qubership-pipelines-common-library 0.2.6__py3-none-any.whl → 2.0.1__py3-none-any.whl

qubership_pipelines_common_library/v2/jenkins/jenkins_run_pipeline_command.py

@@ -0,0 +1,165 @@
+from qubership_pipelines_common_library.v1.execution.exec_command import ExecutionCommand
+from qubership_pipelines_common_library.v1.execution.exec_info import ExecutionInfo
+from qubership_pipelines_common_library.v1.utils.utils_string import UtilsString
+from qubership_pipelines_common_library.v2.extensions.pipeline_data_importer import PipelineDataImporter
+from qubership_pipelines_common_library.v2.jenkins.jenkins_pipeline_data_importer import DefaultJenkinsPipelineDataImporter
+from qubership_pipelines_common_library.v2.jenkins.safe_jenkins_client import SafeJenkinsClient
+
+
+class JenkinsRunPipeline(ExecutionCommand):
+    """
+    Runs Jenkins Pipeline and optionally imports artifacts.
+
+    This command runs Jenkins Pipeline, monitors its execution, and provides
+    options for importing resulting artifacts and custom data processing through extensible
+    importers.
+
+    Input Parameters Structure (this structure is expected inside "input_params.params" block):
+    ```
+    {
+        "pipeline_path": "TENANT-NAME/path/to/job",              # REQUIRED: Full pipeline path (e.g. "TENANT/folder/job")
+        "pipeline_params": {                                     # OPTIONAL: Input parameters to pass to the pipeline
+            "KEY1": "VALUE1",                                    #     Side-note: if you want to run your parametrized job with default parameters,
+            "KEY2": "VALUE2"                                     #     you still need to pass some fake params (they will be ignored by Jenkins), e.g. "__fake_key":"fake_value",
+        },                                                       #     Otherwise, if this dict is empty - endpoint for non-parametrized jobs will be triggered
+        "import_artifacts": true,                                # OPTIONAL: Whether to import pipeline artifacts (default: true)
+        "use_existing_pipeline": 123456789,                      # OPTIONAL: Use existing pipeline ID instead of starting new one (debug feature)
+        "timeout_seconds": 1800,                                 # OPTIONAL: Maximum wait time for pipeline completion in seconds (default: 1800, 0 for async execution)
+        "wait_seconds": 1,                                       # OPTIONAL: Wait interval between status checks in seconds (default: 1)
+        "retry_timeout_seconds": 180,                            # OPTIONAL: Timeout for GitLab client initialization and pipeline start retries in seconds (default: 180)
+        "retry_wait_seconds": 1,                                 # OPTIONAL: Wait interval between retries in seconds (default: 1)
+        "success_statuses": "SUCCESS,UNSTABLE"                   # OPTIONAL: Comma-separated list of acceptable completion statuses (default: SUCCESS)
+    }
+    ```
+
+    Systems Configuration (expected in "systems.jenkins" block):
+    ```
+    {
+        "url": "https://github.com",                             # REQUIRED: Jenkins instance URL
+        "username": "<jenkins_user>"                             # REQUIRED: Jenkins user
+        "password": "<jenkins_token>"                            # REQUIRED: Jenkins password or token with job-triggering permissions
+    }
+    ```
+
+    Output Parameters:
+        - params.build.url: URL to view the pipeline run in GitLab
+        - params.build.id: ID of the executed pipeline
+        - params.build.status: Final status of the pipeline execution
+        - params.build.date: Workflow start time in ISO format
+        - params.build.duration: Total execution duration in human-readable format
+        - params.build.name: Name of the pipeline execution
+
+    Extension Points:
+        - Custom pipeline data importers can be implemented by extending PipelineDataImporter interface
+        - PipelineDataImporter is passed into constructor of command via "pipeline_data_importer" arg
+
+    Notes:
+        - Setting timeout_seconds to 0 enables asynchronous execution (workflow starts but command doesn't wait for completion, and won't fetch build id)
+    """
+
+    # default timeout values
+    WAIT_TIMEOUT = 1800
+    WAIT_SECONDS = 1
+    RETRY_TIMEOUT_SECONDS = 180
+    RETRY_WAIT_SECONDS = 1
+
+    PARAM_NAME_IS_DRY_RUN = "IS_DRY_RUN"
+
+    def __init__(self, *args, pipeline_data_importer: PipelineDataImporter = None, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.pipeline_data_importer = pipeline_data_importer or DefaultJenkinsPipelineDataImporter()
+        if pipeline_data_importer and not isinstance(pipeline_data_importer, PipelineDataImporter):
+            raise TypeError(f"Class {type(pipeline_data_importer)} must inherit from PipelineDataImporter")
+
+    def _validate(self):
+        names = [
+            "paths.input.params",
+            "paths.output.params",
+            "paths.output.files",
+            "systems.jenkins.url",
+            "systems.jenkins.username",
+            "systems.jenkins.password",
+            "params.pipeline_path",
+        ]
+        if not self.context.validate(names):
+            return False
+
+        self.timeout_seconds = max(0, int(self.context.input_param_get("params.timeout_seconds", self.WAIT_TIMEOUT)))
+        self.wait_seconds = max(1, int(self.context.input_param_get("params.wait_seconds", self.WAIT_SECONDS)))
+
+        self.retry_timeout_seconds = int(self.context.input_param_get("params.retry_timeout_seconds", self.RETRY_TIMEOUT_SECONDS))
+        self.retry_wait_seconds = int(self.context.input_param_get("params.retry_wait_seconds", self.RETRY_WAIT_SECONDS))
+
+        if self.timeout_seconds == 0:
+            self.context.logger.info(f"Timeout is set to: {self.timeout_seconds}. This means that the pipeline will be started asynchronously")
+
+        self.pipeline_path = self.context.input_param_get("params.pipeline_path").strip("/")
+        self.pipeline_params = self.context.input_param_get("params.pipeline_params", {})
+        if not self.pipeline_params:
+            self.context.logger.info("Pipeline parameters were not specified. This means that pipeline will be started with its default values")
+        if not isinstance(self.pipeline_params, dict):
+            self.context.logger.error("Pipeline parameters were not loaded correctly. Probably mistake in the params definition")
+            return False
+
+        self.success_statuses = [x.strip() for x in self.context.input_param_get("params.success_statuses", ExecutionInfo.STATUS_SUCCESS).split(",")]
+        if UtilsString.convert_to_bool(self.context.input_param_get("params.is_dry_run", False)):
+            self.pipeline_params[self.PARAM_NAME_IS_DRY_RUN] = True
+        self.import_artifacts = UtilsString.convert_to_bool(self.context.input_param_get("params.import_artifacts", True))
+        self.use_existing_pipeline = self.context.input_param_get("params.use_existing_pipeline")
+        return True
+
+    def _execute(self):
+        self.context.logger.info("Running jenkins-run-pipeline...")
+        self.jenkins_client = SafeJenkinsClient.create_jenkins_client(
+            self.context.input_param_get("systems.jenkins.url"),
+            self.context.input_param_get("systems.jenkins.username"),
+            self.context.input_param_get("systems.jenkins.password"),
+            retry_timeout_seconds=self.retry_timeout_seconds,
+            retry_wait_seconds=self.retry_wait_seconds
+        )
+        self.context.logger.info("Successfully initialized Jenkins client")
+
+        if self.use_existing_pipeline:  # work with existing job
+            self.context.logger.info(f"Using existing job {self.pipeline_path} - {self.use_existing_pipeline}")
+            execution = (ExecutionInfo().with_params(self.pipeline_params)
+                         .with_name(self.pipeline_path).with_id(int(self.use_existing_pipeline))
+                         .with_status(ExecutionInfo.STATUS_UNKNOWN))
+            execution.start()
+        else:
+            execution = self.jenkins_client.run_pipeline(
+                self.pipeline_path, self.pipeline_params,
+                timeout_seconds=self.timeout_seconds,
+                wait_seconds=self.wait_seconds
+            )
+
+        self.execution_info = execution
+        if execution.get_status() != ExecutionInfo.STATUS_IN_PROGRESS:
+            self._exit(False, f"Pipeline was not started. Status {execution.get_status()}")
+        elif self.timeout_seconds < 1:
+            self.context.logger.info("Pipeline was started in asynchronous mode. Pipeline status and artifacts will not be processed")
+            return
+
+        self.context.logger.info(f"Pipeline successfully started. Waiting {self.timeout_seconds} seconds for execution to complete")
+        execution = self.jenkins_client.wait_pipeline_execution(execution, self.timeout_seconds, self.wait_seconds)
+        self.context.logger.info(f"Pipeline status: {execution.get_status()}\nPipeline available at {execution.get_url()}")
+
+        if self.import_artifacts and self.pipeline_data_importer and execution.get_status() in ExecutionInfo.STATUSES_COMPLETE:
+            try:
+                self.pipeline_data_importer.with_command(self)
+                self.pipeline_data_importer.import_pipeline_data(execution)
+            except Exception as e:
+                self.context.logger.error(f"Exception during pipeline_data_importer execution: {e}")
+
+        self._save_execution_info(execution)
+        if execution.get_status() not in self.success_statuses:
+            self._exit(False, f"Status: {execution.get_status()}")
+
+    def _save_execution_info(self, execution: ExecutionInfo):
+        self.context.logger.info("Writing jenkins job execution status")
+        self.context.output_param_set("params.build.url", execution.get_url())
+        self.context.output_param_set("params.build.id", execution.get_id())
+        self.context.output_param_set("params.build.status", execution.get_status())
+        self.context.output_param_set("params.build.date", execution.get_time_start().isoformat())
+        self.context.output_param_set("params.build.duration", execution.get_duration_str())
+        self.context.output_param_set("params.build.name", execution.get_name())
+        self.context.output_params_save()

qubership_pipelines_common_library/v2/jenkins/safe_jenkins_client.py

@@ -0,0 +1,14 @@
+from qubership_pipelines_common_library.v2.jenkins.jenkins_client import JenkinsClient
+from qubership_pipelines_common_library.v2.utils.retry_decorator import RetryDecorator
+
+
+class SafeJenkinsClient(JenkinsClient):
+
+    def __init__(self, host: str, user: str, password: str):
+        super().__init__(host, user, password)
+
+    @classmethod
+    @RetryDecorator(condition_func=lambda result: result is not None)
+    def create_jenkins_client(cls, host: str, user: str, password: str,
+                              retry_timeout_seconds: int = 180, retry_wait_seconds: int = 1):
+        return cls(host, user, password)

qubership_pipelines_common_library/v2/podman/podman_command.md

@@ -0,0 +1,178 @@
+# Podman Run Image Command
+
+Executes a container using `podman run` command.
+
+This command supports running containers with configurable execution parameters, environment variable management, file mounting, and output extraction.
+
+## Input Parameters
+
+This structure is expected inside the `input_params.params` block:
+
+```json
+{
+    "image": "docker.io/library/hello-world:latest",
+    "command": "python -m pipelines_declarative_executor run --pipeline_dir=\"/WORK/EXEC_DIR\"",
+    "execution_config": {
+        "working_dir": "/some/dir/inside/container",
+        "timeout": "600",
+        "operations_timeout": "15",
+        "remove_container": true,
+        "save_stdout_to_logs": true,
+        "save_stdout_to_files": true,
+        "save_stdout_to_params": false,
+        "expected_return_codes": "0,125",
+        "additional_run_flags": "--cgroups=disabled"
+    },
+    "before_script": {
+        "mounts": {
+            "output_files": "/WORK",
+            "prepared_data": "/CONFIGS"
+        },
+        "env_vars": {
+            "explicit": {
+                "PIPELINES_DECLARATIVE_EXECUTOR_ENCRYPT_OUTPUT_SECURE_PARAMS": false
+            },
+            "env_files": [
+                "../CONFIGS/sample.env"
+            ],
+            "pass_via_file": {
+                "SOMETHING_VERY_SECURE": "PASSWORD"
+            },
+            "host_prefixes": [
+                "SOME_PREFIX_*"
+            ]
+        }
+    },
+    "after_script": {
+        "copy_files_to_host": {
+            "output_files/report.json": "/WORK/EXEC_DIR/pipeline_state/pipeline_ui_view.json",
+            "output_files/pipeline_state": "/WORK/EXEC_DIR/pipeline_state"
+        },
+        "extract_params_from_files": {
+            "SOME_FILE_IN_CONTAINER": "SECTION_NAME_IN_PARAMS_WHERE_IT_WILL_BE_STORED"
+        }
+    }
+}
+```
+
+## Parameter Reference
+
+All params are referenced here without their top-level "params" section.
+
+Actual `input_params.yaml` should look like this sample:
+
+```yaml
+kind: AtlasModuleParamsInsecure
+apiVersion: v1
+params:
+  image: docker.io/library/hello-world:latest
+  command: ....
+  execution_config:
+    timeout: 300
+    save_container_stdout_to_params: True
+  before_script:
+    mounts:
+      output_files: /WORK
+```
+
+Or you can also pass required parameters via CLI arguments:
+
+`qubership_cli_samples podman-run -p params.image=docker.io/my_image -p params.execution_config.timeout=300`
+
+### Required Parameters
+
+- **`image`** (string): Container image to run
+
+### Optional Parameters
+
+#### Execution Configuration
+
+- **`command`** (string): Command to execute in container
+- **`execution_config`** (object): Container execution settings
+  - **`working_dir`** (string): Working directory inside container
+  - **`timeout`** (float/string): Maximum execution time in seconds (e.g. "60", "36.6", etc.)
+  - **`operations_timeout`** (float/string): Timeout for operations like file copying in seconds
+  - **`remove_container`** (boolean): Whether to remove container after execution
+  - **`save_stdout_to_logs`** (boolean): Save container stdout to execution logs
+  - **`save_stdout_to_files`** (boolean): Save container stdout to output files
+  - **`save_stdout_to_params`** (boolean): Save container stdout to output parameters
+  - **`expected_return_codes`** (string): Comma-separated list of acceptable exit codes
+  - **`additional_run_flags`** (string): Flags that will be added to "podman run" command
+
+#### Before Script Configuration
+
+- **`before_script`** (object): Pre-execution configuration
+  - **`mounts`** (object): Filesystem mounts from host to container (`host_path: container_path`)
+  - **`env_vars`** (object): Environment variable configuration. There's podman-specific priority of these vars (lower to highest): file vars, direct vars, host vars.
+    - **`explicit`** (object): Direct environment variable assignment
+    - **`env_files`** (array): Environment files on host to load and pass into container
+    - **`pass_via_file`** (object): Sensitive vars passed via temp file
+    - **`host_prefixes`** (array): Host environment variable prefixes to pass through (can use `"*"` to pass everything from host)
+
+#### After Script Configuration
+
+- **`after_script`** (object): Post-execution operations
+  - **`copy_files_to_host`** (object): Copy files from container to host after execution (`host_path: container_path`)
+  - **`extract_params_from_files`** (object): Extract parameters from container files (supports JSON, YAML, and ENV files)
+
+## Output Parameters
+
+- `params.execution_time`: Total execution time in seconds
+- `params.return_code`: Container exit code
+- `params.stdout`: Container stdout (if `save_stdout_to_params` enabled)
+- `params.stderr`: Container stderr (if `save_stdout_to_params` enabled)
+- `params.extracted_output.*`: Extracted parameters from files (if `extract_params_from_files` configured)
+
+## Notes
+
+- The command automatically handles container lifecycle including start, execution, and cleanup
+- All host-paths (including mount paths) are resolved relative to context directory
+
+## Adding podman executable in your image
+
+To install and use `podman run` in your Dockerimage (`python:3.11-slim` was used as a base image, to run `Pipelines Declarative Executor`) inside usual CIs (GitHub/GitLab) following approaches worked:
+
+### GitHub
+
+1. `apt-get install podman nftables fuse-overlayfs`
+
+2. ```bash
+    RUN cat <<EOF > /etc/containers/storage.conf
+    [storage]
+    driver = "overlay"
+    runroot = "/run/containers/storage"
+    graphroot = "/var/lib/containers/storage"
+    [storage.options]
+    mount_program = "/usr/bin/fuse-overlayfs"
+    EOF
+    ```
+
+3. In your workflow file, need to pass `--privileged` option
+
+    ```yaml
+   jobs:
+      execute-pipeline:
+        runs-on: ubuntu-latest
+        container:
+          image: ghcr.io/netcracker/qubership-pipelines-declarative-executor:dev_podman_engine
+          options: --privileged
+    ```
+
+4. Need to run `PodmanRunImage` command with additional flags: `"additional_run_flags": "--cgroups=disabled"`
+
+### GitLab
+
+1. `apt-get install podman nftables slirp4netns fuse-overlayfs`
+
+2. ```bash
+    RUN cat <<EOF > /etc/containers/storage.conf
+    [storage]
+    driver = "overlay"
+    runroot = "/run/containers/storage"
+    graphroot = "/var/lib/containers/storage"
+    [storage.options]
+    mount_program = "/usr/bin/fuse-overlayfs"
+    EOF
+    ```
+
+3. Need to run `PodmanRunImage` command with additional flags: `"additional_run_flags": "--cgroups=disabled --network slirp4netns"`

qubership_pipelines_common_library/v2/podman/podman_command.py

@@ -0,0 +1,311 @@
+import os, subprocess, time, uuid
+
+from pathlib import Path
+from qubership_pipelines_common_library.v1.execution.exec_command import ExecutionCommand
+from qubership_pipelines_common_library.v1.utils.utils_string import UtilsString
+
+
+class PodmanRunImage(ExecutionCommand):
+    """
+        Executes a container using "podman run" command.
+
+        This command supports running containers with configurable execution parameters,
+        environment variable management, file mounting, and output extraction.
+
+        Input Parameters Structure (this structure is expected inside "input_params.params" block):
+        ```
+        {
+            "image": "docker.io/library/hello-world:latest",  # REQUIRED: Container image to run
+            "command": "python -m pipelines_declarative_executor run --pipeline_dir=\"/WORK/EXEC_DIR\"",  # OPTIONAL: Command to execute in container
+            "execution_config": { # ALL OF THESE ARE OPTIONAL
+                "working_dir": "/some/dir/inside/container",  # Working directory inside container
+                "timeout": "600",  # Maximum execution time in seconds
+                "operations_timeout": "15",  # Timeout for operations like file copying
+                "remove_container": True,  # Whether to remove container after execution
+                "save_stdout_to_logs": True,  # Save container stdout to execution logs
+                "save_stdout_to_files": True,  # Save container stdout to output files
+                "save_stdout_to_params": False,  # Save container stdout to output parameters
+                "expected_return_codes": "0,125",  # Comma-separated list of acceptable exit codes
+                "additional_run_flags": "--cgroups=disabled",  # Optional string of flags that will be added to "podman run" command
+            },
+            "before_script": {
+                "mounts": {  # Filesystem mounts, "host_path: container_path"
+                    "output_files": "/WORK",
+                    "prepared_data": "/CONFIGS"
+                },
+                "env_vars": {
+                    "explicit": {  # Direct environment variable assignment
+                        "PIPELINES_DECLARATIVE_EXECUTOR_ENCRYPT_OUTPUT_SECURE_PARAMS": False
+                    },
+                    "env_files": [  # Environment files on host to load and pass into container
+                        "../CONFIGS/sample.env"
+                    ],
+                    "pass_via_file": {  # Sensitive vars passed via temp file
+                        "SOMETHING_VERY_SECURE": "PASSWORD"
+                    },
+                    "host_prefixes": [  # Host environment variable prefixes to pass through. Can use "*" to pass everything from host.
+                        "SOME_PREFIX_*"
+                    ]
+                }
+            },
+            "after_script": {
+                "copy_files_to_host": {  # Copy files from container to host after execution, "host_path: container_path"
+                    "output_files/report.json": "/WORK/EXEC_DIR/pipeline_state/pipeline_ui_view.json",
+                    "output_files/pipeline_state": "/WORK/EXEC_DIR/pipeline_state",
+                },
+                "extract_params_from_files": {  # OPTIONAL: Extract parameters from container files. Supports JSON, YAML, and ENV files
+                    "SOME_FILE_IN_CONTAINER": "SECTION_NAME_IN_PARAMS_WHERE_IT_WILL_BE_STORED",
+                }
+            }
+        }
+        ```
+
+        Output Parameters:
+            - params.execution_time: Total execution time in seconds
+            - params.return_code: Container exit code
+            - params.stdout: Container stdout (if save_stdout_to_params enabled)
+            - params.stderr: Container stderr (if save_stdout_to_params enabled)
+            - params.extracted_output.*: Extracted parameters from files (if extract_params_from_files configured)
+
+        Notes:
+            - The command automatically handles container lifecycle including start, execution, and cleanup
+            - All host-paths (including mount paths) are resolved relative to context directory.
+        """
+
+    def _validate(self):
+        names = [
+            "paths.input.params",
+            "paths.output.params",
+            "paths.output.files",
+            "params.image",
+        ]
+        if not self.context.validate(names):
+            return False
+
+        # Check if podman is available
+        try:
+            subprocess.run(["podman", "--version"], capture_output=True, check=True)
+        except (subprocess.CalledProcessError, FileNotFoundError):
+            self.context.logger.error("Podman is not available on this system. Please install podman to use this command.")
+            return False
+
+        # Setup defaults & convert values
+        self.image = self.context.input_param_get("params.image")
+        self.command = self.context.input_param_get("params.command")
+
+        # execution_config
+        self.working_dir = self.context.input_param_get("params.execution_config.working_dir")
+        self.timeout = float(self.context.input_param_get("params.execution_config.timeout", 60))
+        self.operations_timeout = float(self.context.input_param_get("params.execution_config.operations_timeout", 15))
+        self.remove_container = UtilsString.convert_to_bool(self.context.input_param_get("params.execution_config.remove_container", True))
+        self.save_stdout_to_logs = UtilsString.convert_to_bool(self.context.input_param_get("params.execution_config.save_stdout_to_logs", True))
+        self.save_stdout_to_files = UtilsString.convert_to_bool(self.context.input_param_get("params.execution_config.save_stdout_to_files", True))
+        self.save_stdout_to_params = UtilsString.convert_to_bool(self.context.input_param_get("params.execution_config.save_stdout_to_params", False))
+        self.expected_return_codes = [int(num) for num in self.context.input_param_get("params.execution_config.expected_return_codes", "0").split(',')]
+        self.additional_run_flags = self.context.input_param_get("params.execution_config.additional_run_flags")
+
+        # before_script
+        self.mounts_config = self.context.input_param_get("params.before_script.mounts", {})
+        self.env_vars_config = self.context.input_param_get("params.before_script.env_vars", {})
+
+        # after_script
+        self.copy_files_config = self.context.input_param_get("params.after_script.copy_files_to_host", {})
+        self.extract_params_config = self.context.input_param_get("params.after_script.extract_params_from_files", {})
+
+        # Get base paths
+        self.context_dir_path = Path(os.path.dirname(self.context.context_path))
+        self.input_params_path = Path(self.context.input_param_get("paths.input.params"))
+        self.output_params_path = Path(self.context.input_param_get("paths.output.params"))
+        self.output_files_path = Path(self.context.input_param_get("paths.output.files"))
+        self.container_name = f"podman_{str(uuid.uuid4())}"
+        return True
+
+    def _run_sp_command(self, command, timeout=None):
+        return subprocess.run(command, capture_output=True, text=True,
+                              timeout=timeout if timeout else self.timeout,
+                              cwd=self.context_dir_path)
+
+    def _build_podman_command(self) -> list[str]:
+        cmd = ["podman", "run", "--name", self.container_name]
+
+        if self.additional_run_flags:
+            import shlex
+            cmd.extend(shlex.split(self.additional_run_flags))
+
+        if self.working_dir:
+            cmd.extend(["--workdir", self.working_dir])
+
+        if self.env_vars_config:
+            cmd.extend(self._build_command_env_var_args())
+
+        for host_path, container_path in self.mounts_config.items():
+            cmd.extend(["--mount", f"type=bind,source={host_path},target={container_path}"])
+
+        cmd.append(self.image)
+
+        if self.command:
+            import shlex
+            cmd.extend(shlex.split(self.command))
+
+        return cmd
+
+    def _build_command_env_var_args(self) -> list[str]:
+        args = []
+        for key, value in self.env_vars_config.get("explicit", {}).items():
+            args.extend(["--env", f"{key}={value}"])
+
+        for prefix in self.env_vars_config.get("host_prefixes", []):
+            args.extend(["--env", f"{prefix}"])
+
+        for env_file in self.env_vars_config.get("env_files", []):
+            args.extend(["--env-file", f"{env_file}"])
+
+        if self.env_vars_config.get("pass_via_file"):
+            env_file_path = self.context_dir_path.joinpath("temp").joinpath("temp.env")
+            env_file_path.parent.mkdir(parents=True, exist_ok=True)
+            with open(env_file_path, 'w') as f:
+                for key, value in self.env_vars_config["pass_via_file"].items():
+                    f.write(f"{key}={value}\n")
+            args.extend(["--env-file", str(env_file_path)])
+
+        return args
+
+    def _copy_files_from_container(self):
+        for host_path, container_path in self.copy_files_config.items():
+            full_host_path = self.context_dir_path.joinpath(host_path)
+            full_host_path.parent.mkdir(parents=True, exist_ok=True)
+
+            copy_command = ["podman", "cp", f"{self.container_name}:{container_path}", str(full_host_path)]
+            try:
+                copy_result = self._run_sp_command(copy_command, self.operations_timeout)
+                if copy_result.returncode != 0:
+                    self.context.logger.warning(f"Failed to copy {container_path} to {host_path}: {copy_result.stderr}")
+                else:
+                    self.context.logger.debug(f"Copied {container_path} to {host_path}")
+            except subprocess.TimeoutExpired:
+                self.context.logger.warning(f"Copy command timed out after {self.operations_timeout} seconds")
+
+    def _extract_params_from_container(self):
+        import tempfile
+        with tempfile.TemporaryDirectory() as temp_dir:
+            for container_file_path, output_key_base in self.extract_params_config.items():
+                try:
+                    temp_file_path = Path(temp_dir) / Path(container_file_path).name
+                    copy_command = ["podman", "cp", f"{self.container_name}:{container_file_path}", str(temp_file_path)]
+                    copy_result = self._run_sp_command(copy_command, self.operations_timeout)
+                    if copy_result.returncode != 0:
+                        self.context.logger.warning(f"Failed to copy file {container_file_path} for params-extraction: {copy_result.stderr}")
+                        continue
+                    if not temp_file_path.exists():
+                        self.context.logger.warning(f"File {container_file_path} for params-extraction not found after copy")
+                        continue
+                    if file_content := self._parse_custom_file_params(temp_file_path):
+                        base_key = output_key_base if output_key_base else container_file_path.replace('/','_').replace('.', '_')
+                        self.context.output_param_set(f"params.extracted_output.{base_key}", file_content)
+                except Exception as e:
+                    self.context.logger.warning(f"Failed to extract params from file {container_file_path}: {e}")
+
+    def _parse_custom_file_params(self, file_path: Path):
+        try:
+            try:
+                import json
+                with open(file_path, 'r', encoding='utf-8') as f:
+                    return json.load(f)
+            except Exception:
+                pass
+
+            try:
+                import yaml
+                with open(file_path, 'r', encoding='utf-8') as f:
+                    return yaml.safe_load(f)
+            except Exception:
+                pass
+
+            try:
+                key_values = {}
+                with open(file_path, 'r', encoding='utf-8') as f:
+                    for line in f:
+                        line = line.strip()
+                        if line and not line.startswith('#') and '=' in line:
+                            key, value = line.split('=', 1)
+                            key_values[key.strip()] = value.strip()
+                return key_values if key_values else None
+            except Exception:
+                pass
+
+            with open(file_path, 'r', encoding='utf-8') as f:
+                return f.read().strip()
+
+        except Exception as e:
+            self.context.logger.warning(f"Failed to parse custom-params file {file_path}: {e}")
+            return None
+
+    def _write_stdout_files(self, stdout: str, stderr: str):
+        (self.output_files_path / "container_stdout.txt").write_text(stdout, encoding='utf-8')
+        (self.output_files_path / "container_stderr.txt").write_text(stderr, encoding='utf-8')
+
+    def _process_output(self, output: subprocess.CompletedProcess):
+        self.context.output_param_set("params.execution_time", f"{self.execution_time:0.3f}s")
+        self.context.output_param_set("params.return_code", output.returncode)
+
+        if output.stdout and isinstance(output.stdout, bytes):
+            output.stdout = output.stdout.decode('utf-8', errors='replace')
+        if output.stderr and isinstance(output.stderr, bytes):
+            output.stderr = output.stderr.decode('utf-8', errors='replace')
+
+        if self.save_stdout_to_logs:
+            if output.stdout:
+                self.context.logger.debug(f"Container stdout:\n{output.stdout}")
+            if output.stderr:
+                self.context.logger.debug(f"Container stderr:\n{output.stderr}")
+
+        if self.save_stdout_to_files:
+            self._write_stdout_files(output.stdout, output.stderr)
+
+        if self.save_stdout_to_params:
+            self.context.output_param_set("params.stdout", output.stdout)
+            self.context.output_param_set("params.stderr", output.stderr)
+
+        if self.extract_params_config:
+            self._extract_params_from_container()
+
+        if self.copy_files_config:
+            self._copy_files_from_container()
+
+        if output.returncode not in self.expected_return_codes:
+            raise PodmanException(output.stderr)
+
+    def _execute(self):
+        self.context.logger.info(f"Running podman image \"{self.image}\"...")
+        start = time.perf_counter()
+        try:
+            output = self._run_sp_command(self._build_podman_command())
+            self.execution_time = time.perf_counter() - start
+            self.context.logger.info(
+                f"Container finished with code: {output.returncode}"
+                f"\nExecution time: {self.execution_time:0.3f}s"
+            )
+            self._process_output(output)
+
+        except subprocess.TimeoutExpired:
+            self.context.logger.error(f"Container execution timed out after {self.timeout} seconds")
+            raise
+
+        except PodmanException:
+            self.context.logger.error("Container exited with unexpected exitcode")
+            raise
+
+        except Exception as e:
+            self.context.logger.error(f"Container execution failed: {e}")
+            raise
+
+        finally:
+            if self.remove_container:
+                remove_output = subprocess.run(["podman", "rm", "-f", self.container_name], capture_output=True)
+                if remove_output.returncode != 0:
+                    self.context.logger.warning(f"Failed to remove container {self.container_name}:\n{remove_output.stdout}\n{remove_output.stderr}")
+            self.context.output_params_save()
+
+
+class PodmanException(Exception):
+    pass