Add mechanism to rotate credentials for pgstac_user

There could be scenarios where it would be useful to be able to rotate the credentials (i.e. password) for the pgstac_user on the pgstac database. This would involve:

1. Generating a new password, updating the secret (pgbouncer and otherwise)
2. Connecting to the database and updating the password for pgstac_user
3. Updating the credentials on the pgbouncer instance if it exists