Remove images from TEC definition & run watchers independently of TECs

[Jakob-Naucke]

Move trusteeImage etc. out of the TEC CRD. Treat them as
operator-wide, and always use RELATED_IMAGE_TRUSTEE etc. as reference
instead of as fallback.

Fixes: #215

Watch ApprovedImages and compute reference values independently of a
TEC existing. Adopt ApprovedImages from the TEC in order to include
them in uninstallation. Have PCR computation jobs owned by the
ApprovedImages. This avoids conflicting watchers on ApprovedImages
while using a simple flow.

Fixes: #216

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Jakob-Naucke

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[Jakob-Naucke]

Let's see if we can get past login without openshift/release#77892 's changes
/retest

[Jakob-Naucke]

/retest

[Jakob-Naucke]

/retest
e: apparently not

[openshift-ci]

@Jakob-Naucke: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/operator-lifecycle-verify	051b57c	link	true	/test operator-lifecycle-verify

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.