Fix/deprecated datetime utcnow

.github/workflows/scripts/label-and-assign.py

@@ -72,7 +72,7 @@ def label_and_assign_issue(options):
         json.dumps(
             {
                 "username": next_triage_account.login,
-                "when": str(datetime.datetime.utcnow()),
+                "when": str(datetime.datetime.now(datetime.UTC)),
             }
         )
     )

.pre-commit-config.yaml

@@ -1815,8 +1815,8 @@ repos:
           - --
         additional_dependencies:
           - nox==2022.11.21
-          - setuptools<58.0
-          - pip>=20.2.4,<21.2
+          - setuptools
+          - pip
 
   - repo: local
     hooks:
@@ -1831,6 +1831,6 @@ repos:
           - --
         additional_dependencies:
           - nox==2022.11.21
-          - setuptools<58.0
-          - pip>=20.2.4,<21.2
+          - setuptools
+          - pip
   # <---- Pre-Commit -------------------------------------------------------------------------------------------------

changelog/65604.fixed.md

@@ -1 +1,2 @@
-Fixed some instances of deprecated datetime.datetime.utcnow()
+Fixed deprecated datetime.datetime.utcnow() calls across modules and utilities.
+Fixed pre-commit lint hooks broken on Python 3.13 due to distutils removal.

salt/beacons/status.py

@@ -118,7 +118,7 @@ def beacon(config):
     Return status for requested information
     """
     log.debug(config)
-    ctime = datetime.datetime.utcnow().isoformat()
+    ctime = datetime.datetime.now(datetime.UTC).isoformat()
 
     whitelist = []
     config = salt.utils.beacons.remove_hidden_options(config, whitelist)

salt/client/ssh/__init__.py

@@ -512,7 +512,7 @@ def _update_roster(self):
                         '# Automatically added by "{s_user}" at {s_time}\n{hostname}:\n'
                         "    host: {hostname}\n    user: {user}\n    passwd: {passwd}\n".format(
                             s_user=getpass.getuser(),
-                            s_time=datetime.datetime.utcnow().isoformat(),
+                            s_time=datetime.datetime.now(datetime.UTC).isoformat(),
                             hostname=self.opts.get("tgt", ""),
                             user=self.opts.get("ssh_user", ""),
                             passwd=self.opts.get("ssh_passwd", ""),

salt/modules/system.py

@@ -15,7 +15,7 @@
 import logging
 import os.path
 import re
-from datetime import datetime, timedelta, tzinfo
+from datetime import datetime, timedelta, timezone, tzinfo
 
 import salt.utils.files
 import salt.utils.path
@@ -258,7 +258,7 @@ def _get_offset_time(utc_offset):
     if utc_offset is not None:
         minutes = _offset_to_min(utc_offset)
         offset = timedelta(minutes=minutes)
-        offset_time = datetime.utcnow() + offset
+        offset_time = datetime.now(timezone.utc) + offset
         offset_time = offset_time.replace(tzinfo=_FixedOffset(minutes))
     else:
         offset_time = datetime.now()

salt/modules/tls.py

@@ -105,7 +105,7 @@
 import os
 import re
 import time
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
 
 import salt.utils.data
 import salt.utils.files
@@ -365,7 +365,7 @@ def maybe_fix_ssl_version(ca_name, cacert_path=None, ca_filename=None):
                 try:
                     days = (
                         datetime.strptime(cert.get_notAfter(), "%Y%m%d%H%M%SZ")
-                        - datetime.utcnow()
+                        - datetime.now(timezone.utc)
                     ).days
                 except (ValueError, TypeError):
                     days = 365
@@ -593,8 +593,10 @@ def validate(cert, ca_name, crl_file):
 
                 builder = x509.CertificateRevocationListBuilder()
                 builder = builder.issuer_name(ca_x509.subject)
-                builder = builder.last_update(datetime.utcnow())
-                builder = builder.next_update(datetime.utcnow() + timedelta(days=36500))
+                builder = builder.last_update(datetime.now(timezone.utc))
+                builder = builder.next_update(
+                    datetime.now(timezone.utc) + timedelta(days=36500)
+                )
 
                 # Load existing revocations from index file if it exists
                 index_file = f"{ca_dir}/index.txt"
@@ -845,7 +847,7 @@ def create_ca(
                     err,
                 )
                 bck = "{}.unloadable.{}".format(
-                    ca_keyp, datetime.utcnow().strftime("%Y%m%d%H%M%S")
+                    ca_keyp, datetime.now(timezone.utc).strftime("%Y%m%d%H%M%S")
                 )
                 log.info("Saving unloadable CA ssl key in %s", bck)
                 os.rename(ca_keyp, bck)
@@ -903,7 +905,9 @@ def create_ca(
     keycontent = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key)
     write_key = True
     if os.path.exists(ca_keyp):
-        bck = "{}.{}".format(ca_keyp, datetime.utcnow().strftime("%Y%m%d%H%M%S"))
+        bck = "{}.{}".format(
+            ca_keyp, datetime.now(timezone.utc).strftime("%Y%m%d%H%M%S")
+        )
         with salt.utils.files.fopen(ca_keyp) as fic:
             old_key = salt.utils.stringutils.to_unicode(fic.read()).strip()
             if old_key.strip() == keycontent.strip():
@@ -1905,8 +1909,10 @@ def create_empty_crl(
 
         builder = x509.CertificateRevocationListBuilder()
         builder = builder.issuer_name(ca_x509.subject)
-        builder = builder.last_update(datetime.utcnow())
-        builder = builder.next_update(datetime.utcnow() + timedelta(days=36500))
+        builder = builder.last_update(datetime.now(timezone.utc))
+        builder = builder.next_update(
+            datetime.now(timezone.utc) + timedelta(days=36500)
+        )
 
         # Mapping digest strings to cryptography hashes
         hash_algo = getattr(hashes, digest.upper(), hashes.SHA256)()
@@ -2021,7 +2027,7 @@ def revoke_cert(
     )
     index_r_data = "R\t{}\t{}\t{}".format(
         expire_date,
-        _four_digit_year_to_two_digit(datetime.utcnow()),
+        _four_digit_year_to_two_digit(datetime.now(timezone.utc)),
         index_serial_subject,
     )
 
@@ -2063,8 +2069,10 @@ def revoke_cert(
 
         builder = x509.CertificateRevocationListBuilder()
         builder = builder.issuer_name(ca_x509.subject)
-        builder = builder.last_update(datetime.utcnow())
-        builder = builder.next_update(datetime.utcnow() + timedelta(days=36500))
+        builder = builder.last_update(datetime.now(timezone.utc))
+        builder = builder.next_update(
+            datetime.now(timezone.utc) + timedelta(days=36500)
+        )
 
         with salt.utils.files.fopen(index_file) as fp_:
             for line in fp_:

salt/modules/vsphere.py

@@ -3877,7 +3877,7 @@ def update_host_datetime(
         host_ref = _get_host_ref(service_instance, host, host_name=host_name)
         date_time_manager = _get_date_time_mgr(host_ref)
         try:
-            date_time_manager.UpdateDateTime(datetime.datetime.utcnow())
+            date_time_manager.UpdateDateTime(datetime.datetime.now(datetime.UTC))
         except vim.fault.HostConfigFault as err:
             msg = "'vsphere.update_date_time' failed for host {}: {}".format(
                 host_name, err

salt/modules/win_timezone.py

@@ -3,7 +3,7 @@
 """
 
 import logging
-from datetime import datetime
+from datetime import datetime, timezone
 
 from salt.exceptions import CommandExecutionError
 
@@ -242,7 +242,7 @@ def get_offset():
     """
     # http://craigglennie.com/programming/python/2013/07/21/working-with-timezones-using-Python-and-pytz-localize-vs-normalize/
     tz_object = pytz.timezone(get_zone())
-    utc_time = pytz.utc.localize(datetime.utcnow())
+    utc_time = datetime.now(timezone.utc)
     loc_time = utc_time.astimezone(tz_object)
     norm_time = tz_object.normalize(loc_time)
     return norm_time.strftime("%z")
@@ -262,7 +262,7 @@ def get_zonecode():
         salt '*' timezone.get_zonecode
     """
     tz_object = pytz.timezone(get_zone())
-    loc_time = tz_object.localize(datetime.utcnow())
+    loc_time = datetime.now(timezone.utc).astimezone(tz_object)
     return loc_time.tzname()
 
 

salt/modules/x509.py

@@ -20,7 +20,6 @@
 
 import ast
 import ctypes
-import datetime
 import glob
 import hashlib
 import logging
@@ -30,6 +29,7 @@
 import sys
 import tempfile
 from collections import OrderedDict
+from datetime import datetime, timedelta, timezone
 
 import salt.exceptions
 import salt.utils.data
@@ -256,15 +256,11 @@ def _parse_openssl_crl(crl_filename):
             crl["Issuer"] = subject
         if line.startswith("Last Update: "):
             crl["Last Update"] = line.replace("Last Update: ", "")
-            last_update = datetime.datetime.strptime(
-                crl["Last Update"], "%b %d %H:%M:%S %Y %Z"
-            )
+            last_update = datetime.strptime(crl["Last Update"], "%b %d %H:%M:%S %Y %Z")
             crl["Last Update"] = last_update.strftime("%Y-%m-%d %H:%M:%S")
         if line.startswith("Next Update: "):
             crl["Next Update"] = line.replace("Next Update: ", "")
-            next_update = datetime.datetime.strptime(
-                crl["Next Update"], "%b %d %H:%M:%S %Y %Z"
-            )
+            next_update = datetime.strptime(crl["Next Update"], "%b %d %H:%M:%S %Y %Z")
             crl["Next Update"] = next_update.strftime("%Y-%m-%d %H:%M:%S")
         if line.startswith("Revoked Certificates:"):
             break
@@ -286,7 +282,7 @@ def _parse_openssl_crl(crl_filename):
         rev_yaml = salt.utils.data.decode(salt.utils.yaml.safe_load(revoked))
         for rev_values in rev_yaml.values():
             if "Revocation Date" in rev_values:
-                rev_date = datetime.datetime.strptime(
+                rev_date = datetime.strptime(
                     rev_values["Revocation Date"], "%b %d %H:%M:%S %Y %Z"
                 )
                 rev_values["Revocation Date"] = rev_date.strftime("%Y-%m-%d %H:%M:%S")
@@ -1004,20 +1000,14 @@ def create_crl(
         serial_number = salt.utils.stringutils.to_bytes(serial_number)
 
         if "not_after" in rev_item and not include_expired:
-            not_after = datetime.datetime.strptime(
-                rev_item["not_after"], "%Y-%m-%d %H:%M:%S"
-            )
-            if datetime.datetime.now() > not_after:
+            not_after = datetime.strptime(rev_item["not_after"], "%Y-%m-%d %H:%M:%S")
+            if datetime.now() > not_after:
                 continue
 
         if "revocation_date" not in rev_item:
-            rev_item["revocation_date"] = datetime.datetime.now().strftime(
-                "%Y-%m-%d %H:%M:%S"
-            )
+            rev_item["revocation_date"] = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
 
-        rev_date = datetime.datetime.strptime(
-            rev_item["revocation_date"], "%Y-%m-%d %H:%M:%S"
-        )
+        rev_date = datetime.strptime(rev_item["revocation_date"], "%Y-%m-%d %H:%M:%S")
         rev_date = rev_date.strftime("%Y%m%d%H%M%SZ")
         rev_date = salt.utils.stringutils.to_bytes(rev_date)
 
@@ -1538,7 +1528,7 @@ def create_certificate(path=None, text=False, overwrite=True, ca_server=None, **
     fmt = "%Y-%m-%d %H:%M:%S"
     if "not_before" in kwargs:
         try:
-            time = datetime.datetime.strptime(kwargs["not_before"], fmt)
+            time = datetime.strptime(kwargs["not_before"], fmt)
         except:
             raise salt.exceptions.SaltInvocationError(
                 "not_before: {} is not in required format {}".format(
@@ -1556,7 +1546,7 @@ def create_certificate(path=None, text=False, overwrite=True, ca_server=None, **
 
     if "not_after" in kwargs:
         try:
-            time = datetime.datetime.strptime(kwargs["not_after"], fmt)
+            time = datetime.strptime(kwargs["not_after"], fmt)
         except:
             raise salt.exceptions.SaltInvocationError(
                 "not_after: {} is not in required format {}".format(
@@ -1963,7 +1953,7 @@ def expired(certificate):
             ret["path"] = certificate
             cert = _get_certificate_obj(certificate)
 
-            _now = datetime.datetime.utcnow()
+            _now = datetime.now(timezone.utc)
             _expiration_date = cert.get_not_after().get_datetime()
 
             ret["cn"] = _parse_subject(cert.get_subject())["CN"]
@@ -2007,7 +1997,7 @@ def will_expire(certificate, days):
 
             cert = _get_certificate_obj(certificate)
 
-            _check_time = datetime.datetime.utcnow() + datetime.timedelta(days=days)
+            _check_time = datetime.now(timezone.utc) + timedelta(days=days)
             _expiration_date = cert.get_not_after().get_datetime()
 
             ret["cn"] = _parse_subject(cert.get_subject())["CN"]

salt/spm/pkgdb/sqlite3.py

@@ -166,7 +166,7 @@ def register_pkg(name, formula_def, conn=None):
             name,
             formula_def["version"],
             formula_def["release"],
-            datetime.datetime.utcnow().strftime("%a, %d %b %Y %H:%M:%S GMT"),
+            datetime.datetime.now(datetime.UTC).strftime("%a, %d %b %Y %H:%M:%S GMT"),
             formula_def.get("os", None),
             formula_def.get("os_family", None),
             formula_def.get("dependencies", None),

salt/utils/aws.py

@@ -18,7 +18,7 @@
 import time
 import urllib.parse
 import xml.etree.ElementTree as ET
-from datetime import datetime
+from datetime import datetime, timezone
 
 import requests
 
@@ -121,7 +121,7 @@ def creds(provider):
     ## if needed
     if provider["id"] == IROLE_CODE or provider["key"] == IROLE_CODE:
         # Check to see if we have cache credentials that are still good
-        if not __Expiration__ or __Expiration__ < datetime.utcnow().strftime(
+        if not __Expiration__ or __Expiration__ < datetime.now(timezone.utc).strftime(
             "%Y-%m-%dT%H:%M:%SZ"
         ):
             # We don't have any cached credentials, or they are expired, get them
@@ -164,7 +164,7 @@ def sig2(method, endpoint, params, provider, aws_api_version):
 
     http://docs.aws.amazon.com/general/latest/gr/signature-version-2.html
     """
-    timenow = datetime.utcnow()
+    timenow = datetime.now(timezone.utc)
     timestamp = timenow.strftime("%Y-%m-%dT%H:%M:%SZ")
 
     # Retrieve access credentials from meta-data, or use provided
@@ -201,7 +201,7 @@ def assumed_creds(prov_dict, role_arn, location=None):
     valid_session_name_re = re.compile("[^a-z0-9A-Z+=,.@-]")
 
     # current time in epoch seconds
-    now = time.mktime(datetime.utcnow().timetuple())
+    now = time.mktime(datetime.now(timezone.utc).timetuple())
 
     for key, creds in copy.deepcopy(__AssumeCache__).items():
         if (creds["Expiration"] - now) <= 120:
@@ -281,7 +281,7 @@ def sig4(
     http://docs.aws.amazon.com/general/latest/gr/sigv4-signed-request-examples.html
     http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html
     """
-    timenow = datetime.utcnow()
+    timenow = datetime.now(timezone.utc)
 
     # Retrieve access credentials from meta-data, or use provided
     if role_arn is None:

salt/utils/event.py

@@ -782,7 +782,7 @@ async def fire_event_async(self, data, tag, cb=None, timeout=1000):
             if not self.connect_pull(timeout=timeout_s):
                 return False
 
-        data["_stamp"] = datetime.datetime.utcnow().isoformat()
+        data["_stamp"] = datetime.datetime.now(datetime.UTC).isoformat()
         event = self.pack(tag, data, max_size=self.opts["max_event_size"])
         msg = salt.utils.stringutils.to_bytes(event, "utf-8")
         self.pusher.publish(msg)
@@ -817,7 +817,7 @@ def fire_event(self, data, tag, timeout=1000):
             if not self.connect_pull(timeout=timeout_s):
                 return False
 
-        data["_stamp"] = datetime.datetime.utcnow().isoformat()
+        data["_stamp"] = datetime.datetime.now(datetime.UTC).isoformat()
         event = self.pack(tag, data, max_size=self.opts["max_event_size"])
         msg = salt.utils.stringutils.to_bytes(event, "utf-8")
         if self._run_io_loop_sync:

salt/utils/timeutil.py

@@ -6,7 +6,7 @@
 import logging
 import re
 import time
-from datetime import datetime, timedelta
+from datetime import datetime, timedelta, timezone
 
 # Import Salt modules
 
@@ -34,7 +34,7 @@ def get_timestamp_at(time_in=None, time_at=None):
                 minutes = 0
             hours, minutes = int(hours), int(minutes)
         dt = timedelta(hours=hours, minutes=minutes)
-        time_now = datetime.utcnow()
+        time_now = datetime.now(timezone.utc)
         time_at = time_now + dt
         return time.mktime(time_at.timetuple())
     elif time_at:

salt/utils/versions.py

@@ -244,7 +244,7 @@ def warn_until_date(
         # Attribute the warning to the calling function, not to warn_until_date()
         stacklevel = 2
 
-    today = _current_date or datetime.datetime.utcnow().date()
+    today = _current_date or datetime.datetime.now(datetime.UTC).date()
     if today >= date:
         caller = inspect.getframeinfo(sys._getframe(stacklevel - 1))
         deprecated_message = (