(#12463) eliminate secure_open in favour of replace_file
None of the users of secure_open in the codebase actually want to achieve a
result different from replace_file, so we might as well eliminate the older
API in favour of one that is easier to use and clearer in intent.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>