We received a mail termed as “Transition to Java 17 for Continued SonarCloud Platform Support”. What does this mean? whether we have to upgrade the Sonar cloud scanner to Java 17 or upgrade the project with java 17 runtime?
Our pipeline looks like below:
image: maven:3.6.3
-
step: &package
script: # Modify the commands below to build your repository.
mvn -B -s settings.xml -Drevision=$PACKAGE_VERSION clean install
-
step: &sonar
script:
- mvn -B verify -s settings.xml org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
Currently our project is built using JDK 1.8. What needs to be done from our end to use the Sonar cloud for code analysis. Please advise.
1 Like
Hello @Jagadeeswari ,
Only the runtime for the scanner has to be upgraded to use Java 17, no changes are required to your project itself.
One solution can be to change your image to maven:3.6.3-openjdk-17 to use Java 17 for the whole pipeline. If that does not work for your case, you can also just run the analysis with a newer Java version.
Hello Martin_Bednorz ,
Thanks for your reply.
We don’t want to change our whole pipeline to run with JAVA 17 as it may affect or impact artifacts generated by the upgraded version. So we want to change the JAVA version only for the Sonar analysis.
From the link, we are not very clear where to change exactly in the pipeline file as we are not using the declarative pipeline in bitbucket pipeline file.
Also we are not sure where to set the JAVA_HOME version in the pipeline file as we are using as below:
- mvn -B verify -s settings.xml org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
Please advise.
1 Like
I checked the BitBucket documentation and it looks like it is possible to change the image being used for individual steps. In that case, you could try the following for the &sonar step:
- step: &sonar
image: maven:3.6.3-openjdk-17
script:
- mvn -B verify -s settings.xml org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
In addition, you might need to move the verify command to an individual step (or the previous one) if this won’t run with Java 17.
Thankyou Martin Bednorz.
The solution provided for the &sonar step worked fine.
we would like to clarify on another query too. After November 15th, whether the Sonar scan will not run, will it throw any error if we didn’t update the pipeline file to use java 17?
Yes, exactly. You should see an error in the pipeline in case an old JDK is being used for the analysis.
1 Like