Pin micropipenv and uv versions in Dockerfile pip install commands for reproducible builds

[coderabbitai]

Problem Description

Currently, multiple Dockerfiles across the repository install micropipenv and uv packages without explicit version constraints:

RUN pip install --no-cache-dir -U "micropipenv[toml]" "uv"

This approach leaves the build process susceptible to unannounced breaking changes, particularly problematic since:

• uv is still evolving rapidly with frequent updates
• micropipenv updates could introduce incompatibilities
• Unpinned versions compromise build reproducibility and stability

Affected Files

Based on PR #968, this issue affects multiple Dockerfiles including:

• codeserver/ubi9-python-3.11/Dockerfile.cpu
• jupyter/datascience/ubi9-python-3.11/Dockerfile.cpu
• jupyter/minimal/ubi9-python-3.11/Dockerfile.cpu
• jupyter/minimal/ubi9-python-3.11/Dockerfile.cuda
• jupyter/minimal/ubi9-python-3.11/Dockerfile.rocm
• jupyter/pytorch/ubi9-python-3.11/Dockerfile.cuda
• jupyter/rocm/pytorch/ubi9-python-3.11/Dockerfile.rocm
• jupyter/rocm/tensorflow/ubi9-python-3.11/Dockerfile.rocm
• jupyter/tensorflow/ubi9-python-3.11/Dockerfile.cuda
• jupyter/trustyai/ubi9-python-3.11/Dockerfile.cpu
• rstudio/c9s-python-3.11/Dockerfile.cpu
• rstudio/c9s-python-3.11/Dockerfile.cuda
• runtimes/datascience/ubi9-python-3.11/Dockerfile.cpu
• runtimes/minimal/ubi9-python-3.11/Dockerfile.cpu
• runtimes/pytorch/ubi9-python-3.11/Dockerfile.cuda
• runtimes/rocm-pytorch/ubi9-python-3.11/Dockerfile.rocm
• runtimes/rocm-tensorflow/ubi9-python-3.11/Dockerfile.rocm
• runtimes/tensorflow/ubi9-python-3.11/Dockerfile.cuda

Proposed Solution

Option 1: Direct Version Pinning

RUN pip install --no-cache-dir "micropipenv[toml]==0.4.4" "uv==0.2.7"

Option 2: Build Arguments (Recommended)

ARG MICROPIPENV_VERSION=0.4.4
ARG UV_VERSION=0.2.7
RUN pip install --no-cache-dir "micropipenv[toml]==${MICROPIPENV_VERSION}" "uv==${UV_VERSION}"

Option 2 is preferred as it allows version control via build arguments while maintaining explicit version specification.

Implementation Approach

1. Research Current Versions: Identify the latest stable versions compatible with the existing workflow
2. Test Compatibility: Verify that pinned versions work correctly with the existing micropipenv requirements | uv pip install pipeline
3. Update All Dockerfiles: Apply consistent version pinning across all affected files
4. Documentation: Update any relevant documentation about version management

Acceptance Criteria

• All Dockerfiles installing micropipenv and uv have explicit version constraints
• Version pinning uses build arguments for flexibility
• Selected versions are tested and confirmed compatible with existing workflows
• All affected Dockerfiles follow consistent patterns
• Build process remains stable and reproducible
• No regression in functionality of the micropipenv requirements | uv pip install pipeline

Context

• Related PR: RHOAIENG-21690: chore(Dockerfiles): augument micropipenv with uv for faster package installs #968
• Comment: RHOAIENG-21690: chore(Dockerfiles): augument micropipenv with uv for faster package installs #968 (comment)
• Requested by: @jiridanek