Store sensitive export options in dedicated credentials file

[and-rad]

Closes godotengine/godot-proposals#1156

This PR splits sensitive information from the export_presets.cfg file off into a new export_credentials.cfg file. This effectively allows users to commit export presets to version control without making confidential information public.

The change is transparent and seamless for the most part. Old export presets are loaded fine and all the credentials are preserved*. The next time any export presets are changed, the new format is being used automatically. For a list of properties that are considered confidential, see the linked proposal.

*: The only exception to this is the script encryption key. Users will have to re-enter it the next time they open the export presets UI.

I included two minimal projects to highlight the change. Before Credentials contains the old file layout and can be used to test the conversion from before this PR to after. With Credentials shows how export presets are stored with this PR merged.

Before Credentials.zip
With Credentials.zip

[bruvzg]

Since the rest of the values can be read from env. variables, script_encryption_key should be as well (in the editor_export_platform.cpp, there are two String script_key = p_preset->get_script_encryption_key().to_lower(); lines where it's used).

[and-rad]

Since the rest of the values can be read from env. variables, script_encryption_key should be as well (in the editor_export_platform.cpp, there are two String script_key = p_preset->get_script_encryption_key().to_lower(); lines where it's used).

No problem, but I have to look into how to do this cleanly since the script encryption key is handled differently and by different classes than the rest of the properties here.

Edit: In particular, I'm concerned with where to store the environment variable name. Every export platform has its own encryption key, so there needs to be a dedicated environment variable for each platform. That makes it platform-dependent code, but EditorExportPreset is platform-independent. Likewise, storing the environment variable in EditorExportPreset is a no for the same reason. Nevermind, I was being dumb. I'll look into this, I think I know a pretty straightforward way to do it.

[and-rad]

I implemented the requested changes and extended it so that the script encryption key can also be set by environment variables. I haven't updated the example projects yet, will do that ASAP. Example projects have been updated.

[bruvzg]

Needs rebase after #74644

Newly added codesign/provisioning_profile in macOS exporter should be added to credentials as well (local file path, so not critical).

[and-rad]

Rebased and fixed the issues pointed out by @m4gr3d . There's still the question of whether it is necessary to have an environment variable for the script encryption key per platform. I'm happy to go either way, but I'd need someone with more authority to make a final decision.

[and-rad]

Rebased and changed script encryption key environment variable to be the same for all platforms.

[akien-mga]

This looks really solid. Great work!

[akien-mga]

Looks great!

[akien-mga]

Thanks!