3

I migrated my application to OpenJDK11 and Jenkins build is failing because Findbug is no longer supported. The plugin :

  • sonar-maven-plugin - Is internally calling Findbug in java 11 env and it's breaking the Jenkins build

How do I migrate this plugin to use the latest Spotbug dependency, I still want to keep the sonar-maven-plugin to get the report to sonar.

Current pom.xml relevant portion :

<build>
    <pluginManagement>
        <plugins>

            <plugin>
                <groupId>org.sonarsource.scanner.maven</groupId>
                <artifactId>sonar-maven-plugin</artifactId>
                <version>3.7.0.1746</version>
            </plugin>
        </plugins>
    </pluginManagement>
</build>

Already went through many docs. Couldn't find a solution.

SonarQube version: Version 6.7 (build 33306)

Installed Plugins (Relevant ones) :

  • FindbugsExternal Analysers Analyze Java code with SpotBugs 3.1.0-RC6. 3.6.0
  • SonarJavaLanguages Code Analyzer for Java 5.13.1 (build 18282)
  • SonarXML Code Analyzer for XML 2.0.1 (build 2020)
  • CheckstyleExternal Analysers Analyze Java code with Checkstyle 4.23
agabrys
  • 8,728
  • 3
  • 35
  • 73
nanospeck
  • 3,388
  • 3
  • 36
  • 45

2 Answers2

2

FindbugsExternal Analysers Analyze Java code with SpotBugs 3.1.0-RC6. 3.6.0

I cannot find version of the SonarQube Findbugs plugin which provides SpotBugs 3.1.0-RC6. It should be between:

  • 3.7.0 (released: 15 Mar 2018) provides SpotBugs 3.1.2 (see code)
  • 3.6.0 (released: 21 Sep 2017) provides SpotBugs 3.1.0-RC5 (see code)

It seems to me that you use a custom version of the plugin.

First version of the Findbugs plugin which promise to support JDK 11 is 3.10.0 (depends on SonarJava 5.10.1, where JDK 11 is supported since SonarJava 5.8 (SONARJAVA-2862), see code).

Second problem is that you try to use an not maintained (unsupported) version of server:

SonarQube version: Version 6.7 (build 33306)

with the latest version of SonarScanner:

<artifactId>sonar-maven-plugin</artifactId>
<version>3.7.0.1746</version>

SonarQube 6.7 has been released on 8 Nov 2017 (tag has been created at 7 Nov 2017). It has been released before the first official JDK 11 LTS release (Google shows September 2018).

I think the only correct solution is to upgrade SonarQube to at least 7.9 LTS with all plugins.

agabrys
  • 8,728
  • 3
  • 35
  • 73
0

Try downgrading the sonar plugin version. This plugin version worked for me.

    <plugins>
        <plugin>
            <groupId>org.sonarsource.scanner.maven</groupId>
            <artifactId>sonar-maven-plugin</artifactId>
            <version>3.6.0.1398</version>
        </plugin>
        <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-compiler-plugin</artifactId>
            <version>3.8.0</version>
            <configuration>
                <source>11</source>
                <target>11</target>
            </configuration>
        </plugin>
    </plugins>
Klaus
  • 1,641
  • 1
  • 10
  • 22