secgroups: enable delete_default_rules

Neutron will always inject a set of default security group rules when creating a security group.

We wont be able to fully track the security group rules in tofu-infra unless we delete them, which conveniently the tofy openstack provider allows.

This means that the default sg rules (like, allow egress) should be included in the security group YAML we have in this repo, which is exactly what we wanted in the first place.

Activate the logic based on if the sg is being imported or not. For imported ones, don't delete anything, since the imported YAML already includes all rules. Neutron already injected the default rules when the sg was created outside tofu.

Bug: T375111 Signed-off-by: Arturo Borrero Gonzalez aborrero@wikimedia.org