Split checks in test_network_policy_add_remove_pod

Check that the pod_ip of the deleted pod is not in SG rules
before creating a new one to avoid the situation of failing because the
new pod gets the same IP as the deleted one

Change-Id: I2f7bc9d3acb15c3353629130ee9575aadd212454
Depends-On: I3c89441f83d3f133c68d5bbd79df2f8393673a2f

kuryr_tempest_plugin/tests/scenario/base_network_policy.py

@@ -540,6 +540,13 @@ class TestNetworkPolicyScenario(base.BaseKuryrScenarioTest,
                                                  pod_num=1)
         LOG.debug("Connection to service %s with one pod from %s was "
                   "successful", self.service_name, client_pod_name)
+        # Check that the deleted pod is removed from SG rules
+        self.check_sg_rules_for_np(
+            namespace_name, np_name_client,
+            ingress_cidrs_shouldnt_exist=[
+                first_server_pod_cidr],
+            egress_cidrs_shouldnt_exist=[
+                first_server_pod_cidr])
 
         pod_name, pod = self.create_pod(labels=server_label,
                                         namespace=namespace_name)
@@ -559,11 +566,7 @@ class TestNetworkPolicyScenario(base.BaseKuryrScenarioTest,
         self.check_sg_rules_for_np(
             namespace_name, np_name_client,
             ingress_cidrs_should_exist=service_pods_cidrs,
-            egress_cidrs_should_exist=service_pods_cidrs,
-            ingress_cidrs_shouldnt_exist=[
-                first_server_pod_cidr],
-            egress_cidrs_shouldnt_exist=[
-                first_server_pod_cidr])
+            egress_cidrs_should_exist=service_pods_cidrs)
         self.check_service_internal_connectivity(namespace=namespace_name,
                                                  pod_name=client_pod_name)
         LOG.debug("Connection to service %s from %s was successful",