LibreDevOpsHelpers
2.3.0
Enterprise grade PowerShell helpers for Azure, Terraform, Microsoft Graph, and DevOps tooling. All commands use the Ldo prefix.
Minimum PowerShell version
7.2
Installation Options
Owners
Copyright
(c) Craig Thacker. All rights reserved.
Package Details
Author(s)
- Craig Thacker
Tags
terraform devops azure checkov trivy tflint helpers
Functions
Add-LdoDefenderAvExclusion Add-LdoFinding Add-LdoFunctionAppCurrentIpRule Add-LdoKeyVaultCurrentIpRule Add-LdoMdatpExclusion Add-LdoNsgCurrentIpRule Add-LdoNspCurrentIpRule Add-LdoResourceGroupLock Add-LdoStorageCurrentIpRule Add-LdoUvPackage Assert-LdoChocoPath Assert-LdoCommand Assert-LdoConftest Assert-LdoDockerExists Assert-LdoEnvironmentVariable Assert-LdoGitRepository Assert-LdoHomebrewPath Assert-LdoLastExitCode Build-LdoDockerImage Clear-LdoFinding Clear-LdoGraphTokenCache Clear-LdoTraceContext Clear-LdoVenv Compress-LdoFunctionAppSource Connect-LdoAzureCli Connect-LdoAzureCliClientSecret Connect-LdoAzureCliDeviceCode Connect-LdoAzureCliManagedIdentity Connect-LdoAzureCliOidc Connect-LdoAzurePowerShell Connect-LdoAzurePowerShellClientSecret Connect-LdoAzurePowerShellDeviceCode Connect-LdoAzurePowerShellManagedIdentity Connect-LdoGlab Convert-LdoTerraformPlanToJson ConvertTo-LdoBoolean ConvertTo-LdoNull Disconnect-LdoAzureCli Disconnect-LdoAzurePowerShell Export-LdoGitContextToTfVar Format-LdoTerraform Format-LdoTerraformCode Format-LdoTerraformOutputs Format-LdoTerraformVariables Get-LdoAzureDevOpsOrgId Get-LdoDefenderAlert Get-LdoDefenderAvStatus Get-LdoFinding Get-LdoGitBranch Get-LdoGitRepositoryUrl Get-LdoDefenderPlan Get-LdoDefenderRecommendation Get-LdoDefenderSecureScore Get-LdoFunctionAppDefaultUrl Get-LdoGitHubActionsInput Get-LdoGitLabCiVariable Get-LdoGlabCiVariable Get-LdoGlabPipeline Get-LdoGraphErrorDetail Get-LdoGraphToken Get-LdoLogFormat Get-LdoLogLevel Get-LdoMdatpHealth Get-LdoOperatingSystem Get-LdoPublicIpAddress Get-LdoResourceGroupLock Get-LdoResourceGroupNamesFromPlan Get-LdoTerraformFileContent Get-LdoTerraformImportResourceId Get-LdoTerraformStackFolders Get-LdoTraceContext Get-LdoUvPython Initialize-LdoVenv Install-LdoAzureCli Install-LdoCheckov Install-LdoConftest Install-LdoGlab Install-LdoTenv Install-LdoTfLint Install-LdoTrivy Install-LdoUv Install-LdoUvPython Invoke-LdoAzureDevOpsTokenReplacement Invoke-LdoAzureDevOpsTokenReplacementRevert Invoke-LdoCheckov Invoke-LdoConftest Invoke-LdoDefenderAvScan Invoke-LdoDefenderDeviceIsolation Invoke-LdoDefenderHuntingQuery Invoke-LdoFunctionAppZipDeploy Invoke-LdoGlabPipeline Invoke-LdoGraphRequest Invoke-LdoPackerBuild Invoke-LdoPackerInit Invoke-LdoPackerValidate Invoke-LdoPackerWorkflow Invoke-LdoPesterTest Invoke-LdoPytestRun Invoke-LdoPythonInstallRequirements Invoke-LdoTenvTerraformInstall Invoke-LdoTerraformApply Invoke-LdoTerraformDestroy Invoke-LdoTerraformFmtCheck Invoke-LdoTerraformImportFromPlan Invoke-LdoTerraformInit Invoke-LdoTerraformPlan Invoke-LdoTerraformPlanDestroy Invoke-LdoTerraformValidate Invoke-LdoTerraformWorkspaceSelect Invoke-LdoTfLint Invoke-LdoTrivy Invoke-LdoUvLock Invoke-LdoUvPipInstall Invoke-LdoUvPipUninstall Invoke-LdoUvRun Invoke-LdoUvSync Invoke-LdoWithRetry New-LdoCorrelationId New-LdoGlabMergeRequest New-LdoGlabRelease New-LdoHexId New-LdoPassword New-LdoRandomSequence New-LdoSpanId New-LdoTraceId New-LdoUvVenv New-LdoVenv Push-LdoDockerImage Register-LdoPesterAssertion Remove-LdoFunctionAppCurrentIpRule Remove-LdoKeyVaultCurrentIpRule Remove-LdoNsgRule Remove-LdoNspRule Remove-LdoPythonPackages Remove-LdoResourceGroupLock Remove-LdoStorageCurrentIpRule Remove-LdoUvPackage Remove-LdoVenv Set-LdoDefenderPlan Set-LdoFunctionAppSetting Set-LdoGitLabCiOutput Set-LdoGlabCiVariable Set-LdoLogFormat Set-LdoLogLevel Set-LdoReadmeHeader Set-LdoTerraformFileContent Set-LdoTraceContext Show-LdoFindingsSummary Set-LdoUvPythonPin Start-LdoDefenderAvScan Start-LdoMdatpScan Test-LdoAzureCliConnection Test-LdoAzurePowerShellConnection Test-LdoCommandOutputMatch Test-LdoGlab Test-LdoPath Test-LdoTenv Test-LdoUv Test-LdoZeroExitCode Update-LdoDefenderAvSignature Update-LdoMdatpDefinition Update-LdoReadmeWithTerraformDocs Use-LdoVenv Wait-LdoGlabPipeline Write-LdoGitLabCiSection Write-LdoLog
Dependencies
This module has no dependencies.
Release Notes
v2.3.0: add the AzureNetworkSecurityPerimeter module (Add-LdoNspCurrentIpRule, Remove-LdoNspRule) for the terraform-azure action NSP dance: add an inbound access rule for the runner public IP to a perimeter profile before a run and remove it after (in a finally), so a runner can reach a resource inside an Enforced Network Security Perimeter; wired into the action via the open-nsp-for-runner input (default off), mirroring the storage firewall and lock dances. v2.2.15: Install-LdoTrivy downloads the official release binary (resolving latest at runtime) on Linux/macOS instead of using the Homebrew tap, which could break the pipe mid-install on CI runners; mirrors Install-LdoTfLint. v2.2.14: Get-LdoResourceGroupLock returns no locks when the resource group does not exist yet (az group exists guard), so the lock-dance does not fail on a first apply before the group is created. v2.2.13: Get-LdoResourceGroupNamesFromPlan also reads prior_state, so a destroy plan (whose planned_values is empty) still yields the resource groups being torn down, letting the lock-dance unlock them before a destroy. v2.2.12: add the AzureLock module (Get-/Remove-/Add-LdoResourceGroupLock and Get-LdoResourceGroupNamesFromPlan) for the terraform-azure action lock-dance: capture and remove a resource group management lock before an apply/destroy so Terraform is not blocked, then restore it after an apply (mirrors the firewall dance). v2.2.11: add the Git module (Assert-LdoGitRepository, Get-LdoGitBranch, Get-LdoGitRepositoryUrl, Export-LdoGitContextToTfVar) so the deployment branch and repository URL can be exported as TF_VAR_deployed_branch / TF_VAR_deployed_repo for a tags module, with CI (GitHub Actions / Azure DevOps) env fallbacks for a detached-HEAD checkout. v2.2.10: strip ANSI colour codes from the captured tflint/trivy/conftest output before recording it as a finding, so the summary detail is clean and Invoke-LdoConftest correctly detects informational warnings (a coloured WARN line was being recorded as PASS). v2.2.9: add the Findings module (Add-LdoFinding, Get-LdoFinding, Clear-LdoFinding, Show-LdoFindingsSummary) so scan/lint/policy results can be re-shown in a neat end-of-run summary instead of being buried in verbose logs; Invoke-LdoTfLint, Invoke-LdoTrivy, and Invoke-LdoConftest now capture their output and record a PASS/WARN/FAIL finding. v2.2.8: add the Conftest module (Install-LdoConftest downloads the official release binary resolving latest at runtime, Assert-LdoConftest, Invoke-LdoConftest runs conftest test over a Terraform plan JSON against a Rego policy directory; warn rules are informational and do not fail unless -FailOnWarn). v2.2.7: Invoke-LdoTrivy now reports findings at all severities (new -DisplaySeverity, default CRITICAL,HIGH,MEDIUM,LOW) in a non-failing pass, then gates the build only on -Severity (default HIGH,CRITICAL), so MEDIUM/LOW stay visible without failing the build. v2.2.6: Invoke-LdoTrivy now picks up a committed ignore file in the code path (.trivyignore.yaml, .trivyignore.yml, or .trivyignore) and passes it with --ignorefile (Trivy does not auto-discover .trivyignore.yaml), adds an -IgnoreFile parameter to point at one explicitly, and falls back to -TrivySkipChecks only when no ignore file is present. This is the Libre DevOps convention for recording scan waivers with a justification. v2.2.5: Format-LdoTerraformVariables and Format-LdoTerraformOutputs now keep a comment block sitting directly above a variable or output with that block when sorting (previously such comments were dropped), and anchor the declaration at line start so the word variable or output inside a description string is not mistaken for a new block. v2.2.4: Invoke-LdoTrivy guards TrivySkipChecks.Count against a null value (a splatted empty array). v2.2.3: Install-LdoTfLint downloads the official release binary, resolving latest at runtime (the install script is being retired). v2.2.2: fix Install-LdoTfLint on Linux (tflint is not a Homebrew formula; use the official install script). v2.2.1: fix Invoke-LdoTrivy for trivy 0.71+ (drop the removed --no-progress flag; gate on --severity HIGH,CRITICAL with --exit-code 1; skip checks via a temporary .trivyignore). v2.2.0: add the TfLint module (Install-LdoTfLint, Invoke-LdoTfLint); upgrade Write-LdoLog to the full OpenTelemetry log record (severity_number, service.name, trace_id/span_id/correlation_id) with TRACE and FATAL levels and a Set-LdoTraceContext trace context; add New-LdoTraceId/New-LdoSpanId/New-LdoCorrelationId/New-LdoHexId; rework Update-LdoReadmeWithTerraformDocs to use a HEADER.md and terraform-docs inject markers, with a new Set-LdoReadmeHeader. See README.md.
FileList
- LibreDevOpsHelpers.nuspec
- LibreDevOpsHelpers.TfLint\LibreDevOpsHelpers.TfLint.psm1
- LibreDevOpsHelpers.Graph\LibreDevOpsHelpers.Graph.psm1
- LibreDevOpsHelpers.Github\LibreDevOpsHelpers.Github.psm1
- LibreDevOpsHelpers.psd1
- LibreDevOpsHelpers.AzureKeyVault\LibreDevOpsHelpers.AzureKeyVault.psm1
- LibreDevOpsHelpers.Utils\LibreDevOpsHelpers.Utils.psm1
- LibreDevOpsHelpers.Docker\LibreDevOpsHelpers.Docker.psm1
- LibreDevOpsHelpers.psm1
- LibreDevOpsHelpers.Git\LibreDevOpsHelpers.Git.psm1
- LibreDevOpsHelpers.Python\LibreDevOpsHelpers.Python.psm1
- LibreDevOpsHelpers.Logger\LibreDevOpsHelpers.Logger.psm1
- LibreDevOpsHelpers.Pester\LibreDevOpsHelpers.Pester.psm1
- LibreDevOpsHelpers.AzurePowerShell\LibreDevOpsHelpers.AzurePowerShell.psm1
- LibreDevOpsHelpers.Terraform.AzureImport\LibreDevOpsHelpers.Terraform.AzureImport.psm1
- LibreDevOpsHelpers.Findings\LibreDevOpsHelpers.Findings.psm1
- LibreDevOpsHelpers.Tenv\LibreDevOpsHelpers.Tenv.psm1
- LibreDevOpsHelpers.Checkov\LibreDevOpsHelpers.Checkov.psm1
- LibreDevOpsHelpers.TerraformDocs\LibreDevOpsHelpers.TerraformDocs.psm1
- LibreDevOpsHelpers.AzureNsg\LibreDevOpsHelpers.AzureNsg.psm1
- LibreDevOpsHelpers.Choco\LibreDevOpsHelpers.Choco.psm1
- LibreDevOpsHelpers.Packer\LibreDevOpsHelpers.Packer.psm1
- LibreDevOpsHelpers.Uv\LibreDevOpsHelpers.Uv.psm1
- LibreDevOpsHelpers.AzureDevOps\LibreDevOpsHelpers.AzureDevOps.psm1
- LibreDevOpsHelpers.Defender\LibreDevOpsHelpers.Defender.psm1
- LibreDevOpsHelpers.Trivy\LibreDevOpsHelpers.Trivy.psm1
- LibreDevOpsHelpers.AzureFunctionApps\LibreDevOpsHelpers.AzureFunctionApps.psm1
- LibreDevOpsHelpers.Conftest\LibreDevOpsHelpers.Conftest.psm1
- LibreDevOpsHelpers.GitLab\LibreDevOpsHelpers.GitLab.psm1
- LibreDevOpsHelpers.AzureLock\LibreDevOpsHelpers.AzureLock.psm1
- LibreDevOpsHelpers.AzureCli\LibreDevOpsHelpers.AzureClilogin.psm1
- LibreDevOpsHelpers.Homebrew\LibreDevOpsHelpers.Homebrew.psm1
- LibreDevOpsHelpers.AzureNetworkSecurityPerimeter\LibreDevOpsHelpers.AzureNetworkSecurityPerimeter.psm1
- LibreDevOpsHelpers.Terraform\LibreDevOpsHelpers.Terraform.psm1
- LibreDevOpsHelpers.AzureStorage\LibreDevOpsHelpers.AzureStorage.psm1
Version History
| Version | Downloads | Last updated |
|---|---|---|
| 2.3.1 | 143 | 7/1/2026 |
| 2.3.0 (current version) | 12 | 7/1/2026 |
| 2.2.15 | 49 | 6/30/2026 |
| 2.2.14 | 20 | 6/30/2026 |
| 2.2.13 | 11 | 6/30/2026 |
| 2.2.12 | 11 | 6/30/2026 |
| 2.2.11 | 14 | 6/30/2026 |
| 2.2.10 | 15 | 6/30/2026 |
| 2.2.9 | 15 | 6/30/2026 |
| 2.2.8 | 13 | 6/30/2026 |
| 2.2.7 | 15 | 6/30/2026 |
| 2.2.6 | 15 | 6/30/2026 |
| 2.2.5 | 16 | 6/30/2026 |
| 2.2.4 | 8 | 6/29/2026 |
| 2.2.3 | 12 | 6/29/2026 |
| 2.2.2 | 6 | 6/29/2026 |
| 2.2.1 | 8 | 6/29/2026 |
| 2.2.0 | 6 | 6/29/2026 |
| 2.1.0 | 10 | 6/20/2026 |
| 2.0.0 | 6 | 6/17/2026 |
| 1.2.0 | 11 | 6/17/2026 |
| 1.1.2 | 152 | 6/22/2025 |
| 1.1.1 | 62 | 6/22/2025 |
| 1.1.0 | 25 | 6/20/2025 |
| 1.0.9 | 14 | 6/18/2025 |
| 1.0.8 | 13 | 6/18/2025 |
| 1.0.7 | 5 | 6/18/2025 |
| 1.0.6 | 5 | 6/18/2025 |
| 1.0.5 | 9 | 6/18/2025 |
| 1.0.4 | 7 | 6/18/2025 |
| 1.0.3 | 17 | 6/18/2025 |
| 1.0.2 | 9 | 6/17/2025 |
| 1.0.0 | 37 | 5/26/2025 |
| 0.2.99 | 20 | 5/26/2025 |
| 0.1.98 | 8 | 5/26/2025 |