Create custom initial user (#1707)

Using a default user with a default password has the implicit risk, that this user is not changed and therefore this system can be compromised. With this change, SCM-Manager does not create the default user with the default password on startup any more, but it shows an initial form where the initial values for the administration user have to be entered by the user. To secure this form, a random token is created on startup and printed in the log.

To implement this form, the concept of an InitializationStep is introduced. This extension point can be implemented to offer different setup tasks. The creation of the administration user is the first implementation, others might be things like first plugin selections or the like.

Frontend components are selected by the name of these initialization steps, whose names will be added to the index resource
(whichever is active at the moment) and will be show accordingly.

Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>

scm-webapp/src/main/java/sonia/scm/lifecycle/modules/ScmServletModule.java

@@ -57,6 +57,8 @@ import sonia.scm.group.GroupDisplayManager;
 import sonia.scm.group.GroupManager;
 import sonia.scm.group.GroupManagerProvider;
 import sonia.scm.group.xml.XmlGroupDAO;
+import sonia.scm.initialization.DefaultInitializationFinisher;
+import sonia.scm.initialization.InitializationFinisher;
 import sonia.scm.metrics.MeterRegistryProvider;
 import sonia.scm.migration.MigrationDAO;
 import sonia.scm.net.SSLContextProvider;
@@ -275,6 +277,8 @@ class ScmServletModule extends ServletModule {
     bind(HealthCheckService.class).to(DefaultHealthCheckService.class);
 
     bind(NotificationSender.class).to(DefaultNotificationSender.class);
+
+    bind(InitializationFinisher.class).to(DefaultInitializationFinisher.class);
   }
 
   private <T> void bind(Class<T> clazz, Class<? extends T> defaultImplementation) {