From a6c3cf510002324b7173ec0358d5432919e2d82c Mon Sep 17 00:00:00 2001
From: Alison Burgess <alburgess@microsoft.com>
Date: Thu, 7 Nov 2024 17:45:46 -0800
Subject: [PATCH] properly loop

---
 .pipelines/.vsts-vhd-builder-release.yaml |  6 ++++--
 vulnerability-reporting-vms/README.md     | 13 +++++++++++++
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/.pipelines/.vsts-vhd-builder-release.yaml b/.pipelines/.vsts-vhd-builder-release.yaml
index c3720af3ac..266a323a64 100644
--- a/.pipelines/.vsts-vhd-builder-release.yaml
+++ b/.pipelines/.vsts-vhd-builder-release.yaml
@@ -1342,13 +1342,15 @@ stages:
           directory_contents=$(ls -l $(Pipeline.Workspace)/)
           echo "$directory_contents"
           
-          for dir in "$(Pipeline.Workspace)"/*; do
+          for dir in $(Pipeline.Workspace)/*; do
             if [ -d "$dir" ]; then
               echo "Processing directory: $dir"
               
+              # Check if the directory name is not a publishing-info directory
               if [[ $(basename "$dir") != publishing-info-* ]]; then
                 echo "Directory $(basename "$dir") is not a publishing-info directory"
-
+                
+                # Check if the vhd-publishing-info.json file exists in this directory
                 if [ -f "$dir/vhd-publishing-info.json" ]; then
                   echo "Found vhd-publishing-info.json in $dir"
                   cp "$dir/vhd-publishing-info.json" "$(Pipeline.Workspace)/consolidated-artifacts/vhd-publishing-info-$(basename "$dir").json"
diff --git a/vulnerability-reporting-vms/README.md b/vulnerability-reporting-vms/README.md
index 6425a8d70d..18ed6a92fa 100644
--- a/vulnerability-reporting-vms/README.md
+++ b/vulnerability-reporting-vms/README.md
@@ -59,6 +59,19 @@ For the purpose of this project, the pipeline will use the vhd-publishing-info.j
  2. Loops throught the artifacts and copies vhd_publishing_info.json files into a new folder
  3. Calls our vulnerability-reporting-vms code using the folder of vhd-publishing-info.json files.
 
+The downloaded file looks like this in ADO
+
+```
+/mnt/vss/_work/1/azurelinuxv2-gen1:
+bcc-tools-installation.log
+image-bom.json
+release-notes.txt
+vhd-publishing-info.json
+```
+
+where `/mnt/vss/_work/1/` is `$(Pipeline.Workspace)`
+
+
 The `Create_Vulnerability_Reporting_VMs` step should be disabled in *[TEST All VHDs] AKS Linux VHD Build - Msft Tenant* and enabled in *AKS Linux VHD Build - Weekly Release Only*
 
 ## Testing