Merge "Trivial: avoid deprecated utcnow"

This commit is contained in:
Zuul 2024-02-08 14:43:41 +00:00 committed by Gerrit Code Review
commit df7eccd7f1
2 changed files with 6 additions and 3 deletions
ironic_python_agent

@ -37,7 +37,8 @@ class GenerateTestCase(ironic_agent_base.IronicAgentTest):
result = tls_utils._generate_tls_certificate(self.crt_file, result = tls_utils._generate_tls_certificate(self.crt_file,
self.key_file, self.key_file,
'localhost', '127.0.0.1') 'localhost', '127.0.0.1')
now = datetime.datetime.utcnow() now = datetime.datetime.now(
tz=datetime.timezone.utc).replace(tzinfo=None)
self.assertTrue(result.startswith("-----BEGIN CERTIFICATE-----\n"), self.assertTrue(result.startswith("-----BEGIN CERTIFICATE-----\n"),
result) result)
self.assertTrue(result.endswith("\n-----END CERTIFICATE-----\n"), self.assertTrue(result.endswith("\n-----END CERTIFICATE-----\n"),
@ -51,6 +52,8 @@ class GenerateTestCase(ironic_agent_base.IronicAgentTest):
self.assertEqual([(x509.NameOID.COMMON_NAME, 'localhost')], self.assertEqual([(x509.NameOID.COMMON_NAME, 'localhost')],
[(item.oid, item.value) for item in cert.subject]) [(item.oid, item.value) for item in cert.subject])
# Sanity check for validity range # Sanity check for validity range
# FIXME(dtantsur): use timezone-aware properties and drop the replace()
# call above when we're ready to bump to cryptography 42.0.
self.assertLess(cert.not_valid_before, self.assertLess(cert.not_valid_before,
now - datetime.timedelta(seconds=1800)) now - datetime.timedelta(seconds=1800))
self.assertGreater(cert.not_valid_after, self.assertGreater(cert.not_valid_after,

@ -77,9 +77,9 @@ def _generate_tls_certificate(output, private_key_output,
]) ])
alt_name = x509.SubjectAlternativeName([x509.IPAddress(ip_address)]) alt_name = x509.SubjectAlternativeName([x509.IPAddress(ip_address)])
allowed_clock_skew = CONF.auto_tls_allowed_clock_skew allowed_clock_skew = CONF.auto_tls_allowed_clock_skew
not_valid_before = (datetime.datetime.utcnow() not_valid_before = (datetime.datetime.now(tz=datetime.timezone.utc)
- datetime.timedelta(seconds=allowed_clock_skew)) - datetime.timedelta(seconds=allowed_clock_skew))
not_valid_after = (datetime.datetime.utcnow() not_valid_after = (datetime.datetime.now(tz=datetime.timezone.utc)
+ datetime.timedelta(days=valid_for_days)) + datetime.timedelta(days=valid_for_days))
cert = (x509.CertificateBuilder() cert = (x509.CertificateBuilder()
.subject_name(subject) .subject_name(subject)