Enable registration of `garden-shoot-trust-configurator` as a Garden extension

[theoddora]

Support registering and deploying the garden-shoot-trust-configurator as an extension that targets the Garden cluster.

Specifically, the extension registration should allow the following setup:

What would you like to be added:

apiVersion: operator.gardener.cloud/v1alpha1
kind: Extension
metadata:
  name: shoot-oidc-service
spec:
  deployment:
    ...
  resources:
  - clusterCompatibility:
    - garden
    - shoot
    kind: Extension
    type: shoot-oidc-service
    workerlessSupported: true
  - clusterCompatibility:
    - garden
    kind: Extension
    type: garden-shoot-trust-configurator

Using the garden resource:

apiVersion: operator.gardener.cloud/v1alpha1
kind: Garden
metadata:
  name: garden
spec:
  extensions:
  - type: shoot-oidc-service
  - type: garden-shoot-trust-configurator

Why is this needed:
The garden-shoot-trust-configurator depends on the presence of the oidc-webhook-authenticator (OWA) in the Garden cluster. With the recent work to support installing OWA in the Garden cluster via the shoot-oidc-service extension (see: #388), we now have all prerequisites in place to integrate the trust configurator as well.