Skip to main content
We’ve already created a Shared Library. In this guide, you’ll learn how to configure that library in Jenkins so any pipeline can fetch and use its code seamlessly. For complete reference, see the official Jenkins Shared Library documentation.
The image shows a Jenkins documentation page about using shared libraries in pipelines, with a form for configuring a global trusted pipeline library.

1. Shared Library Code

Assume your repository has a Groovy helper under vars/notifySlack.groovy: 
def call(String buildStatus = 'STARTED') {
    buildStatus = buildStatus ?: 'SUCCESS'
    def color = '#ee2805'
    if (buildStatus == 'SUCCESS') {
        color = '#47e0c5'
    } else if (buildStatus == 'UNSTABLE') {
        color = '#d4e0ed'
    }
    def msg = "${buildStatus}: '${env.JOB_NAME} #${env.BUILD_NUMBER};\n${env.BUILD_URL}'"
    slackSend(color: color, message: msg)
}
To use notifySlack() in your pipelines, configure the Shared Library in Jenkins.

2. Configure Shared Library in the Jenkins UI

  1. Navigate to Jenkins DashboardManage JenkinsConfigure System.
  2. Scroll down to Global Pipeline Libraries.
  3. Click Add to define a new library.

Trusted vs. Untrusted Libraries

Library TypeSandboxWhen to Use
TrustedNo restrictionsYour own libraries or organization-owned
UntrustedGroovy sandboxCommunity or third-party libraries; limited
Untrusted libraries run in the Groovy sandbox. If your code calls methods not whitelisted, you’ll see errors like:
org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException:
Scripts not permitted to use staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods get java.util.Map
Admin approval is required to whitelist new methods.

3. Adding a Trusted Shared Library

In Global Pipeline Libraries, fill out:
  1. Name: Dasher-Trusted-Shared-Libraries
  2. Default version: main
  3. Load implicitly: unchecked
  4. Allow default version to be overridden: checked
  5. Include in job recent changes: as desired
  6. Retrieval method: Git
  7. Project repository: <your-repo-URL>
  8. Credentials: none (public repo)
The image shows a Jenkins system configuration page, specifically for setting up a shared library with options for retrieval method, source code management, and project repository details.
Click ApplySave. Your library is now available for pipelines.

4. Pulling Dependencies with @Grab

Trusted libraries can use @Grab to fetch third-party Java dependencies from Maven Central: 
@Grab('org.apache.commons:commons-math3:3.4.1')
import org.apache.commons.math3.primes.Primes

void parallelize(int count) {
    if (!Primes.isPrime(count)) {
        error "${count} was not prime"
    }
    // …
}

def request = libraryResource 'mycorp/pipeline/some/lib/request.json'
These coordinates correspond to: 
<!-- https://mvnrepository.com/artifact/org.apache.commons/commons-math3 -->
<dependency>
  <groupId>org.apache.commons</groupId>
  <artifactId>commons-math3</artifactId>
  <version>3.4.1</version>
</dependency>
@Grab works only in a trusted library (no sandbox). Attempting it in an untrusted library triggers sandbox violations and requires admin approval for each new method.
The image shows a Jenkins system configuration page, specifically focusing on settings for untrusted pipeline libraries and Git plugin configuration.

5. Next Steps

You’ve configured a trusted Shared Library. Next, we’ll load it in a Jenkinsfile using the @Library annotation and demonstrate common patterns for reusable pipeline functions.

Watch Video