Toolchains support for SonarQube Scanner for Maven

As per https://maven.apache.org/guides/mini/guide-using-toolchains.html,

Maven Toolchains provide a way for plugins to discover what JDK (or other tools) are to be used during the build, without the need to configure them in each plugin nin every pom.xml, or forcing a precise location among every machine building the project. […] For example, you want to use a different JDK version to build your project than the version used to run Maven,

(my) concrete use case: at work, we’ve some ancient java 7 application that must be examined. Latest sonarqube maven scanner requires java 8 so, initially, we had to split the build into two separate executions. Later on, we modified the build to make use of toolchains and set the JAVA_HOME to use a JDK8, which allowed us to go back to a one step build again. It’d be nice though, if the sonar scanner for maven could make use of toolchains too, thus not having to fallback to rely on $JAVA_HOME.

ref: https://github.com/spring-projects/spring-boot/issues/18686

thx in advance

Hi,
We don’t intend to support toolchains. The Scanner for Maven runs within the maven’s process so it would be a big effort to fork a separate process.
Couldn’t you have ran the maven build with JDK8, setting java source/target to Java 7?

Hi Duarte,
in our case, we use the same JVM as in production to make the build. We’ve had a couple of cases on production over the years, which were caused due to a bug on the JDK. Those cases would’ve been detected at build time if we’ve been using the same JDK at build/run time, so that is what we have ended up doing.

At some point SQ will require a JDK 11 to perform the analysis on the client/maven side (I recall reading somewhere this was next-LTS scoped? I may be mistaken, though). Then the suggested approach would not be feasible if the build is using jax-ws, or any of the other technologies noted at JEP-320. I’d suppose we could revert to multiple executions in that case, mungling with JAVA_HOME in between but, I’d hope for another workaround.

thanks for your time + best regards