From ee32b38942af733367be80ec0ad9b5be7c06bb18 Mon Sep 17 00:00:00 2001
From: Jiri Podivin <jpodivin@redhat.com>
Date: Mon, 8 Jun 2026 10:34:28 +0200
Subject: [PATCH 1/3] Sync beeai-framework and aiohttp versions

Signed-off-by: Jiri Podivin <jpodivin@redhat.com>
---
 Containerfile.c9s-tests  | 4 ++--
 Containerfile.supervisor | 2 +-
 Containerfile.tests      | 2 +-
 requirements.txt         | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Containerfile.c9s-tests b/Containerfile.c9s-tests
index 412812dd..57d91bea 100644
--- a/Containerfile.c9s-tests
+++ b/Containerfile.c9s-tests
@@ -25,10 +25,10 @@ RUN python3.11 -m venv --system-site-packages /opt/beeai-venv \
     && /opt/beeai-venv/bin/pip install --upgrade pip \
     && /opt/beeai-venv/bin/pip install --no-cache-dir \
        "litellm!=1.82.7,!=1.82.8" \
-       beeai-framework[vertexai,mcp,duckduckgo]==0.1.79 \
+       beeai-framework[vertexai,mcp,duckduckgo]==0.1.80 \
        openinference-instrumentation-beeai \
        arize-phoenix-otel \
-       aiohttp \
+       aiohttp>=3.12.15 \
        redis \
        specfile \
        pytest \
diff --git a/Containerfile.supervisor b/Containerfile.supervisor
index 209ca2e5..5a683201 100644
--- a/Containerfile.supervisor
+++ b/Containerfile.supervisor
@@ -27,7 +27,7 @@ RUN dnf -y install --allowerasing \
       python3-devel \
     && pip3 install -v --no-cache-dir \
       "litellm!=1.82.7,!=1.82.8" \
-      beeai-framework[vertexai,mcp,duckduckgo]==0.1.79 \
+      beeai-framework[vertexai,mcp,duckduckgo]==0.1.80 \
       google-cloud-aiplatform \
       openinference-instrumentation-beeai \
       arize-phoenix-otel \
diff --git a/Containerfile.tests b/Containerfile.tests
index 7ecec258..38065536 100644
--- a/Containerfile.tests
+++ b/Containerfile.tests
@@ -31,7 +31,7 @@ ENV PYTHONPATH=/src:$PYTHONPATH
 # Install BeeAI Framework and FastMCP
 RUN pip3 install --no-cache-dir \
       "litellm!=1.82.7,!=1.82.8" \
-      beeai-framework[vertexai,mcp,duckduckgo]==0.1.79 \
+      beeai-framework[vertexai,mcp,duckduckgo]==0.1.80 \
       fastmcp redis backoff
 
 # Verify no malicious litellm_init.pth was introduced by compromised litellm packages (e.g. 1.82.7, 1.82.8)
diff --git a/requirements.txt b/requirements.txt
index 0ba44198..ae1efd4d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -5,7 +5,7 @@ litellm!=1.82.7,!=1.82.8
 aiohttp>=3.12.15
 arize-phoenix-otel>=0.13.0
 beautifulsoup4>=4.13.4
-beeai-framework[duckduckgo]
+beeai-framework[duckduckgo]==0.1.80
 copr>=1.129
 fastmcp>=2.11.3
 ogr>=0.55.0

From 2c5a47acc9e11d67e54bf5b0fb151a0715277974 Mon Sep 17 00:00:00 2001
From: Jiri Podivin <jpodivin@redhat.com>
Date: Mon, 8 Jun 2026 15:06:52 +0200
Subject: [PATCH 2/3] Clarify state of ymir-common and ymir-tools

Signed-off-by: Jiri Podivin <jpodivin@redhat.com>
---
 requirements.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index ae1efd4d..0f4213d9 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,6 +1,7 @@
 # Dependencies specific to the root ymir package
-ymir-common
-ymir-tools
+# Note: ymir-common and ymir-tools are workspace packages (not on PyPI).
+# They are resolved by uv via [tool.uv.sources] in pyproject.toml.
+# For development setup, use: uv sync
 litellm!=1.82.7,!=1.82.8
 aiohttp>=3.12.15
 arize-phoenix-otel>=0.13.0

From 72891436dfae24981468e228e870a82586c725ef Mon Sep 17 00:00:00 2001
From: Jiri Podivin <jpodivin@redhat.com>
Date: Mon, 8 Jun 2026 15:07:40 +0200
Subject: [PATCH 3/3] Define dependencies outside of containerfiles

Signed-off-by: Jiri Podivin <jpodivin@redhat.com>
---
 Containerfile.c10s          | 16 ++++------------
 Containerfile.c9s           | 15 ++++-----------
 Containerfile.c9s-tests     | 17 ++++-------------
 Containerfile.mcp           |  5 ++++-
 Containerfile.supervisor    | 15 +++++++--------
 Containerfile.tests         |  9 +++++----
 requirements-agent.txt      |  8 ++++++++
 requirements-base.txt       |  8 ++++++++
 requirements-mcp.txt        |  4 ++++
 requirements-supervisor.txt |  3 +++
 requirements-test.txt       |  9 +++++++++
 11 files changed, 60 insertions(+), 49 deletions(-)
 create mode 100644 requirements-agent.txt
 create mode 100644 requirements-base.txt
 create mode 100644 requirements-mcp.txt
 create mode 100644 requirements-supervisor.txt
 create mode 100644 requirements-test.txt

diff --git a/Containerfile.c10s b/Containerfile.c10s
index 6012f44e..3f70e80c 100644
--- a/Containerfile.c10s
+++ b/Containerfile.c10s
@@ -60,19 +60,11 @@ RUN dnf -y install --allowerasing \
 COPY beeai-reasoning.patch /tmp
 COPY openinference-reasoning.patch /tmp
 
+# Copy dependency files
+COPY requirements-base.txt requirements-agent.txt /tmp/
+
 RUN pip3 install --no-cache-dir \
-      "litellm!=1.82.7,!=1.82.8" \
-      beeai-framework[vertexai,mcp,duckduckgo]==0.1.80 \
-      google-cloud-aiplatform \
-      openinference-instrumentation-beeai \
-      arize-phoenix-otel \
-      redis \
-      specfile \
-      pytest \
-      pytest-asyncio \
-      GitPython>=3.1.0 \
-      unidiff \
-      sentry-sdk>=2.13.0 \
+      -r /tmp/requirements-agent.txt \
     && cd /usr/local/lib/python3.12/site-packages \
     && patch -p2 -i /tmp/beeai-reasoning.patch \
     && patch -p5 -i /tmp/openinference-reasoning.patch
diff --git a/Containerfile.c9s b/Containerfile.c9s
index 05412fcd..a98e9e9a 100644
--- a/Containerfile.c9s
+++ b/Containerfile.c9s
@@ -59,21 +59,14 @@ RUN dnf -y install --allowerasing \
 COPY beeai-reasoning.patch /tmp
 COPY openinference-reasoning.patch /tmp
 
+# Copy dependency files
+COPY requirements-base.txt requirements-agent.txt /tmp/
+
 # Create Python 3.11 virtual environment and install Python packages
 RUN python3.11 -m venv --system-site-packages /opt/beeai-venv \
     && /opt/beeai-venv/bin/pip install --upgrade pip \
     && /opt/beeai-venv/bin/pip install --no-cache-dir \
-         "litellm!=1.82.7,!=1.82.8" \
-         beeai-framework[vertexai,mcp,duckduckgo]==0.1.80 \
-         google-cloud-aiplatform \
-         openinference-instrumentation-beeai \
-         arize-phoenix-otel \
-         redis \
-         specfile \
-         koji \
-         GitPython>=3.1.0 \
-         unidiff \
-         sentry-sdk>=2.13.0 \
+        -r /tmp/requirements-agent.txt \
     && cd /opt/beeai-venv/lib/python3.11/site-packages \
     && patch -p2 -i /tmp/beeai-reasoning.patch \
     && patch -p5 -i /tmp/openinference-reasoning.patch
diff --git a/Containerfile.c9s-tests b/Containerfile.c9s-tests
index 57d91bea..c9413728 100644
--- a/Containerfile.c9s-tests
+++ b/Containerfile.c9s-tests
@@ -20,23 +20,14 @@ RUN dnf -y install --allowerasing \
       python3.11-devel \
     && dnf clean all
 
+# Copy dependency files
+COPY requirements-base.txt requirements-test.txt /tmp/
+
 # Create Python 3.11 virtual environment and install Python packages
 RUN python3.11 -m venv --system-site-packages /opt/beeai-venv \
     && /opt/beeai-venv/bin/pip install --upgrade pip \
     && /opt/beeai-venv/bin/pip install --no-cache-dir \
-       "litellm!=1.82.7,!=1.82.8" \
-       beeai-framework[vertexai,mcp,duckduckgo]==0.1.80 \
-       openinference-instrumentation-beeai \
-       arize-phoenix-otel \
-       aiohttp>=3.12.15 \
-       redis \
-       specfile \
-       pytest \
-       pytest-asyncio \
-       flexmock \
-       koji \
-       GitPython \
-       tomli-w
+        -r /tmp/requirements-test.txt
 
 # Verify no malicious litellm_init.pth was introduced by compromised litellm packages (e.g. 1.82.7, 1.82.8)
 RUN MALICIOUS=$(find /usr /opt -name "litellm_init.pth" 2>/dev/null); \
diff --git a/Containerfile.mcp b/Containerfile.mcp
index 122753af..ee759465 100644
--- a/Containerfile.mcp
+++ b/Containerfile.mcp
@@ -30,8 +30,11 @@ RUN dnf -y install \
       ${EXTRA_PACKAGES} \
     && dnf clean all
 
+# Copy dependency files
+COPY requirements-mcp.txt /tmp/
+
 # Install beeai mcp server
-RUN pip3 install --no-cache-dir "litellm!=1.82.7,!=1.82.8" beeai-framework[mcp]==0.1.80 "specfile>=0.36.0"
+RUN pip3 install --no-cache-dir -r /tmp/requirements-mcp.txt
 
 # Create user
 RUN useradd -m -G wheel mcp
diff --git a/Containerfile.supervisor b/Containerfile.supervisor
index 5a683201..05284b67 100644
--- a/Containerfile.supervisor
+++ b/Containerfile.supervisor
@@ -25,17 +25,16 @@ RUN dnf -y install --allowerasing \
       gcc \
       gcc-c++ \
       python3-devel \
-    && pip3 install -v --no-cache-dir \
-      "litellm!=1.82.7,!=1.82.8" \
-      beeai-framework[vertexai,mcp,duckduckgo]==0.1.80 \
-      google-cloud-aiplatform \
-      openinference-instrumentation-beeai \
-      arize-phoenix-otel \
-      redis \
-      specfile \
     && dnf -y remove gcc gcc-c++ python3-devel \
     && dnf clean all
 
+# Copy dependency files
+COPY requirements-base.txt requirements-supervisor.txt /tmp/
+
+# Install remaining dependencies using pip
+RUN pip3 install -v --no-cache-dir \
+  -r /tmp/requirements-supervisor.txt
+
 # Verify no malicious litellm_init.pth was introduced by compromised litellm packages (e.g. 1.82.7, 1.82.8)
 RUN MALICIOUS=$(find /usr /opt -name "litellm_init.pth" 2>/dev/null); \
     if [ -n "$MALICIOUS" ]; then \
diff --git a/Containerfile.tests b/Containerfile.tests
index 38065536..e0381675 100644
--- a/Containerfile.tests
+++ b/Containerfile.tests
@@ -28,11 +28,12 @@ RUN git config --global user.email "ymir-tests@example.com" \
 # Set PYTHONPATH so ymir namespace package can be imported
 ENV PYTHONPATH=/src:$PYTHONPATH
 
-# Install BeeAI Framework and FastMCP
+# Copy dependency file
+COPY requirements-base.txt /tmp/
+
+# Install BeeAI Framework
 RUN pip3 install --no-cache-dir \
-      "litellm!=1.82.7,!=1.82.8" \
-      beeai-framework[vertexai,mcp,duckduckgo]==0.1.80 \
-      fastmcp redis backoff
+      -r /tmp/requirements-base.txt
 
 # Verify no malicious litellm_init.pth was introduced by compromised litellm packages (e.g. 1.82.7, 1.82.8)
 RUN MALICIOUS=$(find /usr /opt -name "litellm_init.pth" 2>/dev/null); \
diff --git a/requirements-agent.txt b/requirements-agent.txt
new file mode 100644
index 00000000..ded7d32d
--- /dev/null
+++ b/requirements-agent.txt
@@ -0,0 +1,8 @@
+# Agent container dependencies (c9s, c10s)
+-r requirements-base.txt
+google-cloud-aiplatform
+aiohttp>=3.12.15
+koji
+GitPython>=3.1.0
+unidiff
+sentry-sdk>=2.13.0
diff --git a/requirements-base.txt b/requirements-base.txt
new file mode 100644
index 00000000..0aa23fb7
--- /dev/null
+++ b/requirements-base.txt
@@ -0,0 +1,8 @@
+# Shared pip dependencies for all containers (except MCP)
+# Prevent installation of compromised litellm package versions
+litellm!=1.82.7,!=1.82.8
+beeai-framework[vertexai,mcp,duckduckgo]==0.1.80
+openinference-instrumentation-beeai
+arize-phoenix-otel
+redis>=6.4.0
+specfile>=0.36.0
diff --git a/requirements-mcp.txt b/requirements-mcp.txt
new file mode 100644
index 00000000..1b1e3c6f
--- /dev/null
+++ b/requirements-mcp.txt
@@ -0,0 +1,4 @@
+# Dependencies for the MCP gateway container (beeai[mcp] only, no vertexai/duckduckgo)
+litellm!=1.82.7,!=1.82.8
+beeai-framework[mcp]==0.1.80
+specfile>=0.36.0
diff --git a/requirements-supervisor.txt b/requirements-supervisor.txt
new file mode 100644
index 00000000..9ef7474f
--- /dev/null
+++ b/requirements-supervisor.txt
@@ -0,0 +1,3 @@
+# Supervisor container dependencies
+-r requirements-base.txt
+google-cloud-aiplatform
diff --git a/requirements-test.txt b/requirements-test.txt
new file mode 100644
index 00000000..0dabfc83
--- /dev/null
+++ b/requirements-test.txt
@@ -0,0 +1,9 @@
+# c9s test container dependencies
+-r requirements-base.txt
+aiohttp>=3.12.15
+koji
+GitPython>=3.1.0
+pytest
+pytest-asyncio
+flexmock>=0.12.2
+tomli-w