Sonar scanner maven and sonarQube compatibility

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    SonarQube 7.9.5 , sonar-maven-plugin:3.7.0.1746
  • what are you trying to achieve
    i am trying to run maven sonar:sonar goal
    and it executes as expected with 3.7.0.1746 sonar-maven-plugin version.

But it does not work for sonar-maven-plugin 3.2 with bellow error:
DEBUG] 19:12:33.240 Extract sonar-scanner-api-batch in temp…
[DEBUG] 19:12:33.249 Get bootstrap index…
[DEBUG] 19:12:33.251 Download: http://localhost:9000/batch_bootstrap/index

  • what have you tried so far to achieve this
    I do have proxy setting in maven settings.xml:
    localhost|127.*|[::1]
    and version 3.7+ executes successfully
    I was wondering if SonarQube 7.9.5 is even compatible with 3.2 scanner because I’ve noticed that 3.7 is accessing http://localhost:9000/batch/index in comparison to 3.2 trying to access http://localhost:9000/batch_bootstrap/index

I’ve also noticed that in SonarQube 6.7.6 – http://localhost:9000/batch_bootstrap/index redirects to http://localhost:9000/batch/index

Hi @mmak ,

Welcome to SonarSource Community :sonarsource: !

Is there a reason you want to use sonar-maven-plugin 3.2? Version 3.2 is very old and not optimized for later versions of SonarQube. You should use 3.7.0.1746 or higher (actually we have 3.9 available now here) for SonarQube 7.9.5. We just released 8.9 LTS now (download here), so this would be a good time to upgrade. More info about the upgrade at out blog: SonarSource Blog

Joe

Hi Joe,

Thank you for the reply.
I am definitely going to check the upgrade blog.

I am still curious is 3.2 is even compatible with later versions of SonarQube – we are upgrading to newer SonarQube (7.9.5 and 8.6), and I was looking to see if it is required for users to upgrade their scanner dependency.

Great! I hope it is informative for you.

The blog link I mentioned talks about this point precisely. You should always upgrade to the latest scanner plugin, which is much less low risk than upgrading SonarQube itself. The sonar-maven-plugin is backwards-compatible, so you should not encounter any issues with it if you upgrade it to 3.9.0, but you should verify and test it yourself to convince yourself.

Thank you. Going to test.

1 Like