Introduce a read-only mode for data protection keyring consumers

[amcasey]

Introduce a read-only mode for data protection keyring consumers

• You've read the Contributor Guide and Code of Conduct.
• You've included unit or integration tests for your change, where applicable.
• You've included inline docs for your change, where applicable.
• There's an open issue for the PR that you are making. If you'd like to propose a new feature or change, please open an issue to discuss the change or find an existing issue.

Description

When multiple app instances consume the same keyring, they all try to rotate it, leading to races. This change introduces an IConfiguration property (usually set as an env var) that puts data protection in a read-only mode. The expectation is that writing will be done by a separate (i.e. non-app-instance) component.

Fixes #52915

[amcasey]

To actually fix #52915, we'll want a public API. I've separated out this part because it can be backported, whereas a new API cannot.

Chris pointed out that KeyManagementOptions.AutoGenerateKeys already allows this to be configured programmatically.

[amcasey]

Interesting - the failure is specific to *nix. Investigating.

[amcasey]

/backport to branch release/8.0

[github-actions]

Started backporting to branch: https://github.com/dotnet/aspnetcore/actions/runs/8088872298

[github-actions]

@amcasey an error occurred while backporting to branch, please check the run log for details!

Error: The specified backport target branch branch wasn't found in the repo.

[amcasey]

/backport to release/8.0

[github-actions]

Started backporting to release/8.0: https://github.com/dotnet/aspnetcore/actions/runs/8088881925