fix: correct image registry priority order

[pierluigilenoci]

Summary

This PR fixes the image registry priority order to allow image.registry to take precedence over global.imageRegistry, which is the expected behavior in Helm charts.

Problem

After #367, when oauth2-proxy is used as a subchart and the parent chart sets global.imageRegistry, the local image.registry setting is ignored. This breaks existing configurations and is counter-intuitive.

Current behavior (broken):

1. global.imageRegistry (highest priority) ❌
2. image.registry
3. quay.io (default in values.yaml)

Issue: If a parent chart sets global.imageRegistry to a private registry, oauth2-proxy cannot override it locally, even if the user explicitly sets image.registry.

Solution

Reverse the priority order to match standard Helm chart behavior:

New behavior (fixed):

1. image.registry (highest priority) ✅
2. global.imageRegistry
3. quay.io (default in template)

Changes

• deployment.yaml: Changed from {{ .Values.global.imageRegistry | default .Values.image.registry }} to {{ .Values.image.registry | default .Values.global.imageRegistry | default "quay.io" }}
• values.yaml: Removed default registry value (now empty string), default moved to template
• Chart.yaml: Bumped version to 10.1.0 (minor version for behavior change)

Impact

This is technically a behavior change, but it:

• Fixes the reported issue Oauth2-Proxy can no longer be used as subchart since global registry settings take precedence over local registry settings #379
• Aligns with standard Helm chart conventions (local > global > default)
• Was already approved by maintainer @tuunit in the issue discussion

Testing

The change ensures:

• If image.registry is set → use it (regardless of global.imageRegistry)
• If only global.imageRegistry is set → use it (backward compatible)
• If neither is set → use "quay.io" (maintains default behavior)

Fixes #379