Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade Java 17 #2386

Closed
5 tasks done
robotdan opened this issue Jul 25, 2023 · 3 comments
Closed
5 tasks done

Upgrade Java 17 #2386

robotdan opened this issue Jul 25, 2023 · 3 comments
Assignees
Labels
internals Non-functional nerdy boring stuff
Milestone

Comments

@robotdan
Copy link
Member

robotdan commented Jul 25, 2023

Upgrade Java 17

Description

Upgrade Java to the most recent patch version of 17 LTS. Optionally review the state of Graal VM.

Tasks

  • Update Java
  • Consider using jlink in the start.sh and start.ps1 start scripts as well. This way the VM is exactly the same as in Docker.

Testing

  • Fast path install (windows, linux, macOS)
  • Docker
  • RPM and Deb install testing

Related CVEs

Review available list of CVEs related to the JDK, while not necessarily vulnerable, updating the JDK will remove the CVEs from scanners.

Related

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

Release Notes

Upgrade to the latest Java 17 LTS. Upgraded from 17.0.3+7 to 17.0.8+1.

@robotdan robotdan self-assigned this Jul 25, 2023
@robotdan robotdan added the internals Non-functional nerdy boring stuff label Jul 25, 2023
@robotdan robotdan added this to the 1.48.0 milestone Jul 25, 2023
@robotdan robotdan mentioned this issue Aug 4, 2023
2 tasks
@robotdan robotdan changed the title Upgrade Java Upgrade Java 17 Sep 20, 2023
@spwitt
Copy link

spwitt commented Oct 2, 2023

I started to investigate using jlink for VMs in other scripts as well. The issue is that we need to use the same VM for Elasticsearch. The Elasticsearch documentation lists necessary modules for a jlinked VM, but:

  1. It includes java, which is not a module. This could be a typo for another module that should have been included
  2. Using the jdeps tool to list dependencies for Elasticsearch includes some modules that are not referenced by this document
./java/current/bin/jdeps --multi-release 9 -cp './fusionauth-search/elasticsearch/lib/.*' -summary -recursive ./fusionauth-search/elasticsearch/lib/elasticsearch-7.6

The unlisted modules include:

java.desktop
java.rmi
java.scripting
java.xml
java.sql

Using jlink to limit modules at this time seems risky. I will continue with the Java upgrade and testing without using jlink.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
internals Non-functional nerdy boring stuff
Projects
Status: Delivered
Development

No branches or pull requests

2 participants