Replace md5 for fips

md5 is not an approved algorithm in FIPS mode, and trying to
instantiate a hashlib.md5() will fail when the system is running in
FIPS mode.

md5 is allowed when in a non-security context.  There is a plan to
add a keyword parameter (usedforsecurity) to hashlib.md5() to annotate
whether or not the instance is being used in a security context.

In the case where it is not, the instantiation of md5 will be allowed.
See https://bugs.python.org/issue9216 for more details.

Some downstream python versions already support this parameter.  To
support these versions, a new encapsulation of md5() has been added to
oslo_utils.  See https://review.opendev.org/#/c/750031/

In this case, md5 is used to calculate the hash of a database record
to ensure record uniqueness.

Change-Id: Ic2571caa71dc99c417ea0933d5d4947287cbe312

designate/storage/impl_sqlalchemy/__init__.py

@@ -14,9 +14,9 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 import time
-import hashlib
 
 from oslo_log import log as logging
+from oslo_utils.secretutils import md5
 from sqlalchemy import select, distinct, func
 from sqlalchemy.sql.expression import or_
 
@@ -799,11 +799,11 @@ class SQLAlchemyStorage(sqlalchemy_base.SQLAlchemy, storage_base.Storage):
         """
         Calculates the hash of the record, used to ensure record uniqueness.
         """
-        md5 = hashlib.md5()
-        md5.update(("%s:%s" % (record.recordset_id,
-                               record.data)).encode('utf-8'))
+        md5sum = md5(usedforsecurity=False)
+        md5sum.update(("%s:%s" % (record.recordset_id,
+                                  record.data)).encode('utf-8'))
 
-        return md5.hexdigest()
+        return md5sum.hexdigest()
 
     def create_record(self, context, zone_id, recordset_id, record):
         # Fetch the zone as we need the tenant_id