Cloud-oriented Life

Cloud Native Technology Improves Lives

Using OSV-Scanner to find existing vulnerabilities affecting your Rails application dependencies

Recently, Google released the open source vulnerability scanner OSV-Scanner. OSV-Scanner is an officially supported front-end tool for the open source OSV database, written in Go, designed to scan open source applications to assess the security of any merged dependencies.

You can use OSV-Scanner to find vulnerabilities in Rails application dependencies, including Gemfile.lock, package-lock.json, yarn.lock, etc., the latest commit records in .git directories, and Debian-based mirrors.

Read more »


Ruby pg gem depends on the operating system’s compilation tools and libraries. If the operating system compilation tool and library change (such as operating system upgrade, etc.), it may cause an error that pg gem cannot access the database normally.

Recently upgraded to macOS Monterey 12.6, due to the update of the Xcode license agreement, the Rails project using pg gem cannot run normally:

Read more »


Crossplane is an open source Kubernetes add-on that enables platform teams to assemble infrastructure from multiple vendors, and expose higher level self-service APIs for application teams to consume, without having to write any code.


  • Provision and manage cloud infrastructure and services using kubectl

  • Created to power a more open cloud

  • There is a flavor of infrastructure for everyone on Crossplane

  • Publish simplified infrastructure abstractions for your applications

  • The Universal Cloud API

  • Run Crossplane anywhere

Read more »


KubeVela is a modern application delivery platform that makes deploying and operating applications across today’s hybrid, multi-cloud environments easier, faster and more reliable.

KubeVela is infrastructure agnostic, programmable, yet most importantly, application-centric.


  • Application Centric

  • Programmable Workflow

  • Infrastructure Agnostic

Read more »


JumpServer is a Privileged Access Management (PAM) Complying with 4A Protocol of Operation and Security Auditing. JumpServer provides features include authentication, authorization, accounting and auditing.

This article is about how to use Helm to install JumpServer on Kubernetes (K8S).

Read more »

Terraform Teleport Provider

Terraform is an open-source infrastructure as code software tool that provides a consistent CLI workflow to manage hundreds of cloud services. Terraform codifies cloud APIs into declarative configuration files.

Teleport is a Certificate Authority and an Access Plane for your infrastructure. With Teleport you can:

Terraform relies on plugins called “providers” to interact with cloud providers, SaaS providers, and other APIs.

Terraform configurations must declare which providers they require so that Terraform can install and use them. Additionally, some providers require configuration (like endpoint URLs or cloud regions) before they can be used.

This article describe how to use Terraform to manage Teleport resources.

Read more »

Run Teleport with Docker Compose

Teleport is a Certificate Authority and an Access Plane for your infrastructure. With Teleport you can:

  • Set up Single Sign-On and have one place to access your SSH servers, Kubernetes, Databases, Desktops, and Web Apps.

  • Use your favorite programming language to define access policies to your infrastructure.

  • Share and record interactive sessions across all environments.

This article will help you understand how Teleport works using Docker Compose. It will also show you how to use Teleport with OpenSSH, Ansible, and Teleport’s native client, tsh.

Read more »