1、问题现象
问题现象:在每次Jenkins触发sonar扫描时,Sonar-scanner扫描器执行都会出现UnsupportedClassVersionError异常,如下:
ERROR: Error during SonarQube Scanner execution
java.lang.UnsupportedClassVersionError: org/sonar/batch/bootstrapper/EnvironmentInformation has been compiled by a more recent version of the Java Runtime (class file version 61.0), this version of the Java Runtime only recognizes class file versions up to 55.0
at java.base/java.lang.ClassLoader.defineClass1(Native Method)
at java.base/java.lang.ClassLoader.defineClass(Unknown Source)
at java.base/java.security.SecureClassLoader.defineClass(Unknown Source)
at java.base/java.net.URLClassLoader.defineClass(Unknown Source)
at java.base/java.net.URLClassLoader$1.run(Unknown Source)
at java.base/java.net.URLClassLoader$1.run(Unknown Source)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/java.net.URLClassLoader.findClass(Unknown Source)
at org.sonarsource.scanner.api.internal.IsolatedClassloader.loadClass(IsolatedClassloader.java:82)
at java.base/java.lang.ClassLoader.loadClass(Unknown Source)
at org.sonarsource.scanner.api.internal.batch.DefaultBatchFactory.createBatch(DefaultBatchFactory.java:32)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy0.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)
ERROR:
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging.
2、问题根因
这个问题表现在于扫描环境中java版本的错误,要求执行sonar-scanner时Java版本 >= Java17(class version 61),但当前环境实际Java版本为Java11(class version 55),存在不支持的类,所以报错。这个问题本身很好解决,重新配置java环境变量即可,但这里面有个坑,配置的环境变量可能会不生效,需要专门的来说一下。
根因具体有几方面:
- 1、系统默认的Java版本为Java11,导致sonar-scanner执行失败
- 2、sonar-scanner.properties配置文件指定了Java11的版本
- 3、sonar-scanner执行时使用了内嵌Java,并且版本为Java11(重点)
3、解决思路
3.1 解决思路1
针对第1点: 直接重新配置执行时的环境变量即可,刷新Java生效的环境。
通过在Execute shell中指定重新配置Java环境变量,添加的时候必须将PATH一起配置,否则,当PATH路径中Java11版本的配置排列在Java17之前,会被优先索引到并采用:
export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64
export PATH=${JAVA_HOME}/bin:$PATH
3.2 解决思路2
针对第2点: 需要对sonar-scanner.properties中设置进行修正,将其指定为Java17的版本。
配置文件路径通常为/opt/sonarqube/sonar-scanner/conf/sonar-scanner.properties
配置内容如下:
sonar.scanner.javaHome=/usr/lib/jvm/java-17-openjdk-amd64
注意: sonar.scanner.javaHome的参数支持,需要要求sonar-scanner版本>=4.12,将sonar-scanner.properties配置完成之后,最好再根据第1点,在执行前指定Java17,sonar-scanner.properties的作用通常在执行扫描时生效。
3.3 解决思路3
针对第3点:这里面埋了个大坑,sonar-scanner脚本本身会指定Java版本,当内嵌的版本为Java11时,外部所有其他方式指定的Java配置均不生效。
检查sonar-scanner执行脚本,文件路径在这/opt/sonarqube/sonar-scanner/bin/sonar-scanner,在下面几句会指明是否使用内嵌的Java:
use_embedded_jre=true
if [ "$use_embedded_jre" = true ]; then
export JAVA_HOME=$sonar_scanner_home/jre
fi
当
use_embedded_jre变量值为true时,会直接采用内嵌的java版本,将内嵌的jre路径导入export JAVA_HOME=$sonar_scanner_home/jre,这一项的优先级高于其他所有的配置。当此配置为true时,我们在第1点、第2点中所修改的内容都将不生效。
解决方法: 直接修改sonar-scanner执行脚本,将use_embedded_jre设置为false,其他无需更改,即修改为如下内容:
use_embedded_jre=false
if [ "$use_embedded_jre" = true ]; then
export JAVA_HOME=$sonar_scanner_home/jre
fi
这样就默认不会采用内嵌的Java,之后再结合第1点的配置调整环境变量。重新触发构建,可正常进行扫描:
如果没有Jenkins服务器权限,可以在Jenkins配置中新建Execute shell,填入以下指令,直接在命令行对sonar-scanner进行修改:除了改动use_embedded_jre值外,其他原封不动粘贴
cat << 'EOF' > /opt/sonarqube/sonar-scanner/bin/sonar-scanner
#!/bin/sh
#
# SonarQube Scanner Startup Script for Unix
#
# Optional ENV vars:
# SONAR_SCANNER_OPTS - Parameters passed to the Java VM when running the SonarQube Scanner
# SONAR_SCANNER_DEBUG_OPTS - Extra parameters passed to the Java VM for debugging
# JAVA_HOME - Location of Java's installation
real_path () {
target=$1
(
while true; do
cd "$(dirname "$target")"
target=$(basename "$target")
test -L "$target" || break
target=$(readlink "$target")
done
echo "$(pwd -P)/$target"
)
}
script_path=$(real_path "$0")
sonar_scanner_home=$(dirname "$script_path")/..
# make it fully qualified
sonar_scanner_home=$(cd "$sonar_scanner_home" && pwd -P)
jar_file=$sonar_scanner_home/lib/sonar-scanner-cli-4.2.0.1873.jar
# check that sonar_scanner_home has been correctly set
if [ ! -f "$jar_file" ] ; then
echo "File does not exist: $jar_file"
echo "'$sonar_scanner_home' does not point to a valid installation directory: $sonar_scanner_home"
exit 1
fi
use_embedded_jre=false
if [ "$use_embedded_jre" = true ]; then
export JAVA_HOME=$sonar_scanner_home/jre
fi
if [ -n "$JAVA_HOME" ]
then
java_cmd="$JAVA_HOME/bin/java"
else
java_cmd="$(which java)"
fi
if [ -z "$java_cmd" -o ! -x "$java_cmd" ] ; then
echo "Could not find 'java' executable in JAVA_HOME or PATH."
exit 1
fi
project_home=$(pwd)
#echo "Info: Using sonar-scanner at $sonar_scanner_home"
#echo "Info: Using java at $java_cmd"
#echo "Info: Using classpath $jar_file"
#echo "Info: Using project $project_home"
exec "$java_cmd" \
-Djava.awt.headless=true \
$SONAR_SCANNER_OPTS \
$SONAR_SCANNER_DEBUG_OPTS \
-classpath "$jar_file" \
-Dscanner.home="$sonar_scanner_home" \
-Dproject.home="$project_home" \
org.sonarsource.scanner.cli.Main "$@"
EOF