Compatibility Risks with Java 11 on Jenkins Controller for SonarQube Scans

I am currently running SonarQube version 10.21 and using Java 11 on my Jenkins controller to manage scanning jobs. I understand that SonarQube stopped supporting Java 11 as scanner runtime environment since January 2024, and my plan is to upgrade the Jenkins controllers accordingly by June 2024.

Could you please help me understand the potential risks or issues I might face by continuing to use Java 11 on my Jenkins controller in the interim? Specifically, I am interested in:

  • Any known compatibility issues between Java 11 and SonarQube 10.21
  • The impact on analysis results or performance
  • Possible security concerns
  • Recommendations for managing the transition smoothly

Any guidance or resources you could provide would be greatly appreciated.

Thank you for your assistance.

Hey there.

The only real risk you face is that SonarQube v10.2.1 is no longer an active version of SonarQube, and when you upgrade to an active version Java 11 will no longer be supported as a runtime. The inability to upgrade your SonarQube server may introduce operational/security concerns.

We offer some guidance (specifically for Jenkins) in the scanner environment section of our documentation.

Are you analyzing Java code? If not – it’s as simple as making sure you’re using v5.0+ of the scanner (as defined in your Jenkins global tool configuration).