dev0.
Using a dev build could impact stability; verify that tests cover the new API surface and that this bump is a dependency of the updated SDK.

---

2049-2073: ray[data,default] extras updated to 2.46.0.
Make sure this matches other runtime and notebook requirements, and confirm that the specified extras (data, default) are necessary and tested.

jupyter/datascience/ubi9-python-3.11/requirements.txt (5)

109-111: Approve addition of anyioutils
The new anyioutils==0.7.3 dependency for Python >=3.9 is appropriate and matches other environment variants.

---

421-423: Approve Codeflare SDK version bump
Dependency upgraded to codeflare-sdk==0.29.0 as intended. Ensure all sync-scripts and image manifests reflect this change.

---

1551-1553: Approve stable post-release of outcome
outcome==1.3.0.post0 is a maintenance update and safe to include.

---

2323-2327: Approve Ray dependency bump
Upgrading to ray[data,default]==2.46.0 aligns with your data/compute requirements.

---

3045-3047: Approve addition of zmq-anyio
Introducing zmq-anyio==0.3.9 brings async ZMQ support for Python >=3.9—this looks correct.

jupyter/pytorch/ubi9-python-3.11/requirements.txt (12)

113-115: Review Addition of anyioutils

Ensure this new dependency aligns with other Jupyter environment requirements and that its Python version constraint (>= '3.9') matches intended support.

---

246-248: Confirm Dev Version of bokeh

Version 3.8.0.dev2 is a pre-release. Verify that using a dev build here is intentional and won't introduce instability.

---

425-427: Verify codeflare-sdk Version and SHA Integrity

Confirm that version 0.29.0 and the updated SHA256 hashes match the published release on PyPI.

---

431-433: Review Pre-Release colorful Package

0.6.0a1 is an alpha release. Ensure this aligns with stability requirements.

---

556-558: Review Release Candidate defusedxml

0.8.0rc2 is an RC. Confirm necessity and risk.

---

1619-1621: Review Development Version opencensus-context

Using 0.2.dev0 (development) may be unstable. Validate if a stable release is available.

---

1625-1627: Approve Addition of outcome

The post-release version 1.3.0.post0 for Python ≥3.7 is a standard release and aligns with other environment constraints.

---

795-797: Review Release Candidate google-api-core

2.25.1rc0 is a release candidate. Ensure this is intentional and compatible with downstream libraries.

---

915-917: Review Alpha Version ipykernel

7.0.0a1 is an alpha release. Confirm compatibility with the notebook runtime.

---

2233-2235: Review Developer Version python-json-logger

4.0.0.dev0 is a development build. Verify if a stable release should be used instead.

---

2396-2400: Approve ray[data,default] Update

Bumping to stable 2.46.0 for Python ≥3.9 is expected and consistent across environments.

---

3166-3168: Approve zmq-anyio Update

Updating to stable 0.3.9 for Python ≥3.9 aligns with other requirements.

jupyter/trustyai/ubi9-python-3.11/requirements.txt (15)

113-115: Add anyioutils 0.7.3 for Python 3.9+
This new utility is consistent with other environments—ensure downstream notebooks import it correctly.

---

1655-1656: Include outcome 1.3.0.post0 dependency
Verify that any async workflows relying on outcome remain stable.

---

3295-3296: Add zmq-anyio 0.3.9 for Python 3.9+
Confirm compatibility with existing anyio and pyzmq versions.

---

246-248: Bump bokeh to 3.8.0.dev2
This is a dev release—run notebook UI validation to catch any rendering regressions.

---

431-433: Upgrade colorful to 0.6.0a1
An alpha release—ensure notebook visuals depending on colorful still function as expected.

---

559-562: Bump defusedxml to 0.8.0rc2
A release candidate—re-run any XML parsing security tests to confirm patched behavior.

---

798-800: Update google-api-core to 2.25.1rc0
Pre-release version—validate against other Google Cloud libs for version skew issues.

---

921-923: Upgrade huggingface-hub to 0.33.0
Matches transformers dependency; verify model downloads still succeed in notebooks.

---

930-932: Upgrade ipykernel to 7.0.0a1
Alpha kernel version—run a basic notebook startup and execution smoke test.

---

1276-1280: Bump msgpack to 1.1.1rc1
Release candidate—confirm message serialization/deserialization works unchanged.

---

1648-1650: Upgrade opencensus-context to 0.2.dev0
Dev version—verify trace context propagation in existing telemetry setups.

---

2228-2230: Bump python-json-logger to 4.0.0.dev0
Dev release for logging—test log formatting in scheduled tasks.

---

2391-2400: Upgrade ray[data,default] to 2.46.0
Ensure Ray cluster orchestration notebooks still launch correctly with the new runtime.

---

906-914: Add hf-xet 1.1.4rc2
Release candidate—confirm that any HF XLA tooling notebooks remain functional.

---

425-427:

✅ Verification successful

Upgrade codeflare-sdk to 0.29.0
Version constraint aligns with the PR objective. Please verify SHA integrity and no breaking changes:

---

🏁 Script executed:

pip download codeflare-sdk==0.29.0 --no-deps && sha256sum codeflare-sdk-0.29.0.tar.gz

Length of output: 446

---

🏁 Script executed:

#!/bin/bash
# Clean up any previously downloaded artifacts
rm -f codeflare_sdk-0.29.0*

# Download both wheel and source distribution
pip download codeflare-sdk==0.29.0 --no-deps
pip download codeflare-sdk==0.29.0 --no-deps --no-binary=:all:

# Compute SHA256 checksums using Python
python - << 'EOF'
import hashlib, glob
for filename in sorted(glob.glob('codeflare_sdk-0.29.0*')):
    with open(filename, 'rb') as f:
        digest = hashlib.sha256(f.read()).hexdigest()
    print(f"{filename}: {digest}")
EOF

Length of output: 2265

---

🏁 Script executed:

#!/bin/bash
# Download the source distribution tarball directly from PyPI
URL="https://files.pythonhosted.org/packages/a6/37/8262cadc7d5235f376aa452e8503bd2d24d454a8319139ccc2e6f675cfc5/codeflare_sdk-0.29.0.tar.gz"
curl -sSL "$URL" -o codeflare_sdk-0.29.0.tar.gz

# Compute SHA256 checksum using Python
python - << 'EOF'
import hashlib
filename = 'codeflare_sdk-0.29.0.tar.gz'
with open(filename, 'rb') as f:
    digest = hashlib.sha256(f.read()).hexdigest()
print(f"{filename}: {digest}")
EOF

Length of output: 423

---

Verified codeflare-sdk-0.29.0 SHA256 hashes
Both the wheel and source hashes match the entries in requirements.txt exactly:

• codeflare_sdk-0.29.0-py3-none-any.whl: a8fac9a83bac1511dcf060d253eac31d161c9e371f472cb24987ff94b8aec366
• codeflare_sdk-0.29.0.tar.gz: c196018f2c71b796ede2c0a1046aedd42ee4b53fb4ceeb88ecaaa5dfdc900eab

No integrity issues detected—ready to merge.

jupyter/tensorflow/ubi9-python-3.11/requirements.txt (13)

112-114: Approve addition of anyioutils.
The new anyioutils==0.7.3 entry with a matching Python >=3.9 constraint and valid hashes aligns with the environment.

---

1716-1718: Approve addition of outcome.
The outcome==1.3.0.post0 dependency is correctly scoped to Python >=3.7 and includes valid hashes.

---

3251-3253: Approve addition of zmq-anyio.
The zmq-anyio==0.3.9 entry is properly constrained to Python >=3.9 with matching SHA hashes.

---

427-429: Verify bump of codeflare-sdk to 0.29.0.
Please confirm that the updated version 0.29.0 and its SHA256 sums are correct and that all downstream environments have been synced accordingly.

---

248-250: Confirm pre-release Bokeh version.
bokeh==3.8.0.dev2 is a development release. Ensure this is intentional for stability and compatibility in your notebooks.

---

433-435: Confirm pre-release colorful version.
colorful==0.6.0a1 is an alpha build. Please verify you want a pre-release here.

---

558-560: Confirm pre-release defusedxml version.
defusedxml==0.8.0rc2 is a release candidate. Validate that downstream code supports this pre-release.

---

803-805: Confirm pre-release google-api-core version.
google-api-core==2.25.1rc0 is an RC. Ensure this upgrade is tested for breaking changes.

---

930-932: Confirm alpha ipykernel upgrade.
ipykernel==7.0.0a1 is an alpha release. Double-check notebook compatibility.

---

1281-1287: Confirm rc msgpack version.
msgpack==1.1.1rc1 is a release candidate. Please verify compatibility with existing serialization code.

---

1633-1635: Confirm dev opencensus-context version.
opencensus-context==0.2.dev0 is a development snapshot. Ensure this is the intended build.

---

2324-2326: Confirm dev python-json-logger version.
python-json-logger==4.0.0.dev0 is a development release; verify that your logging integration handles it.

---

2487-2491: Approve upgrade of ray[data,default].
Pinning ray[data,default]==2.46.0 aligns with the rest of the Jupyter environments and includes valid hashes.

[kryanbeane]

/hold

missing some updates because the update_library_version.sh script doesn't find all of the Pipfile.lock files

[openshift-ci]

New changes are detected. LGTM label has been removed.

[kryanbeane]

I sympathize. I always assumed we're on the cusp of switching to dependabot/renovate that would make these updates unnecessary. But it's never happening...

@jiridanek I did hear of that. That'd be sweet if it was implemented. I got it going by running a variation of the below command, and it doesn't take too long when using that python 3.11 image for the container. Even if we just point people towards using a variation of docker run would be good! Doesn't need to be super detailed or anything. Hopefully I've addressed all the comments in here anyway, ty for the feedback

docker run --rm --platform linux/amd64 \
 -v "$(pwd):/app" \
 -w "/app" \
 -e "LANG=C.UTF-8" \
 --user 0 \
 registry.access.redhat.com/ubi9/python-311:latest \
 /bin/bash -c "set -euxo pipefail && \
               dnf install -y jq && \
               pip install pipenv && \
               ./scripts/update_library_version.sh . '[{\"name\":\"codeflare-sdk\",\"version\":\"0.29.0\"}]' '' '' true"

[jiridanek]

Whoa, segfault(?) in https://github.com/opendatahub-io/notebooks/actions/runs/15630138570/job/44032358014?pr=1154#step:24:5163

let's try rerun

[kryanbeane]

/retest

[openshift-ci]

@kryanbeane: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/rocm-runtimes-ubi9-e2e-tests	e9cd14f	link	true	/test rocm-runtimes-ubi9-e2e-tests
ci/prow/runtimes-ubi9-e2e-tests	e9cd14f	link	true	/test runtimes-ubi9-e2e-tests

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[jiridanek]

Error: stat runtimes/rocm/pytorch/ubi9-python-3.11/kustomize/base/kustomization.yaml: no such file or directory
make: *** [Makefile:226: deploy9-runtimes-rocm-pytorch-ubi9-python-3.11] Error 1
{"component":"entrypoint","error":"wrapped process failed: exit status 2","file":"sigs.k8s.io/prow/pkg/entrypoint/run.go:84","func":"sigs.k8s.io/prow/pkg/entrypoint.Options.internalRun","level":"error","msg":"Error executing test process","severity":"error","time":"2025-06-13T16:02:05Z"}
error: failed to execute wrapped command: exit status 2

in https://prow.ci.openshift.org/view/gs/test-platform-results/pr-logs/pull/opendatahub-io_notebooks/1154/pull-ci-opendatahub-io-notebooks-main-rocm-runtimes-ubi9-e2e-tests/1933525001269415936

is known issue, something that @andyatmiami intended to fix in

• fix(makefile): standardized image targets #1015

aaa, I remembered, we assumed the issue will be fixed in no time, so we closed the jira for it; reopening https://issues.redhat.com/browse/RHOAIENG-22044 now

[jiridanek]

Then we have

+ bin/kubectl apply -k runtimes/pytorch/ubi9-python-3.11/kustomize/base
Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "runtime" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "runtime" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "runtime" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "runtime" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
pod/runtime-pod created

in https://prow.ci.openshift.org/view/gs/test-platform-results/pr-logs/pull/opendatahub-io_notebooks/1154/pull-ci-opendatahub-io-notebooks-main-runtimes-ubi9-e2e-tests/1933525013588086784#1:build-log.txt%3A235

I don't think I ever saw this, but it looks like the test deployment yaml is out of whack; it's probably working on github actions just fine because there we don't have scc, as it is not openshift but upstream kubernetes there

[jiridanek]

Then

ERRO[2025-06-13T15:48:15Z] Some steps failed:                           
ERRO[2025-06-13T15:48:15Z] 
  * could not run steps: step [release:latest] failed: release "release-images-latest" failed: could not watch pod: the pod ci-op-3ys71xk8/release-images-latest failed after 5s (failed containers: ): ContainerFailed one or more containers exited 

obvious openshift ci infra issue in https://prow.ci.openshift.org/view/gs/test-platform-results/pr-logs/pull/opendatahub-io_notebooks/1154/pull-ci-opendatahub-io-notebooks-main-notebooks-ubi9-e2e-tests/1933524946642800640#1:build-log.txt%3A112

edit: it is now actually running in a rerun, https://prow.ci.openshift.org/view/gs/test-platform-results/pr-logs/pull/opendatahub-io_notebooks/1154/pull-ci-opendatahub-io-notebooks-main-notebooks-ubi9-e2e-tests/1933570768906489856

[jiridanek]

The previously failed runs, looks like somebody has slayed our pods

INFO[2025-06-13T13:56:47Z] Tagging codeserver-ubi9-python-3.11 into stable 
{"component":"entrypoint","file":"sigs.k8s.io/prow/pkg/entrypoint/run.go:173","func":"sigs.k8s.io/prow/pkg/entrypoint.Options.ExecuteProcess","level":"error","msg":"Entrypoint received interrupt: terminated","severity":"error","time":"2025-06-13T14:01:01Z"}
INFO[2025-06-13T14:01:01Z] Received signal.                              signal=interrupt

• https://prow.ci.openshift.org/view/gs/test-platform-results/pr-logs/pull/opendatahub-io_notebooks/1154/pull-ci-opendatahub-io-notebooks-main-rocm-runtimes-ubi9-e2e-tests/1933516966065082368
• https://prow.ci.openshift.org/view/gs/test-platform-results/pr-logs/pull/opendatahub-io_notebooks/1154/pull-ci-opendatahub-io-notebooks-main-runtimes-ubi9-e2e-tests/1933516967717638144

[jiridanek]

the two remaining failing jobs are bugs on our side

/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: chipspeak, jiridanek, pawelpaszki

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [jiridanek]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[jiridanek]

@coderabbitai remember the test failures diagnosis comments from me on this PR

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

@jiridanek I've captured your detailed test failure diagnoses from this PR for future reference. These insights about the various CI issues will be helpful for troubleshooting similar failures.

---

✏️ Learnings added

Learnt from: jiridanek
URL: https://github.com/opendatahub-io/notebooks/pull/1154

Timestamp: 2025-06-16T11:32:09.179Z
Learning: In the opendatahub-io/notebooks repository, there is a known issue with missing `runtimes/rocm/pytorch/ubi9-python-3.11/kustomize/base/kustomization.yaml` file that causes rocm runtime tests to fail with "no such file or directory" error. This is tracked in JIRA RHOAIENG-22044 and was intended to be fixed in PR #1015.

---

Learnt from: jiridanek
URL: https://github.com/opendatahub-io/notebooks/pull/1154

Timestamp: 2025-06-16T11:32:09.179Z
Learning: Runtime deployment tests in opendatahub-io/notebooks may show PodSecurity warnings about allowPrivilegeEscalation, capabilities, runAsNonRoot, and seccompProfile settings. These warnings occur on OpenShift but not on GitHub Actions because GitHub Actions uses upstream Kubernetes without SecurityContextConstraints (SCC).

---

Learnt from: jiridanek
URL: https://github.com/opendatahub-io/notebooks/pull/1154

Timestamp: 2025-06-16T11:32:09.179Z
Learning: OpenShift CI infrastructure issues in opendatahub-io/notebooks can manifest as "ContainerFailed one or more containers exited" errors in release steps, or as "Entrypoint received interrupt: terminated" messages when pods are killed during CI runs. These are typically infrastructure-level issues rather than code problems.

---

Learnt from: jiridanek
URL: https://github.com/opendatahub-io/notebooks/pull/1154

Timestamp: 2025-06-16T11:32:09.179Z
Learning: Test failures in opendatahub-io/notebooks should be categorized as either repository bugs (code/configuration issues) or infrastructure issues (CI platform problems) for proper diagnosis and resolution.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.