preflight check for password_secret

[todvora]

Description

This PR adds a preflight check for both server and data node. Each side verifies if the cluster_config collection contains a predefined and encrypted value. If not, then it will be created. If yes, then the check will try to read and decrypt it. The value is known and easy to verify. So if the decrypting fails, we know that this node uses a different password than the one that originally encrypted the value. That leads to a controlled stop of the startup and proper error message. Rather fail early and explicitly than wait till a problem occurs later, during normal operation. Failing early means fixing the problem early, before it can cause big troubles.

Motivation and Context

Fixes #21504

How Has This Been Tested?

Manually and with a unit test

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Refactoring (non-breaking change)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes.