Upgrades to Spark 3.4/JRE 17 and fixes all high/critical CVEs

[codefromthecrypt]

I manually tested this on all three storage types in docker as well (using zipkin's docker/examples instructions)

[codefromthecrypt]

trivy is clean now, so even if we don't release until 8.14 final... at least we can apply the security settings same as other repos after merge:

$ trivy repo .
2024-04-15T15:56:48.696-1000    INFO    Need to update DB
2024-04-15T15:56:48.696-1000    INFO    DB Repository: ghcr.io/aquasecurity/trivy-db:2
2024-04-15T15:56:48.696-1000    INFO    Downloading DB...
45.03 MiB / 45.03 MiB [------------------------------------------------------------------------------------------------------------------] 100.00% 2.58 MiB p/s 18s
2024-04-15T15:57:07.461-1000    INFO    Vulnerability scanning is enabled
2024-04-15T15:57:07.461-1000    INFO    Secret scanning is enabled
2024-04-15T15:57:07.461-1000    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-04-15T15:57:07.462-1000    INFO    Please see also https://aquasecurity.github.io/trivy/v0.50/docs/scanner/secret/#recommendation for faster secret detection
2024-04-15T15:57:07.731-1000    INFO    Number of language-specific files: 5
2024-04-15T15:57:07.731-1000    INFO    Detecting pom vulnerabilities...

[codefromthecrypt]

some big wins from merging this include:

• we can switch the bytecode floor of zipkin-storage to 17 (with the other server and collector code)
  • this gets us to a more supportable version of jooq for example.
• we can use the same security settings as other prod repos since the dep tree isn't impossible anymore

[codefromthecrypt]

oh yeah spent so much time doing this I forgot why.. I was trying to polish this up prior to adding dependencies to helm. There was a point where I though maybe we need to rewrite the entire thing (like in beam) to solve the revlock. I'm glad it didn't get that far.

https://github.com/openzipkin/zipkin-helm/pull/11

[codefromthecrypt]

https://github.com/openzipkin/zipkin/pull/3763 for zipkin changes we can now do

[codefromthecrypt]

thanks for the look folks!