WIP: Encrypted backup

What does this MR do?

Implements feature described in #32208 (moved)

Adds GPG based encryption capability to existing gitlab:backup:create and gitlab:backup:restore tasks.

New environment variables ENCRYPTION_KEY_PATH and DECRYPTION_KEY_PATH, will be used during create and restore task.

If ENCRYPTION_KEY_PATH is passed to gitlab:backup:create task then gpg encryption will be performed on tar file. If DECRYPTION_KEY_PATH is passed to gitlab:backup:restore task then gpg decryption will be performed on gpg file.

Are there points in the code the reviewer needs to double check?

Check Backup::Manager#upload methods. I was not able to test this method on my local system.

Why was this MR needed?

As mentioned here #32208 (moved) users are requesting for inbuilt encryption mechanism for gitlab backups.

Screenshots (if relevant)

Does this MR meet the acceptance criteria?

• Changelog entry added, if necessary
• Documentation created/updated
• API support added
• Tests added for this feature/bug
• Review
  • Has been reviewed by UX
  • Has been reviewed by Frontend
  • Has been reviewed by Backend
  • Has been reviewed by Database
• Conform by the merge request performance guides
• Conform by the style guides
• Squashed related commits together
• Internationalization required/considered
• End-to-end tests pass (package-qa manual pipeline job)

What are the relevant issue numbers?

#32208 (moved)

Pending Tasks

• Write tests for rake tasks and Backup::Manager.
• Discuss on minimising user interaction.
• Should we skip this question while calling gpg encrypt command? - "Use this key anyway? (y/N)"
• Should we add passphrase as an argument to restore task?
  • When we decrypt file using GPG, it asks for passphrase, "You need a passphrase to unlock the secret key for". Rake task can take passphrase as argument, which will be passed to gpg command.