Add script to reencrypt pillar data
This scripts can be used to reencrypt all pillar data with an updated
list of recipients. It does of course not prevent anyone from checking
out an old revision and decrypt this data, so good practice would still
require to rotate secrets when the list of recipients is changed.
Example usage:
./bin/reencrypt_pillar.py -r --recipients-file encrypted_pillar_recipients pillar