maximize use of the RHOAI index

[syedriko]

Description

maximize use of the RHOAI index

Type of change

• Refactor
• New feature
• Bug fix
• CVE fix
• Optimization
• Documentation Update
• Configuration Update
• Bump-up service version
• Bump-up dependent library
• Bump-up library or tool used for development (does not change the final image)
• CI configuration change
• Konflux configuration change
• Unit tests improvement
• Integration tests improvement
• End to end tests improvement

Tools used to create PR

Identify any AI code assistants used in this PR (for transparency and review context)

• Assisted-by: (e.g., Claude, CodeRabbit, Ollama, etc., N/A if not used)
• Generated by: (e.g., tool name and version; N/A if not used)

Related Tickets & Documents

• Related Issue #
• Closes #

Checklist before requesting a review

• I have performed a self-review of my code.
• PR has passed all pre-merge test jobs.
• If it is a core feature, I have added thorough tests.

Testing

• Please provide detailed steps to perform tests related to this code change.
• How were the fix/results from this change verified? Please provide relevant screenshots or results.

Summary by CodeRabbit

Release Notes

• Chores
  • Updated and refreshed application build dependencies
  • Enhanced build pipeline configurations with improved package management
  • Updated dependency versions for better system stability

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: b96a58a3-a56f-4bf5-9c74-c8755d18623b

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

Walkthrough

The changes update Python dependencies across configuration, lock, and script files, replacing a package set (removing aiohttp, cryptography, scipy; adding fastapi, opentelemetry-*, sqlalchemy, etc.). The dependency resolution process shifts from RHOAI 3.2 to 3.3, employs unsafe-first-match index strategy, and generates updated lock files and Tekton pipeline configurations accordingly.

Changes

Cohort / File(s)	Summary
Tekton Pipeline Configurations .tekton/rag-tool-pull-request.yaml, .tekton/rag-tool-push.yaml	Updated pip binary package lists in prefetch steps, replacing prior dependencies with new set including accelerate, fastapi, opentelemetry, sqlalchemy, tree-sitter variants, and removing aiohttp, cryptography, scipy, etc.
Build Requirements Lock requirements-build.txt	Regenerated lock file with new build toolchain (meson, scikit-build-core, beniget, gast, pybind11, pythran) and compiled stack (numpy==2.4.4), while removing setuptools-scm, pdm-backend, and related legacy entries.
Wheel Hash Lock Files requirements.hashes.wheel.pypi.txt, requirements.hashes.wheel.txt	Updated hash pins and versions for wheels; added faiss-cpu in PyPI lock; regenerated full wheel lock with RHOAI 3.3 index shift, resulting in broad dependency version updates and hash regeneration.
Dependency Overrides requirements.overrides.txt	Removed override pins for transformers, tokenizers, scipy, numpy, aiohttp, torch, torchvision, faiss-cpu, and others; added single pin for nltk==3.9.2; updated header comments to reflect RHOAI 3.3 targeting.
Dependency Resolution Script scripts/konflux_requirements.sh	Updated RHOAI index URL from 3.2 to 3.3; added uv run step to generate requirements.overrides.txt; changed index strategy from unsafe-best-match to unsafe-first-match; added repository root directory resolution.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'maximize use of the RHOAI index' directly reflects the core objective of this pull request. The changeset updates dependency resolution to prioritize the RHOAI index (version 3.3) across multiple configuration files and scripts, which is exactly what the title conveys.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

.tekton/rag-tool-pull-request.yaml (1)

62-66: ⚠️ Potential issue | 🟡 Minor

Duplicate package name tree-sitter-typescript in binary packages list.

The package tree-sitter-typescript appears twice in the list - once in the main wheel packages and again at the end from PYPI_WHEELS. This occurs because the package is present in both the RHOAI wheel list and the PYPI_WHEELS constant.

While this duplication won't break the build, it adds unnecessary noise. Consider deduplicating in konflux_requirements.sh before writing to the YAML files.

Suggested fix in scripts/konflux_requirements.sh

 wheel_packages=$(grep -v "^[`#-`]" "$WHEEL_FILE" | sed 's/==.*//' | tr '\n' ',' | sed 's/,$//')
 # append extra wheels to the list
-wheel_packages="$wheel_packages,$EXTRA_WHEELS,$PYPI_WHEELS"
+wheel_packages=$(echo "$wheel_packages,$EXTRA_WHEELS,$PYPI_WHEELS" | tr ',' '\n' | sort -u | tr '\n' ',' | sed 's/,$//')

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.tekton/rag-tool-pull-request.yaml around lines 62 - 66, The binary packages
list contains duplicate "tree-sitter-typescript" because the script merges the
RHOAI wheel list with the PYPI_WHEELS constant without deduplication; update
konflux_requirements.sh to dedupe the combined wheel list (e.g., after
concatenating the RHOAI list and PYPI_WHEELS) before writing to
.tekton/rag-tool-pull-request.yaml by using a unique filter (assoc array, sort
-u, or similar) on the variable that holds the merged packages so the final
"binary" -> "packages" value contains only unique package names.

scripts/konflux_requirements.sh (1)

85-89: ⚠️ Potential issue | 🟡 Minor

Package list may contain duplicates when PYPI_WHEELS overlaps with wheel packages.

As noted in the Tekton pipeline review, tree-sitter-typescript appears in both the RHOAI wheel list and PYPI_WHEELS, causing duplication.

Suggested fix to deduplicate

 wheel_packages=$(grep -v "^[`#-`]" "$WHEEL_FILE" | sed 's/==.*//' | tr '\n' ',' | sed 's/,$//')
 # append extra wheels to the list
-wheel_packages="$wheel_packages,$EXTRA_WHEELS,$PYPI_WHEELS"
+# Combine and deduplicate
+wheel_packages=$(echo "$wheel_packages,$EXTRA_WHEELS,$PYPI_WHEELS" | tr ',' '\n' | sort -u | tr '\n' ',' | sed 's/,$//')

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/konflux_requirements.sh` around lines 85 - 89, The wheel_packages
assembly can produce duplicates when entries from WHEEL_FILE overlap with
EXTRA_WHEELS or PYPI_WHEELS; change the construction of wheel_packages (the
variable derived from WHEEL_FILE and then appended with EXTRA_WHEELS and
PYPI_WHEELS) to perform deduplication before it's injected into the YAMLs:
split/join the combined list (from wheel_packages, EXTRA_WHEELS and
PYPI_WHEELS), normalize delimiters, then remove duplicates (e.g., via a
temporary associative set or piping through sort -u / awk to keep unique
entries) and reassign wheel_packages to that unique, comma-separated string
before running the sed replacements on the files referenced
(.tekton/rag-tool-pull-request.yaml and .tekton/rag-tool-push.yaml).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/konflux_requirements.sh`:
- Around line 29-31: The invoked helper script
generate_requirements_overrides.py referenced by the uv run command (with flags
--rhoai-index and -o) is missing; either add a new script named
generate_requirements_overrides.py that parses --rhoai-index and -o and performs
the requirements override generation, or update the uv run invocation to call
the correct existing script name that already implements those flags (or adjust
the flags to match the existing script). Ensure the chosen script accepts
--rhoai-index and -o and exits nonzero on failure so the calling command fails
loudly.

---

Outside diff comments:
In @.tekton/rag-tool-pull-request.yaml:
- Around line 62-66: The binary packages list contains duplicate
"tree-sitter-typescript" because the script merges the RHOAI wheel list with the
PYPI_WHEELS constant without deduplication; update konflux_requirements.sh to
dedupe the combined wheel list (e.g., after concatenating the RHOAI list and
PYPI_WHEELS) before writing to .tekton/rag-tool-pull-request.yaml by using a
unique filter (assoc array, sort -u, or similar) on the variable that holds the
merged packages so the final "binary" -> "packages" value contains only unique
package names.

In `@scripts/konflux_requirements.sh`:
- Around line 85-89: The wheel_packages assembly can produce duplicates when
entries from WHEEL_FILE overlap with EXTRA_WHEELS or PYPI_WHEELS; change the
construction of wheel_packages (the variable derived from WHEEL_FILE and then
appended with EXTRA_WHEELS and PYPI_WHEELS) to perform deduplication before it's
injected into the YAMLs: split/join the combined list (from wheel_packages,
EXTRA_WHEELS and PYPI_WHEELS), normalize delimiters, then remove duplicates
(e.g., via a temporary associative set or piping through sort -u / awk to keep
unique entries) and reassign wheel_packages to that unique, comma-separated
string before running the sed replacements on the files referenced
(.tekton/rag-tool-pull-request.yaml and .tekton/rag-tool-push.yaml).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 970ee6f8-fd52-4a09-8f61-ef60781a07f1

📥 Commits

Reviewing files that changed from the base of the PR and between 4e8da42 and 7e00ba6.

📒 Files selected for processing (8)

• .tekton/rag-tool-pull-request.yaml
• .tekton/rag-tool-push.yaml
• requirements-build.txt
• requirements.hashes.source.txt
• requirements.hashes.wheel.pypi.txt
• requirements.hashes.wheel.txt
• requirements.overrides.txt
• scripts/konflux_requirements.sh

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check if the generate_requirements_overrides.py script exists and examine its argument parser
if [ -f "scripts/generate_requirements_overrides.py" ]; then
    echo "Script exists"
    head -100 scripts/generate_requirements_overrides.py
else
    echo "Script NOT FOUND"
    fd -t f "generate_requirements" scripts/
fi

Repository: lightspeed-core/rag-content

Length of output: 87

---

🏁 Script executed:

#!/bin/bash
# Search for any file with "generate_requirements" in its name across the entire repository
echo "=== Searching for files with 'generate_requirements' pattern ==="
fd -t f "generate_requirements" .

echo ""
echo "=== Listing all files in scripts/ directory ==="
ls -la scripts/

echo ""
echo "=== Searching for references to generate_requirements_overrides in the codebase ==="
rg "generate_requirements_overrides" . --type sh --type py

Repository: lightspeed-core/rag-content

Length of output: 1194

---

scripts/generate_requirements_overrides.py does not exist in the repository.

The script at lines 29-31 attempts to invoke scripts/generate_requirements_overrides.py, but this file is not present. This will cause runtime failure. Either create the script with support for --rhoai-index and -o arguments, or correct the script reference if it should point to an existing file.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/konflux_requirements.sh` around lines 29 - 31, The invoked helper
script generate_requirements_overrides.py referenced by the uv run command (with
flags --rhoai-index and -o) is missing; either add a new script named
generate_requirements_overrides.py that parses --rhoai-index and -o and performs
the requirements override generation, or update the uv run invocation to call
the correct existing script name that already implements those flags (or adjust
the flags to match the existing script). Ensure the chosen script accepts
--rhoai-index and -o and exits nonzero on failure so the calling command fails
loudly.