Please change Java base image

[sseide]

Thanks for this image - we are using the older "alpine" images up to now and were trying to switch to the newer 4-version.

Tried latest version of image "4" but it fails with error message because its using a "ea" (early adoptor) version of Java12 not allowed for sonar-qube scanner. And Java12 is EOL for some time now, therefore not getting any updates since two years.

Please switch back to Java 11 LTS (supported by sonar-scanner). Current Java 16 is no LTS release either (will be out of support in 6 months and next LTS version 17 is not release by now.

reference at sonarsource about !"ea" releases: https://community.sonarsource.com/t/java-12-support/11864

Thanks, Stefan Seide

Execption running sonar-scanner on latest imge with tag "4"

04:52:37.142 INFO: Load/download plugins
04:52:37.142 INFO: Load plugins index
04:52:37.159 DEBUG: GET 200 http://digihub-ai-rpa-wbench.psst.t-online.corp:9000/sonar/api/plugins/installed | time=17ms
04:52:37.170 INFO: Load/download plugins (done) | time=28ms
04:52:37.174 INFO: ------------------------------------------------------------------------
04:52:37.174 INFO: EXECUTION FAILURE
04:52:37.174 INFO: ------------------------------------------------------------------------
04:52:37.174 INFO: Total time: 1.254s
04:52:37.191 INFO: Final Memory: 5M/24M
04:52:37.191 INFO: ------------------------------------------------------------------------
04:52:37.191 ERROR: Error during SonarScanner execution
java.lang.ExceptionInInitializerError
    at com.google.gson.internal.reflect.ReflectionAccessor.<clinit>(ReflectionAccessor.java:36)
    at com.google.gson.internal.ConstructorConstructor.<init>(ConstructorConstructor.java:51)
    at com.google.gson.Gson.<init>(Gson.java:205)
    at com.google.gson.Gson.<init>(Gson.java:185)
    at org.sonar.scanner.bootstrap.ScannerPluginInstaller.listInstalledPlugins(ScannerPluginInstaller.java:104)
    at org.sonar.scanner.bootstrap.ScannerPluginInstaller.loadPlugins(ScannerPluginInstaller.java:76)
    at org.sonar.scanner.bootstrap.ScannerPluginInstaller.installRemotes(ScannerPluginInstaller.java:60)
    at org.sonar.scanner.bootstrap.ScannerPluginRepository.start(ScannerPluginRepository.java:59)
    at org.sonar.core.platform.StartableCloseableSafeLifecyleStrategy.start(StartableCloseableSafeLifecyleStrategy.java:40)
    at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)
    at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)
    at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)
    at org.picocontainer.behaviors.Stored.start(Stored.java:110)
    at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)
    at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)
    at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
    at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
    at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
    at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:73)
    at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:67)
    at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:567)
    at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
    at com.sun.proxy.$Proxy0.execute(Unknown Source)
    at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
    at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
    at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
    at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
    at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.NumberFormatException: For input string: "12-ea"
    at java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:68)
    at java.base/java.lang.Integer.parseInt(Integer.java:658)
    at java.base/java.lang.Integer.parseInt(Integer.java:776)
    at com.google.gson.util.VersionUtils.determineMajorJavaVersion(VersionUtils.java:28)
    at com.google.gson.util.VersionUtils.<clinit>(VersionUtils.java:24)
    ... 32 more
04:52:37.194 ERROR: 
04:52:37.194 ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.

[newtmitch]

I'm clearly behind on issues on this repo.

I looked at the official Sonar Scanner docker image and it appears they're using JDK 11 as you point out. I honestly don't do much Java work these days, so I'm assuming anyone using this image for Java scanning won't be losing anything by moving to Java 11? Given how long the 4.x scanner image has been out there, I'm surprised no one's mentioned this before. I'm a little concerned by rolling back the image's base image a major Java version. Is there an example project where I can see this behavior and reproduce the issue? Any other comments on this?

[sseide]

yes - jdk 11 as the current long-term release should be fine for everyone today.

last month java17 was release as the next LTS release (after 11), but this one will definitly break build for lots of packages i think due to the move to java modules in between. A lot of libraries need to adopt to this i think...

As a side note - one issue we had with sonarqubes own image - the missing curl and/or wget will be fixed by them. The finally accepted the need for an command line tool that can handle https correctly... Due to this we are able to use the official image too by now.