Docs

Signed-off-by: Prabhu Subramanian <[email protected]>
CycloneDX · Jan 17, 2025 · 8d7080b · 8d7080b
1 parent 9a582e8
commit 8d7080b
Showing 1 changed file with 16 additions and 2 deletions.
diff --git a/docs/LESSON2.md b/docs/LESSON2.md
@@ -2,7 +2,10 @@
 
 ## Learning Objective
 
-In this lesson, we will learn about generating an SBOM with reachable evidence for Dependency-Track frontend, a JavaScript application.
+In this lesson, we will learn about generating an SBOM with reachable evidence for two projects.
+
+1. Dependency-Track frontend - a JavaScript application.
+2. bionomia - a Ruby application.
 
 ## Pre-requisites
 
@@ -27,7 +30,7 @@ Clone
 git clone https://github.com/DependencyTrack/frontend
 ```
 
-Create SBOM with the research profile
+Create SBOM with the research profile for JavaScript application.
 
 ```shell
 cd frontend
@@ -37,3 +40,14 @@ cdxgen -o bom.json -t js --profile research . -p
 ```
 
 The resulting BOM file would include components with the occurrence and call stack evidence.
+
+### bionomia - Ruby
+
+In case of the Ruby application, usage of the container image `ghcr.io/cyclonedx/cdxgen-debian-ruby33:v11` is recommended.
+
+```shell
+git clone https://github.com/bionomia/bionomia
+docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-debian-ruby33:v11 -r /app -o /app/bom.json -t ruby --profile research
+```
+
+cdxgen would automatically detect the version of Ruby required for this project, install, and generate an SBOM with the occurrence and call stack evidence.