LCORE-1392: Updated providers artifact

[asimurka]

Description

This PR updates LS providers artifact to version after LLS bump to 0.5.2.

Type of change

• Refactor
• New feature
• Bug fix
• CVE fix
• Optimization
• Documentation Update
• Configuration Update
• Bump-up service version
• Bump-up dependent library
• Bump-up library or tool used for development (does not change the final image)
• CI configuration change
• Konflux configuration change
• Unit tests improvement
• Integration tests improvement
• End to end tests improvement
• Benchmarks improvement

Tools used to create PR

Identify any AI code assistants used in this PR (for transparency and review context)

• Assisted-by: N/A

Related Tickets & Documents

• Related Issue # LCORE-1392
• Closes #

Checklist before requesting a review

• I have performed a self-review of my code.
• PR has passed all pre-merge test jobs.
• If it is a core feature, I have added thorough tests.

Testing

• Please provide detailed steps to perform tests related to this code change.
• How were the fix/results from this change verified? Please provide relevant screenshots or results.

Summary by CodeRabbit

• Chores
  • Updated the Lightspeed Providers dependency to a newer release, including the prefetch artifact and integrity checksum. This ensures the build pulls the updated provider bundle and verifies its integrity during image creation.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 9b1213ab-0fd9-4090-b678-fb5a982ab8be

📥 Commits

Reviewing files that changed from the base of the PR and between a5c9c83 and 6835f1b.

📒 Files selected for processing (2)

• Containerfile
• artifacts.lock.yaml

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: check_dependencies
• GitHub Check: build-pr
• GitHub Check: integration_tests (3.13)
• GitHub Check: unit_tests (3.13)
• GitHub Check: integration_tests (3.12)
• GitHub Check: Konflux kflux-prd-rh02 / lightspeed-stack-on-pull-request
• GitHub Check: E2E: server mode / ci
• GitHub Check: E2E: library mode / ci
• GitHub Check: E2E Tests for Lightspeed Evaluation job

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: matysek
Repo: lightspeed-core/lightspeed-stack PR: 292
File: pyproject.toml:43-45
Timestamp: 2025-08-18T10:55:18.914Z
Learning: The lightspeed-stack project updates dependencies every sprint as part of their regular maintenance cycle, which explains their preference for exact dependency pins rather than version ranges.

Learnt from: matysek
Repo: lightspeed-core/lightspeed-stack PR: 292
File: pyproject.toml:59-59
Timestamp: 2025-08-18T10:57:39.266Z
Learning: In the lightspeed-stack project, transitive dependencies like faiss-cpu are intentionally pinned as top-level dependencies to maintain better control over the dependency graph and avoid version conflicts when bundling ML/LLM tooling packages.

📚 Learning: 2025-08-18T10:56:55.349Z

Learnt from: matysek
Repo: lightspeed-core/lightspeed-stack PR: 292
File: pyproject.toml:0-0
Timestamp: 2025-08-18T10:56:55.349Z
Learning: The lightspeed-stack project intentionally uses a "generic image" approach, bundling many dependencies directly in the base runtime image to work for everyone, rather than using lean base images with optional dependency groups.

Applied to files:

• Containerfile

🔇 Additional comments (2)

Containerfile (1)

39-39: LGTM! Commit hash is consistent with artifacts.lock.yaml.

The LIGHTSPEED_PROVIDERS_COMMIT update correctly matches the commit referenced in artifacts.lock.yaml. The version bump follows the project's practice of exact dependency pinning. Based on learnings, the lightspeed-stack project updates dependencies every sprint as part of their regular maintenance cycle.

artifacts.lock.yaml (1)

6-7: Verify that the commit exists and checksum is accurate.

The commit hash 8576c2172087aa32b8eadfa2140a879dec238f00 and checksum 0e71ab0db8d14abe224cd3cb35b0fe771c187927e5c982a791791bbcfa526cf0 must be validated against the actual artifact before merge. Ensure the commit exists in the lightspeed-providers repository and that the SHA-256 checksum matches the downloaded archive.

---

Walkthrough

Two configuration files are updated to pin the lightspeed-providers dependency to a different commit. The Containerfile build argument and the artifacts.lock.yaml download URL and checksum now reference the new 8576c2172087aa32b8eadfa2140a879dec238f00 archive.

Changes

Cohort / File(s)	Summary
Container build config Containerfile	Updated build ARG LIGHTSPEED_PROVIDERS_COMMIT value from 9e073aaaa43a8a5bac38a3bbddbe6cf24842847b to 8576c2172087aa32b8eadfa2140a879dec238f00.
Artifacts manifest artifacts.lock.yaml	Replaced download_url to point to the archive for commit 8576c217...f00 and updated the corresponding SHA-256 checksum; filename remains lightspeed-providers.zip.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically identifies the main change: updating the Lightspeed providers artifact to a newer commit, which is reflected in both Containerfile and artifacts.lock.yaml modifications.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

✨ Simplify code

• Create PR with simplified code

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[tisnik]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ No major issues detected

[tisnik]

LGTM