You thought you were in control.
You wrote:
pipeline {
agent any
stages {
stage('Build') {
steps {
sh 'mvn clean install'
}
}
}
}It smiled. Green check. Everything was fine.
Then you added… logic.
if (env.BRANCH_NAME == 'main') {
stage('Deploy') {
steps {
sh './deploy.sh'
}
}
}And Jenkins whispered:
“You think this is a scripting language.
But this is a ritual.”
The parser explodes.
You stare into the void.
There is no if in declarative.
You want conditionals?
“Use
when,” it moans,
wrapped in YAML-wrapped-Groovy-wrapped-DSL with zero documentation and an attitude problem.
So you obey:
stage('Deploy') {
when {
branch 'main'
}
steps {
sh './deploy.sh'
}
}Still it breaks.
Because the truth is: nothing in Jenkins ever runs because you asked.
It runs because the pipeline permits it.
You try to define shared logic.
You write a library.
You publish a shared step.
Jenkins responds with a 401 and a stack trace from 2007.
You dig into the sandbox logs.
You read the script approval docs like they’re ancient scrolls of forbidden lore.
“This script uses method
org.codehaus.groovy.runtime.callsitewhich is not approved.”
You don’t even know what that means — but you click Approve anyway.
Because you’re desperate.
Because you want the build to pass.
Because it’s been 37 minutes and the dev who wrote the original Jenkinsfile has left the company and legally changed their name.
And then… somehow… the pipeline passes.
You don’t celebrate.
You don’t smile.
You just add a comment:
// Don't touch. No one knows why this works.And you close the tab.