use testenv to separate conditions between production and testing
- exclude secrets files only when the include_secrets grain is False
(default is True)
- adjust the prepare_test_env to include secrets files optionally (eg
when running tests locally)
- use 127.0.0.1 for ip4:interfaces:private when in testing, or real
value when in production (in pillar/role/web_mirrors.sls for now, but
it can be done in more places in the future