VMFirewall description setter everywhere

cloudbridge/cloud/providers/aws/resources.py

@@ -634,6 +634,19 @@ class AWSVMFirewall(BaseVMFirewall):
         self._vm_firewall.create_tags(Tags=[{'Key': 'Name',
                                              'Value': value or ""}])
 
+    @property
+    def description(self):
+        try:
+            return find_tag_value(self._vm_firewall.tags, 'Description')
+        except ClientError:
+            return None
+
+    @description.setter
+    # pylint:disable=arguments-differ
+    def description(self, value):
+        self._vm_firewall.create_tags(Tags=[{'Key': 'Description',
+                                             'Value': value or ""}])
+
     @property
     def network_id(self):
         return self._vm_firewall.vpc_id

cloudbridge/cloud/providers/aws/services.py

@@ -184,9 +184,10 @@ class AWSVMFirewallService(BaseVMFirewallService):
         name = AWSVMFirewall._generate_name_from_label(label, 'cb-fw')
         network_id = network.id if isinstance(network, Network) else network
         obj = self.svc.create('create_security_group', GroupName=name,
-                              Description=description or name,
+                              Description=name,
                               VpcId=network_id)
         obj.label = label
+        obj.description = description
         return obj
 
     @dispatch(event="provider.security.vm_firewalls.find",

cloudbridge/cloud/providers/gce/resources.py

@@ -504,6 +504,24 @@ class GCEVMFirewall(BaseVMFirewall):
             self._description = ''
         return self._description
 
+    @description.setter
+    def description(self, value):
+        # Change the description on all rules
+        for fw in self._delegate.iter_firewalls(self._vm_firewall,
+                                                self._network.name):
+            fw['description'] = value or ''
+            response = (self._provider
+                        .gce_compute
+                        .firewalls()
+                        .update(project=self._provider.project_name,
+                                firewall=fw['name'],
+                                body=fw)
+                        .execute())
+            self._provider.wait_for_operation(response)
+        # Set back to None so that the next time the user gets it, it updates
+        # but don't force update here to avoid more overhead
+        self._description = None
+
     @property
     def network_id(self):
         return self._network.id

cloudbridge/cloud/providers/openstack/resources.py

@@ -5,6 +5,7 @@ import inspect
 import ipaddress
 import logging
 import os
+import re
 
 try:
     from urllib.parse import urlparse
@@ -1090,19 +1091,16 @@ class OpenStackVMFirewall(BaseVMFirewall):
         :return: The network ID supplied when this firewall was created or
                  `None` if ID cannot be identified.
         """
-        # Best way would be to use regex, but using this hacky way to avoid
-        # importing the re package
-        # FIXME: This doesn't work as soon as the _description doesn't conform
-        # to this rigid string structure.
-        net_id = self._description\
-                     .split(" [{}".format(self._network_id_tag))[-1]\
-                     .split(']')[0]
+        # Extracting networking ID from description
+        exp = ".*\\[" + self._network_id_tag + "([^\\]]*)\\].*"
+        matches = re.match(exp, self._description)
+        if matches:
+            return matches.group(1)
         # We generally simulate a network being associated with a firewall;
         # however, because of some networking specificity in Nectar, we must
         # allow `None` return value as well in case an ID was not discovered.
-        if not net_id:
+        else:
             return None
-        return net_id
 
     @property
     def _description(self):
@@ -1118,6 +1116,16 @@ class OpenStackVMFirewall(BaseVMFirewall):
         else:
             return None
 
+    @description.setter
+    def description(self, value):
+        if not value:
+            value = ""
+        value += " [{}{}]".format(self._network_id_tag,
+                                  self.network_id)
+        self._provider.os_conn.network.update_security_group(
+            self.id, description=value)
+        self.refresh()
+
     @property
     def name(self):
         """

cloudbridge/cloud/providers/openstack/services.py

@@ -243,17 +243,17 @@ class OpenStackVMFirewallService(BaseVMFirewallService):
               priority=BaseVMFirewallService.STANDARD_EVENT_PRIORITY)
     def create(self, label, network, description=None):
         OpenStackVMFirewall.assert_valid_resource_label(label)
-        net = network.id if isinstance(network, Network) else network
+        net_id = network.id if isinstance(network, Network) else network
         # We generally simulate a network being associated with a firewall
         # by storing the supplied value in the firewall description field that
         # is not modifiable after creation; however, because of some networking
         # specificity in Nectar, we must also allow an empty network id value.
-        if not net:
-            net = ""
+        if not net_id:
+            net_id = ""
         if not description:
             description = ""
         description += " [{}{}]".format(OpenStackVMFirewall._network_id_tag,
-                                        net)
+                                        net_id)
         sg = self.provider.os_conn.network.create_security_group(
             name=label, description=description)
         if sg: