One can't hold this SLO, it heavily depends on the size of the
downloads.

The unstable main builds were used to the requirement for an unreleased
fix. This switches now back to a stable release in order to keep
stability long term.

Since the content-proxy doesn't allow proxying content of type x-icon,
this patch switches to a PNG.

After running it for a while now, it turns to be not too useful for the
SI Infra. The main use-cases for SBOMs at this point are security scans
and license compliance.

None of these are use-cases that I actually used the produced SBOMs for.

One of the main issues for using these SBOMs for security scans was the
glaring false-negatives for actual security issues due to a lack of
detection of certain packages/application within containers.

Instead running renovate and regularly upgrading all parts has proven
way more practical.

License Compliance, while might being a potential concern, is not on the
list of things to worry about right now.

Finally another issue with this particular operator, was it breaking for
various reasons and resulting in dropping out regularly, which made
SBOMs also out of date.

This patch fixes the usage of oauth2-proxy by already triggering auth on
the GET instead of the POST request.