Discuss the in-use JDK and change/upgrade if agreed upon (from 409)

[gigamorph]

Problem Description: Java is required by Gradle, MLCP, and CoRB. It is deployed in our local development environments as well as an ec2 instance used to deploy to (Gradle), load content within (MLCP), or change content already in MarkLogic (CoRB) to all non-PROD environments. Local development environments are also used to deploy to the shared instances.

To my knowledge, we're using various flavors of OpenJDK 1.8 and 11, all of which are pretty old and likely contain security vulnerabilities.

Expected Behavior/Solution:

• Discuss and upgrade the in-use JDK

Requirements: The scope of this ticket:

1. Select a JDK vendor/source.
2. Select a version thereof.
3. Upgrade all associated environments.

@jac237, any guidance from InfoSec? Note that these installs are not within the MarkLogic clusters but are used to connect to them, as described above.

Needed for promotion: If an item on the list is not needed, it should be crossed off but not removed.

• [ ] Wireframe/Mockup - Mike
• [ ] Committee discussions - Sarah
• [ ] Feasibility/Team discussion - Sarah
• [ ] Backend requirements - TBD
• [ ] Frontend requirements- TBD
• [ ] Are new regression tests required for QA - Amy
• [ ] Questions
• List of questions for discussions. Answers should be documented within the issue.

UAT/LUX Examples:

• Example endpoints from LUX to use for development and testing, if applicable.

Dependencies/Blocks: N/A

Related Github Issues: N/A

Related links: N/A

~Wireframe/Mockup:~ ~Place wireframe/mockup for the proposed solution at end of ticket.~

[prowns]

agenda - team meeting 8/23/24