`restore --all` breaks when password is changed

[mmastrac]

When restoring all databases from a dump into a new local instance, the restore process fails due to init.edgeql overwriting the password for the admin role. This prevents further database restoration because authentication fails immediately after the password is changed.

This issue makes remote restore --all particularly problematic unless authentication is done using a secret key, which is not straightforward with the current setup.

Steps to Reproduce

1. Create a new Gel instance and restore all databases from a dump:

   gel instance create -I dump_restore2
   gel -I dump_restore2 restore --all $WORK_DIR/dump_all

Expected output:

  (successful restore messages)
   ✅ OK

Actual output:

   [2025-03-31T20:02:50Z ERROR gel_tokio::raw::connection] Connection error: AuthenticationError: authentication failed
   gel error: cannot connect to database "main"
     Caused by: Connection error: AuthenticationError: authentication failed
   ❌ FAIL: exit status: 1

Expected Behavior

The restore process should complete without modifying credentials unless explicitly allowed by the user.

Actual Behavior

• init.edgeql contains an ALTER ROLE admin statement that changes the password.
• Since authentication credentials are lost, the restore process fails when trying to restore additional databases.

Discussion

• dump --all is intended to include all roles and authentication settings.
• Overwriting passwords during a restore can cause unexpected authentication failures, particularly for multi-step restorations.

Possible mitigations:

• Provide a warning before restoring that passwords will be changed.
• Allow users to opt out of restoring passwords.
• Implement an outro.edgeql script that restores passwords at the end rather than immediately.
• Use edgeql-parser to detect credential changes and prompt the user for confirmation.
• Recommend restoring via the admin socket to bypass authentication issues.