Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,14 @@ Format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).

## [Unreleased]

### Fixed (2026-06-17)

- **Race condition in SNow CVE Demo workflow** — `send_cve_to_snow.yml` now
pauses 60 seconds at the start to allow Lightspeed to ingest the vulnerability
state uploaded by `insights-client` before querying the vulnerability API.
Without the delay the CVE query returned stale results and missed the newly
introduced CVE. Closes #145.

### Changed (2026-06-16)

- **Architecture diagram tweaks** — reduced RHEL host stack to a single host in
Expand Down
9 changes: 9 additions & 0 deletions playbooks/servicenow/send_cve_to_snow.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,15 @@
target_fqdn: ""

tasks:
# ── Allow Lightspeed to process the new vulnerability state ───────────────
# insights-client (run in the previous workflow step) uploads host state to
# console.redhat.com, but Lightspeed needs ~60s to ingest it and surface the
# CVE in the vulnerability API. Without this pause the query returns stale
# results and misses the newly introduced CVE.
- name: Wait 60 s for Lightspeed to ingest the new vulnerability state
ansible.builtin.pause:
seconds: 60

# ── Resolve host from AAP inventory if not provided ───────────────────────
- name: Acquire AAP token for inventory lookup
when: target_fqdn | length == 0
Expand Down
Loading