SonarScanner Java Version Compatibility Issue in Docker Environment

Hello Sonar Community,

I’ve encountered an issue while integrating SonarScanner into my Dockerized CI/CD pipeline. Despite setting up my Dockerfile to use Java 17, which is required by SonarCloud for analysis, SonarScanner seems to be using a deprecated Java version (Java 11.0.11), resulting in compatibility errors.

Dockerfile Overview:

  • Base image: python:3.11
  • Install OpenJDK 17 and set JAVA_HOME to /usr/lib/jvm/java-17-openjdk-amd64
  • Install SonarScanner and add it to PATH
  • Execute SonarScanner with Java 17 explicitly set in JAVA_HOME

Error Message:

ERROR: Error during SonarScanner execution
ERROR: The version of Java (11.0.11) used to run this analysis is deprecated, and SonarCloud no longer supports it. Please upgrade to Java 17 or later.

Attempts to Fix:

  • Confirmed Java 17 installation and set JAVA_HOME to point to Java 17.
  • Ensured PATH includes the SonarScanner bin directory.
  • Used CMD in Dockerfile to explicitly set JAVA_HOME right before running SonarScanner.

Despite these attempts, the error persists, suggesting SonarScanner does not recognize the Java 17 installation. I’m looking for guidance on ensuring SonarScanner uses the correct Java version in a Docker environment.

Thank you in advance for your assistance!

Hey there.

Can you share your Dockerfile?

# Start with a Python 3.11 image as the base
FROM python:3.11

# Set environment variables to prevent Python from generating bytecode files

# Set the working directory inside the container to /app

# Copy the requirements file and install Python dependencies
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# Install OpenJDK 17 for SonarScanner compatibility with SonarCloud
RUN apt-get update && \
    apt-get install -y wget unzip openjdk-17-jdk && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

# Set JAVA_HOME environment variable to the path of the OpenJDK 17 installation
ENV JAVA_HOME /usr/lib/jvm/java-17-openjdk-amd64

# Download, unzip, and install SonarQube Scanner
RUN wget -q -O /tmp/ && \
    unzip -q /tmp/ -d /opt && \
    rm /tmp/ && \
    mv /opt/sonar-scanner-* /opt/sonar-scanner

# Add SonarQube Scanner to PATH
ENV PATH="/opt/sonar-scanner/bin:${PATH}"

# Copy the rest of the application's code into the container
COPY . .

# The command to run SonarScanner, configured for SonarCloud.
CMD ["sh", "-c", "export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 && sonar-scanner -Dsonar.projectKey=your_project_key -Dsonar.organization=your_organization_key -Dsonar.login=your_sonar_token"]

Here’s the issue. You’re installing a scanner that comes bundled with a JVM, and it’s a few versions old, so it’s coming bundled with an old version.

If you want to stop fiddling with the JVM entirely, try downloading the latest version that includes a JVM (v5.0.1), or just keep doing what you’re doing and switch to the Any (Requires a pre-installed JVM) scanner.