Powershell: Using a file hash to test for a change

The PowershellForGitHub module is great! But … sometimes it can be a bit verbose when it’s trying to help out new users/developers of the module. This isn’t a bad thing in any way, just a personal preference thing. And, the module owner, Howard Wolosky, is really open to suggestions. Which is great!

So, I opened a ticket (PowerShellForGitHub Issue #124) to explain my confusion over the warning messages. And, to be fair, I explained my confusion in a very confusing way. But, he was nice enough to work through it with me and we found that something we needed was a way to tell if someone had updated a settings file after downloading the module on their machine.

Enter, Get-FileHash.

This command looks like it’s been around for quite a while, but it does the classic job of creating a hash of a file. And, that hash can be stored in code, so that it can be used to check if a change in the file has occurred.

So, how to use the check.

Here’s the original code:

	$moduleRootPath = Split-Path -Path $PSScriptRoot -Parent
	. (Join-Path -Path $moduleRootPath -ChildPath 'Tests\Config\Settings.ps1')
	Import-Module -Name (Join-Path -Path $moduleRootPath -ChildPath 'PowerShellForGitHub.psd1') -Force
	if ([string]::IsNullOrEmpty($env:ciAccessToken))
	{
	$message = @(
	'The tests are using the configuration settings defined in Tests\Config\Settings.ps1.',
	'If you haven''t locally modified those values, your tests are going to fail since you',
	'don''t have access to the default accounts referenced. If that is the case, you should',
	'cancel the existing tests, modify the values to ones you have access to, call',
	'Set-GitHubAuthentication to cache your AccessToken, and then try running the tests again.')
	Write-Warning -Message ($message -join [Environment]::NewLine)
	}
	else
	{
	$secureString = $env:ciAccessToken | ConvertTo-SecureString -AsPlainText -Force
	$cred = New-Object System.Management.Automation.PSCredential "<username is ignored>", $secureString
	Set-GitHubAuthentication -Credential $cred
	$script:ownerName = $env:ciOwnerName
	$script:organizationName = $env:ciOrganizationName
	Write-Warning -Message 'This run is being executed in the Azure Dev Ops environment.'
	}

view raw without get-filehash.ps1 hosted with ❤ by GitHub

And, here’s the updated code using Get-FileHash:

	$moduleRootPath = Split-Path -Path $PSScriptRoot -Parent
	$settingsPath = Join-Path -Path $moduleRootPath -ChildPath 'Tests\Config\Settings.ps1'
	. $settingsPath
	Import-Module -Name (Join-Path -Path $moduleRootPath -ChildPath 'PowerShellForGitHub.psd1') -Force
	$originalSettingsSha256Hash = "944D5BB450AD2C49F77DAE6C472FEF774B108CD2CB6A0DBF45EF4BBB7FE25D56"
	$currentSettingsSha256Hash = (Get-FileHash -Path $settingsPath -Algorithm SHA256).Hash
	$isSettingsUnaltered = $originalSettingsSha256Hash -eq $currentSettingsSha256Hash
	if ([string]::IsNullOrEmpty($env:ciAccessToken) -and $isSettingsUnaltered)
	{
	$message = @(
	'The tests are using the configuration settings defined in Tests\Config\Settings.ps1.',
	'If you haven''t locally modified those values, your tests are going to fail since you',
	'don''t have access to the default accounts referenced. If that is the case, you should',
	'cancel the existing tests, modify the values to ones you have access to, call',
	'Set-GitHubAuthentication to cache your AccessToken, and then try running the tests again.')
	Write-Warning -Message ($message -join [Environment]::NewLine)
	}
	else
	{
	if(-not [string]::IsNullOrEmpty($env:ciAccessToken)) {
	$secureString = $env:ciAccessToken | ConvertTo-SecureString -AsPlainText -Force
	$cred = New-Object System.Management.Automation.PSCredential "<username is ignored>", $secureString
	Set-GitHubAuthentication -Credential $cred
	$script:ownerName = $env:ciOwnerName
	$script:organizationName = $env:ciOrganizationName
	Write-Warning -Message 'This run is being executed in the Azure Dev Ops environment.'
	}
	}

view raw with get-filehash.ps1 hosted with ❤ by GitHub