Use Java 17 for SonarScan in Bitbucket Pipeline to analyze C/C++ project

  • ALM used: Bitbucket
  • CI system used: Bitbucket Cloud
  • Languages of repository: C/C++

Hello,

in our C/C++ project, we are using the sonar build wrapper and sonar scanner for code analysis. Both are running in a custom Ubuntu:18.04 Docker container, with XilinxSDK 18.03 used for building. Since all users of the scanner need to migrate their Java version to Java 17, I tried to go with the simple solution: install Java 17 and set the environemnt variable $JAVA_HOME to the output of the already set java.home variable via java -XshowSettings:properties -version 2>&1 > /dev/null | grep 'java.home', which in my case is /usr/lib/jvm/java-17-openjdk-amd64.
However, the scanner still uses Java 11.

Now I have two questions:

  1. How do I tell the sonar-scan routine to use the installed Java 17?
  2. Is it possible to split the build and scan into two separate steps, using separate docker images?
    (I tried this in a way by forwarding the log files the build wrappers log file outputs to the next step, but it failed. Do I need to forward some specific environment variables to the next pipeline step too or what was I missing?)

Here are the pipeline steps and the log output.

Pipeline steps:

- export SONAR_SCANNER_VERSION=4.2.0.1873
- export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux
- export BW_OUTPUT=$HOME/.sonar/bw-output
- rm -rf $SONAR_SCANNER_HOME
- mkdir -p $SONAR_SCANNER_HOME
- mkdir -p $BW_OUTPUT
- curl -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip
- unzip $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
- rm $HOME/.sonar/sonar-scanner.zip
- export PATH=$SONAR_SCANNER_HOME/bin:$PATH
- export SONAR_SCANNER_OPTS="-server"
- export PATH=/tools/Xilinx/SDK/2018.3/gnu/aarch32/lin/gcc-arm-none-eabi/bin:$PATH
- export PATH=/tools/Xilinx/SDK/2018.3/gnu/aarch32/lin/gcc-arm-linux-gnueabi/bin:$PATH
- curl -LsS https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip > build-wrapper-linux-x86.zip
- unzip -j build-wrapper-linux-x86.zip
- ./build-wrapper-linux-x86-64 --out-dir $BW_OUTPUT make clean debug
- export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64
- sonar-scanner -Dsonar.cfamily.build-wrapper-output=$BW_OUTPUT

Log output up until the warning regarding the deprecated Java version:
Command: sonar-scanner -Dsonar.cfamily.build-wrapper-output=$BW_OUTPUT
Log:

INFO: Scanner configuration file: /home/murphy/.sonar/sonar-scanner-4.2.0.1873-linux/conf/sonar-scanner.properties
INFO: Project root configuration file: /opt/atlassian/pipelines/agent/build/sonar-project.properties`
INFO: SonarQube Scanner 4.2.0.1873
INFO: Java 11.0.3 AdoptOpenJDK (64-bit)
INFO: Linux 5.15.0-1049-aws amd64
INFO: SONAR_SCANNER_OPTS=-server
INFO: Bitbucket Cloud Pipelines detected
INFO: User cache: /home/murphy/.sonar/cache
INFO: SonarQube server 8.0.0.50528
INFO: Default locale: "en_US", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=478ms
INFO: Server id: 1BD809FA-AWHW8ct9-T_TB3XqouNu
INFO: User cache: /home/murphy/.sonar/cache
INFO: Loading required plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=459ms
INFO: Load/download plugins
INFO: Load/download plugins (done) | time=1326ms
INFO: Loaded core extensions: developer-scanner
INFO: Found an active CI vendor: 'Bitbucket Pipelines'
INFO: Detected project key 'xxxxxxxxxxxxxxx' from 'Bitbucket Cloud Pipelines'
INFO: Detected organization key 'xxxxxx' from 'Bitbucket Cloud Pipelines'
INFO: Load project settings for component key: 'xxxxxxxxxxxxxxx'
INFO: Load project settings for component key: 'xxxxxxxxxxxxxxx' (done) | time=420ms
INFO: Process project properties
INFO: Execute project builders
INFO: Execute project builders (done) | time=1ms
INFO: Project key: xxxxxxxxxxxxxxx
INFO: Base dir: /opt/atlassian/pipelines/agent/build
INFO: Working dir: /opt/atlassian/pipelines/agent/build/.scannerwork
INFO: Load project branches
INFO: Load project branches (done) | time=483ms
INFO: Check ALM binding of project 'xxxxxxxxxxxxxxx'
INFO: Detected project binding: BOUND
INFO: Check ALM binding of project 'xxxxxxxxxxxxxxx' (done) | time=409ms
INFO: Load project pull requests
INFO: Load project pull requests (done) | time=448ms
INFO: Load branch configuration
INFO: Detected analysis for branch xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
INFO: Auto-configuring branch xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
INFO: Load branch configuration (done) | time=3ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=507ms
INFO: Load active rules
INFO: Load active rules (done) | time=6747ms
INFO: Organization key: xxxxxx
INFO: Branch name: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, type: short-lived
INFO: Preprocessing files...
INFO: 2 languages detected in 144 preprocessed files
INFO: 10515 files ignored because of inclusion/exclusion patterns
INFO: 0 files ignored because of scm ignore settings
WARN: The version of Java (11.0.3) you have used to run this analysis is deprecated and we will stop accepting it soon. Please update to at least Java 17.

Fortunately, I found a solution that works. Here is what I did:

  1. Update the scanner in use to version 5.0.1.
  2. Set the Java version to use via environment variable:
    SONAR_SCANNER_OPTS="-Dsonar.javaHome=/usr/lib/jvm/java-17-openjdk-amd64

Step 2 however does not work without step 1. I tried and failed. Setting the javaHome variable with sonar-scanner version 4.2.0 does not work.

PS: If you, like me, find code where instead of using the environment variable SONAR_SCANNER_OPTS your predecessors used CLI options, you can take them as they are and concat them to the option above, like this: "SONAR_SCANNER_OPTS=Dsonar.<some_option>=<foo> Dsonar.<another_option>=<bar>".

This thread may be closed. =)

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.