Moving Sonar execution from java 11 to java 17

ALM Used : Bitbucket Cloud
CI system used : Bitbucket Cloud
Language used : Java 11
Build Tool : Gradle v6.0
Scanner command : As detailed in the documentation

./gradlew :X:assemble sonar

The above used to work until Java 11 is deprecated.

I followed through the documentation on Sonar where we have to install Java 17 and set the JAVA_HOME to java 17 and perform like below:

./gradlew :X:assemble 
export JAVA_HOME=path/to/java17
./gradlew sonar

The above throws an exception since Gradle 6.0 itself cannot be run with Java 17 and I think Gradle must be on minimum version of 7.3.

What can be done in this situation please other than to upgrade Gradle?

1 Like


Yes, you’ll need to upgrade Gradle.


Hi Ann,

Thats not very good at all. Sonar must run standalone without hindering our dev or build environments.

What you are suggesting is, we need to take time upgrading gradle (which involve resolving dependencies), roll it out to all devs as well as our pipelines.

Btw, one of your documentation suggested Gradle 5+ is enough which is incorrect as well then.

Can you please feed this back internally within your team and they must know we are not happy how java upgrades are being handled.

Thanks for your help.


Would you mind pointing me to that so we can get it corrected?

How you run your build is your business, but from what I can tell, active support for Gradle 6 ended nearly 3 years ago, in April 2021, and critical bug / vulnerability fixes stopped almost a year ago.

On our side, our policy is to support the tool versions that are supported by their vendors.



The above is where gradle 5+ was specified.

I agree Gradle 6 support was ended. This is our build environment which requires changing.
But my argument is, Sonar shouldnt be banking on our build process to execute. Rather it must have a standalone way to execute and analyse our code.

I was hoping you would suggest Sonar scanner or Bitbucket pipeline Sonar scanner image. So my question is, will I be able to use Sonar scanner CLI or Bitbucket pipeline Sonar scanner image for our purpose? Just dont want to spend too much time on it and realising this is not for us.
Please let me know if one of them would work and we will assign it to someone to have a look.



The benefit of using the build-specific scanners is that they assemble most of the information needed for analysis for you from the environment. But at the end of the day, they’re wrappers around SonarScanner CLI.

So yes, you can do this manually. For the best analysis, you’ll need to make sure you provide all the relevant data for all the Java-specific properties.