DevOps warning Java 11

When running a build on azure DevOps we are getting message indicating the wrong version of Java is being used.
It looks like this message has started coming up this morning (august 3rd).

From the documentation I cannot find a way to force the sonar scanner to use (the already installed) java version 17.

Message

![Warning](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/message_warning.svg "Warning")The version of Java (11.0.20) you have used to run this analysis is deprecated and we will stop accepting it soon. Please update to at least Java 17.
Read more [here](https://docs.sonarcloud.io/appendices/scanner-environment/)

background
The image used has Java 8, 11 and 17 installed
Documentation on image configuration https://github.com/actions/runner-images/blob/win22/20230730.1/images/win/Windows2022-Readme.md

Log from the sonar analysis task attached at the bottom

Attempted: install java 17
I have added a step to install java 17. But this made no difference, (sonar publish still reported using v11) (Standard Dev Ops steps):

  - task: JavaToolInstaller@0
    inputs:
      versionSpec: '17'
      jdkArchitectureOption: 'x64'
      jdkSourceOption: 'PreInstalled'

This reported it was installed and updated the path:

Use preinstalled JDK from C:\hostedtoolcache\windows\Java_Temurin-Hotspot_jdk\17.0.8-7\x64
JAVA_HOME is being set to: C:\hostedtoolcache\windows\Java_Temurin-Hotspot_jdk\17.0.8-7\x64
JAVA_HOME_17_X64 is being set to: C:\hostedtoolcache\windows\Java_Temurin-Hotspot_jdk\17.0.8-7\x64
Prepending PATH environment variable with directory: C:\hostedtoolcache\windows\Java_Temurin-Hotspot_jdk\17.0.8-7\x64\bin

Sonar Log

2023-08-03T09:09:25.9224849Z ##[section]Starting: Run Sonar Analysis
2023-08-03T09:09:26.8447853Z ==============================================================================
2023-08-03T09:09:26.8448002Z Task         : Run Code Analysis
2023-08-03T09:09:26.8448069Z Description  : Run scanner and upload the results to the SonarCloud server.
2023-08-03T09:09:26.8448155Z Version      : 1.40.0
2023-08-03T09:09:26.8448217Z Author       : sonarsource
2023-08-03T09:09:26.8448273Z Help         : Version: 1.40.0. This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.

[More Information](https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarcloud-extension-for-azure-devops/)
2023-08-03T09:09:26.8448485Z ==============================================================================
2023-08-03T09:09:27.1271984Z [command]D:\a\_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\1.37.0\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe end
2023-08-03T09:09:27.1955838Z SonarScanner for MSBuild 5.13
2023-08-03T09:09:27.1990915Z Using the .NET Framework version of the Scanner for MSBuild
2023-08-03T09:09:27.2307517Z Post-processing started.
2023-08-03T09:09:27.4115814Z Calling the TFS Processor executable...
2023-08-03T09:09:27.5412787Z Attempting to locate the CodeCoverage.exe tool...
2023-08-03T09:09:27.5464164Z Attempting to locate the CodeCoverage.exe tool using setup configuration...
2023-08-03T09:09:27.9746413Z Code coverage command line tool: C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Team Tools\Dynamic Code Coverage Tools\CodeCoverage.exe
2023-08-03T09:09:27.9927076Z Fetching code coverage report information from TFS...
2023-08-03T09:09:27.9947017Z Attempting to locate a test results (.trx) file...
2023-08-03T09:09:28.2134036Z Looking for TRX files in: D:\a\1\TestResults
2023-08-03T09:09:28.2134597Z No test results files found
2023-08-03T09:09:28.4265669Z Did not find any binary coverage files in the expected location.
2023-08-03T09:09:28.4279206Z Falling back on locating coverage files in the agent temp directory.
2023-08-03T09:09:28.4284299Z Searching for coverage files in D:\a\_temp
2023-08-03T09:09:28.4854965Z All matching files: count=4
2023-08-03T09:09:28.4856480Z 	D:\a\_temp\25088ff3-b9d3-4ead-88db-dae22298a203\523b16b9-b7ba-44a0-a9d6-3e238c74d753.coverage
2023-08-03T09:09:28.4857147Z 	D:\a\_temp\e2016592-621d-4446-8cd7-15874de9e2fb\bef7755e-ea5b-4edd-b0d7-29232ca313ea.coverage
2023-08-03T09:09:28.4857732Z 	D:\a\_temp\VssAdministrator_fv-az770-143_2023-08-03_09_09_08\In\fv-az770-143\523b16b9-b7ba-44a0-a9d6-3e238c74d753.coverage
2023-08-03T09:09:28.4858312Z 	D:\a\_temp\VssAdministrator_fv-az770-143_2023-08-03_09_09_20\In\fv-az770-143\bef7755e-ea5b-4edd-b0d7-29232ca313ea.coverage
2023-08-03T09:09:28.5165030Z Unique coverage files: count=2
2023-08-03T09:09:28.5165820Z 	D:\a\_temp\25088ff3-b9d3-4ead-88db-dae22298a203\523b16b9-b7ba-44a0-a9d6-3e238c74d753.coverage
2023-08-03T09:09:28.5166400Z 	D:\a\_temp\e2016592-621d-4446-8cd7-15874de9e2fb\bef7755e-ea5b-4edd-b0d7-29232ca313ea.coverage
2023-08-03T09:09:28.6629788Z Executing file C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Team Tools\Dynamic Code Coverage Tools\CodeCoverage.exe
2023-08-03T09:09:28.6630921Z   Args: analyze /output:D:\a\_temp\25088ff3-b9d3-4ead-88db-dae22298a203\523b16b9-b7ba-44a0-a9d6-3e238c74d753.coveragexml D:\a\_temp\25088ff3-b9d3-4ead-88db-dae22298a203\523b16b9-b7ba-44a0-a9d6-3e238c74d753.coverage 
2023-08-03T09:09:28.6631563Z   Working directory: D:\a\_temp\25088ff3-b9d3-4ead-88db-dae22298a203
2023-08-03T09:09:28.6631956Z   Timeout (ms):60000
2023-08-03T09:09:28.6632263Z   Process id: 1048
2023-08-03T09:09:29.2933904Z                                 
2023-08-03T09:09:29.2936081Z  
2023-08-03T09:09:29.6204698Z  
2023-08-03T09:09:29.6229775Z Process returned exit code 0
2023-08-03T09:09:29.6239613Z Executing file C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Team Tools\Dynamic Code Coverage Tools\CodeCoverage.exe
2023-08-03T09:09:29.6240613Z   Args: analyze /output:D:\a\_temp\e2016592-621d-4446-8cd7-15874de9e2fb\bef7755e-ea5b-4edd-b0d7-29232ca313ea.coveragexml D:\a\_temp\e2016592-621d-4446-8cd7-15874de9e2fb\bef7755e-ea5b-4edd-b0d7-29232ca313ea.coverage 
2023-08-03T09:09:29.6241266Z   Working directory: D:\a\_temp\e2016592-621d-4446-8cd7-15874de9e2fb
2023-08-03T09:09:29.6241652Z   Timeout (ms):60000
2023-08-03T09:09:29.6241959Z   Process id: 4432
2023-08-03T09:09:29.6550204Z                                 
2023-08-03T09:09:29.6550733Z  
2023-08-03T09:09:29.9182855Z  
2023-08-03T09:09:29.9201611Z Process returned exit code 0
2023-08-03T09:09:29.9208568Z Coverage report conversion completed successfully.
2023-08-03T09:09:29.9280279Z The TFS Processor has finished
2023-08-03T09:09:29.9323921Z Calling the SonarScanner CLI...
2023-08-03T09:09:37.4482983Z INFO: Scanner configuration file: D:\a\_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\1.37.0\classic-sonar-scanner-msbuild\sonar-scanner-4.8.0.2856\bin\..\conf\sonar-scanner.properties
2023-08-03T09:09:37.4696202Z INFO: Project root configuration file: D:\a\1\.sonarqube\out\sonar-project.properties
2023-08-03T09:09:38.3757660Z INFO: SonarScanner 4.8.0.2856
2023-08-03T09:09:38.3758382Z INFO: Java 11.0.20 Eclipse Adoptium (64-bit)
2023-08-03T09:09:38.3758721Z INFO: Windows Server 2022 10.0 amd64
2023-08-03T09:09:45.5005602Z INFO: User cache: C:\Users\VssAdministrator\.sonar\cache
2023-08-03T09:09:50.3457284Z INFO: Analyzing on SonarCloud
2023-08-03T09:09:50.3458388Z INFO: Default locale: "en_US", source code encoding: "windows-1252" (analysis is platform dependent)
2023-08-03T09:09:53.2196617Z INFO: Load global settings
2023-08-03T09:09:53.4086612Z INFO: Load global settings (done) | time=188ms
2023-08-03T09:09:53.4309731Z INFO: Server id: 1BD809FA-AWHW8ct9-T_TB3XqouNu
2023-08-03T09:09:53.5454066Z INFO: User cache: C:\Users\VssAdministrator\.sonar\cache
2023-08-03T09:09:53.5537178Z INFO: Load/download plugins
2023-08-03T09:09:53.5537711Z INFO: Load plugins index
2023-08-03T09:09:53.8319097Z INFO: Load plugins index (done) | time=284ms
2023-08-03T09:10:19.9131473Z INFO: Load/download plugins (done) | time=26361ms
2023-08-03T09:10:20.6531193Z INFO: Loaded core extensions: developer-scanner
2023-08-03T09:10:21.4669917Z INFO: Found an active CI vendor: 'Azure DevOps'
2023-08-03T09:10:21.4674398Z INFO: Load project settings for component key: '***********************************'
2023-08-03T09:10:21.5409339Z INFO: Load project settings for component key: '***********************************' (done) | time=63ms
2023-08-03T09:10:21.6513849Z INFO: Process project properties
2023-08-03T09:10:21.6755125Z INFO: Execute project builders
2023-08-03T09:10:21.8404467Z INFO: Execute project builders (done) | time=172ms
2023-08-03T09:10:21.8535949Z INFO: Project key: ***********************************
2023-08-03T09:10:21.8536594Z INFO: Base dir: D:\a\1\s
2023-08-03T09:10:21.8536949Z INFO: Working dir: D:\a\1\.sonarqube\out\.sonar
2023-08-03T09:10:22.9856727Z INFO: Load project branches
2023-08-03T09:10:23.0623685Z INFO: Load project branches (done) | time=78ms
2023-08-03T09:10:23.0624624Z INFO: Check ALM binding of project '***********************************'
2023-08-03T09:10:23.1215390Z INFO: Detected project binding: BOUND
2023-08-03T09:10:23.1216208Z INFO: Check ALM binding of project '***********************************' (done) | time=63ms
2023-08-03T09:10:23.1217541Z INFO: Load project pull requests
2023-08-03T09:10:23.2182966Z INFO: Load project pull requests (done) | time=94ms
2023-08-03T09:10:23.2209357Z INFO: Load branch configuration
2023-08-03T09:10:23.2222532Z INFO: Load branch configuration (done) | time=0ms
2023-08-03T09:10:23.2597120Z INFO: Load quality profiles
2023-08-03T09:10:23.4312140Z INFO: Load quality profiles (done) | time=187ms
2023-08-03T09:10:23.4419448Z INFO: Load active rules
2023-08-03T09:10:27.4359892Z INFO: Load active rules (done) | time=3986ms

Template for a good new topic, formatted with [Markdown](https://commonmark.org/help/):
* ALM used (GitHub, Bitbucket Cloud, Azure DevOps)
* CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI
* Scanner command used when applicable (private details masked)
* Languages of the repository
* Only if the SonarCloud project is public, the URL
  * And if you need help with pull request decoration, then the URL to the PR too
* Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
* Steps to reproduce
* Potential workaround

**Do not share screenshots of logs -- share the text itself (bonus points for being well-formatted)!**

Hey there.

The task is currently using JAVA_HOME_11_X64 by default… and that surely needs to change now that using Java 11 is deprecated and Java 17 is the minimum supported version. I will flag that for attention.

For now, you can try the following:

- task: SonarCloudAnalyze@1
  inputs:
    jdkversion: 'JAVA_HOME_17_X64'

Specifying the version does resolve the issue with the warning.

But my expectation would be that the task with default parameters does not use deprecated dependencies. This would mean I would have to update all my pipelines and lock the sonar task onto this java version.
Is this behaviour correct (default task configuration > always results in a warning)?

What may be relevant is that I do see a version 1.41.0 of the sonarscanner. The devops organization is reporting this as installed but the task is still using version 1.40.0.
Attempting to run the pipeline forcing it to version 1.41.0 reports that that version is not available.
In the release notes of the git repo of the for the vsts scanner I do see a note about an option to select the java version but I am not sure if this is relevant to my issue (and would allow me to use the existing pipelines without locking the java version).

Today I started seeing this from our SonarCloud analyses. I agree that the default parameters should not trigger this.

We also started noticing these remarks on several build pipelines. Looking back to the past it seems to be a similar issue back with moving to Java 11: Older default java version used with Azure devops Hosted agent - #27 by Vossekop
My idea would be that this is fixed in the task internally (by trying to fetch the latest possible version) rather than everybody having to update their pipelines (which in our case are also quite a lot).

The workaround was successful. Please let us know when it is no longer required so we don’t leave things locked to Java 17.

Hello there,

The extension has been updated (it should display v1.38.0 for the prepare task and v1.41.0 for the analyze task).

We’re now choosing Java 17 if it’s available through the JAVA_HOME_17_X64 env variable.

Mickaël

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.