Sonarqube upgrade from 8.9 to 9.6

Hi Team,
I have upgraded sonarqube from 8.9 to 9.6. and now our sonarqube server is running on java 11 version. I have tested sonarqube scanner for few java based application which are on version 11 and 17. However, when I am trying to test scanner for java version 8 app then we are getting error which looks not supported by scanner.

Could you please help to revolve issue. find the error below

[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.5.0.1254:sonar (default-cli) on project store-trade-notification: Execution default-cli of goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.5.0.1254:sonar failed: An API incompatibility was encountered while executing org.sonarsource.scanner.maven:sonar-maven-plugin:3.5.0.1254:sonar: java.lang.UnsupportedClassVersionError: org/sonar/batch/bootstrapper/EnvironmentInformation has been compiled by a more recent version of the Java Runtime (class file version 55.0), this version of the Java Runtime only recognizes class file versions up to 52.0

Welcome :slight_smile:

you should update to either Sonarqube 9.9.1 LTS or the latest Sonarqube 10.0, as only the LTS and
the latest version are supported.

Of course the analyis of Java 8 applications is still supported, it’s just that the scan itself has to be run
with Java 11 or Java 17.

You should always use the latest version of Sonarqube Maven Plugin.
Just remove the plugin configuration as described here

and the latest version will be used.

Gilbert

Thanks for replying,
As per your suggestion we removed the sonarscanner maven plugin from pom.xml and after testing we are getting below error

Downloaded from central: https://repo.maven.apache.org/maven2/com/google/guava/guava/18.0/guava-18.0.jar (2.3 MB at 6.5 MB/s) [INFO] User cache: /root/.sonar/cache [ERROR] SonarQube server [http://localhost:9000] can not be reached [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 3.375 s [INFO] Finished at: 2023-06-09T17:33:08Z [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.0.2:sonar (default-cli) on project store-trade-notification: Unable to execute SonarQube: Fail to download libraries from server: Connection refused (Connection refused) → [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] MojoExecutionException - Apache Maven - Apache Software Foundation [Pipeline] } [Pipeline] // container [Pipeline] } WARN: Unable to locate ‘report-task.txt’ in the workspace. Did the SonarScanner succeed?

Then we try to use the latest sonarqube plugin

org.sonarsource.scanner.maven
sonar-maven-plugin
3.9.0.2155

then i m getting this error

Downloaded from central: https://repo.maven.apache.org/maven2/org/sonarsource/scanner/api/sonar-scanner-api/2.16.1.361/sonar-scanner-api-2.16.1.361.jar (625 kB at 3.1 MB/s)
[INFO] User cache: /root/.sonar/cache
[INFO] SonarQube version: 9.6.0.59041
[INFO] Default locale: “en”, source code encoding: “UTF-8”
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 3.740 s
[INFO] Finished at: 2023-06-09T17:35:18Z
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.0.2155:sonar (default-cli) on project store-trade-notification: Execution default-cli of goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.0.2155:sonar failed: An API incompatibility was encountered while executing org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.0.2155:sonar: java.lang.UnsupportedClassVersionError: org/sonar/batch/bootstrapper/EnvironmentInformation has been compiled by a more recent version of the Java Runtime (class file version 55.0), this version of the Java Runtime only recognizes class file versions up to 52.0
[ERROR] -----------------------------------------------------
[ERROR] realm = plugin>org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.0.2155
[ERROR] strategy = org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy
[ERROR] urls[0] = file:/root/.m2/repository/org/sonarsource/scanner/maven/sonar-maven-plugin/3.9.0.2155/sonar-maven-plugin-3.9.0.2155.jar
[ERROR] urls[1] = file:/root/.m2/repository/org/sonatype/plexus/plexus-sec-dispatcher/1.4/plexus-sec-dispatcher-1.4.jar
[ERROR] urls[2] = file:/root/.m2/repository/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar
[ERROR] urls[3] = file:/root/.m2/repository/org/codehaus/plexus/plexus-utils/3.2.1/plexus-utils-3.2.1.jar
[ERROR] urls[4] = file:/root/.m2/repository/org/sonarsource/scanner/api/sonar-scanner-api/2.16.1.361/sonar-scanner-api-2.16.1.361.jar
[ERROR] urls[5] = file:/root/.m2/repository/commons-lang/commons-lang/2.6/commons-lang-2.6.jar
[ERROR] Number of foreign imports: 1
[ERROR] import: Entry[import from realm ClassRealm[maven.api, parent: null]]
[ERROR]
[ERROR] -----------------------------------------------------
[ERROR]
[ERROR] → [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] PluginContainerException - Apache Maven - Apache Software Foundation

Your first test shows two problems =

Are there any proxies or firewalls involved ?
This test uses the version 3.0.2 of the sonar maven plugin which is much too old, means it won’t work anyway.

Your second test shows, that your mvn CLI still uses Java 8, but it needs to run on Java 11 - with Sonarqube >= 9.9.0 Java 11 or Java 17.

How do you run your Maven builds, Jenkins or … ?
Also it seems you’re running your builds as root, that’s not recommended.

There are no proxies used. The old version 8.9.6 dont have any firewall issues
We are using Jenkins to build and execute the maven sonarqube scan

sh """
#!/bin/bash -xel
  mvn sonar:sonar
""".trim()

}

As you suggested we are trying to build our sonar server with higher version 9.9.0 LTS but during build we are getting below error. seems the latest version is not using run.sh. then how we are going to configure database properties. Let us know what are the changes we need to do in our repo to use run.sh file with 9.9.0 and above.

Status: Downloaded newer image for sonarqube:9.9.1-community
—> 2916e7bedb8a
Step 2/6 : MAINTAINER papajohns.com
—> Running in 77fa3ed49e78
Removing intermediate container 77fa3ed49e78
—> 283bfc6fde2b
Step 3/6 : COPY ./run.sh /tmp
—> d5d02ebae612
Step 4/6 : RUN mv /opt/sonarqube/bin/run.sh /tmp/run.sh.orig && cp /tmp/run.sh /opt/sonarqube/bin/run.sh && chmod 777 /opt/sonarqube/bin/run.sh
—> Running in 153d79f4fc09
mv: cannot stat ‘/opt/sonarqube/bin/run.sh’: No such file or directory
The command ‘/bin/sh -c mv /opt/sonarqube/bin/run.sh /tmp/run.sh.orig && cp /tmp/run.sh /opt/sonarqube/bin/run.sh && chmod 777 /opt/sonarqube/bin/run.sh’ returned a non-zero code: 1

I tried to build sonar 9.9.1 LTS image by using below docker file

Dockerfile -
FROM sonarqube:9.9.1-community
COPY ./entrypoint.sh /tmp
USER root
RUN mv /opt/sonarqube/docker/entrypoint.sh /tmp/entrypoint.sh.orig &&
cp /tmp/entrypoint.sh /opt/sonarqube/docker/entrypoint.sh &&
chmod 777 /opt/sonarqube/docker/entrypoint.sh
USER sonarqube
EXPOSE 8080

And below is the entrypoint.sh script

#!/bin/bash
set -e
if [ “${1:0:1}” != ‘-’ ]; then
exec “$@”
fi

java -jar lib/sonar-application-$SONAR_VERSION.jar
-Dsonar.log.console=true
-Dsonar.jdbc.username=“$SONARQUBE_JDBC_USERNAME”
-Dsonar.jdbc.password=“$SONARQUBE_JDBC_PASSWORD”
-Dsonar.jdbc.url=“$SONARQUBE_JDBC_URL”
-Dsonar.web.javaAdditionalOpts=“$SONARQUBE_WEB_JVM_OPTS -Djava.security.egd=file:/dev/./urandom”
-Dsonar.security.realm=LDAP
-Dldap.url=“$LDAP_URL”
-Dldap.bindDn=“$LDAP_BIND_DN”
-Dldap.bindPassword=“$LDAP_BIND_PASSWORD”
-Dldap.user.baseDn=“$LDAP_USER_BASEDN”
-Dldap.user.request=“(&(objectClass=user)(sAMAccountName={login}))”
-Dldap.user.realNameAttribute=cn
-Dldap.user.emailAttribute=email
-Dldap.group.baseDn=“$LDAP_GROUP_BASEDN”
-Dldap.group.request=“(&(objectClass=group)(member={dn}))”
-Dldap.group.idAttribute=sAMAccountName
“$@”

However, after rolled out deployment we are getting below error while login to sonarqube server

SonarQube is under maintenance

While waiting, install SonarLint in your IDE!

If you are an administrator and have no idea why this message is being shown, you should read the upgrade guide.

Could you please help us to correct our entrypoint.sh script if anything wrong or let us know what could be the issue for above eror.

I’m almost sure you will see this in $SONARQUBE_HOME/logs/web.log

################################################################################
The database must be manually upgraded. Please backup the database and browse /setup. For more information: https://docs.sonarqube.org/latest/setup/upgrading
################################################################################

You need to browse this url => http(s)//yoursonarhost/setup and confirm the database migration.

After you suggested i have upgraded the data base still i m seeing same error and below are the pod logs. so could you please let us know what may b the cause and could you please provide process how to upgrade database with compatible version.
Sonarqube image version - 9.9.1 LTS
Postgress SQL version - 10.0

Caused by: org.postgresql.util.PSQLException: ERROR: duplicate key value violates unique constraint “live_measures_component”
Detail: Key (component_uuid, metric_uuid)=(AWZYy0yjN-vsOa0OavQ-, 49) already exists.
at org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2676)
at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:2366)
… 24 common frames omitted

We upgraded the data base with postgresSQL 10.0 and sonarqube version is on 9.9.1 LTS and now still we are getting below error for scanning JDK 8 application. We tested for both maven scanner plugin 3.9.0.2155 and 3.5.0.1254

[INFO] User cache: /root/.sonar/cache
[INFO] SonarQube version: 9.9.1.69595
[INFO] Default locale: “en”, source code encoding: “UTF-8”
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 4.279 s
[INFO] Finished at: 2023-06-23T16:49:21Z
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.0.2155:sonar (default-cli) on project store-trade-notification: Execution default-cli of goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.0.2155:sonar failed: An API incompatibility was encountered while executing org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.0.2155:sonar: java.lang.UnsupportedClassVersionError: org/sonar/batch/bootstrapper/EnvironmentInformation has been compiled by a more recent version of the Java Runtime (class file version 55.0), this version of the Java Runtime only recognizes class file versions up to 52.0
[ERROR] -----------------------------------------------------
[ERROR] realm = plugin>org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.0.2155
[ERROR] strategy = org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy
[ERROR] urls[0] = file:/root/.m2/repository/org/sonarsource/scanner/maven/sonar-maven-plugin/3.9.0.2155/sonar-maven-plugin-3.9.0.2155.jar
[ERROR] urls[1] = file:/root/.m2/repository/org/sonatype/plexus/plexus-sec-dispatcher/1.4/plexus-sec-dispatcher-1.4.jar
[ERROR] urls[2] = file:/root/.m2/repository/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jar
[ERROR] urls[3] = file:/root/.m2/repository/org/codehaus/plexus/plexus-utils/3.2.1/plexus-utils-3.2.1.jar
[ERROR] urls[4] = file:/root/.m2/repository/org/sonarsource/scanner/api/sonar-scanner-api/2.16.1.361/sonar-scanner-api-2.16.1.361.jar
[ERROR] urls[5] = file:/root/.m2/repository/commons-lang/commons-lang/2.6/commons-lang-2.6.jar
[ERROR] Number of foreign imports: 1
[ERROR] import: Entry[import from realm ClassRealm[maven.api, parent: null]]
[ERROR]
[ERROR] -----------------------------------------------------
[ERROR]
[ERROR] → [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] PluginContainerException - Apache Maven - Apache Software Foundation
[Pipeline] }
[Pipeline] // container
[Pipeline] }
WARN: Unable to locate ‘report-task.txt’ in the workspace. Did the SonarScanner succeed?
[Pipeline] // withSonarQubeEnv

Your Maven build still uses Java 8, but it needs to run on Java 11 - with Sonarqube >= 9.9.0 Java 11 or Java 17.
The analyis of Java 8 applications is still supported, it’s just that the scan itself (means sonar:sonar) has to be run with Java 11 or Java 17.