Refactor unlisted submission to go through auto-approval workflow

[diox]

We want to unify listed & unlisted submission workflow to make it easier to manage, as well as making it possible to apply some actions to unlisted uploads while they are scanned, such as delaying their approval.

For developers, that will mean although unlisted approvals should still be fast, it will no longer be instantaneous.

This means:

• Modifying devhub & API to not auto-sign, instead letting unlisted versions be set to awaiting review and the UI changed to be similar to listed (with a couple extra explanations added to tell developers to wait for signing and where to find the file once it's signed).
• Processing unlisted versions awaiting review, either through submit_file task (currently fired for API uploads only), auto_approve cron, or a different cron. (Note auto_approve was recently fixed to only care about listed versions, that would need to be reverted if going this route). We might want to have them go through AutoApprovalSummary too, to be determined.
• Ensuring this whole thing is transparent - and still fast - for langpack submissions that are made as part of Firefox release process - essentially langpacks that are mozilla signed should be exempted from this as much as possible.

This should be done behind a waffle switch and maybe split into several issues if necessary.

[diox]

We've done some back of a napkin maths to see if auto_approve could cope with unlisted submissions and it seems like it can. #7045 was merged into this week's tag to get more info on Thursday.

[diox]

@jvillalobos I'll need copy for last page of the submission process. It currently says:

Version Signed
You’re done! This version is signed and ready to for self-distribution. You can download it by clicking the button below.
Download {filename}

We can't include the link anymore since the unlisted approval will no longer be guaranteed to be instantaneous with those changes (*) So what can we say here instead ?

(*) The developer will still receive the notification email once it's approved & signed though - it currently says:

Version {version} is now signed and ready for you to download at {versions url}

[jvillalobos]

Version Signature Pending
You’re done! This version will be signed for self-distribution shortly. You will be notified by email when the signed file is ready for download.

/cc @caitmuenster

[caitmuenster]

LGTM. Thanks!

[diox]

QA: nothing should change except for this:

For developers, that will mean although unlisted approvals should still be fast, it will no longer be instantaneous.

So, try submitting unlisted versions, both using devhub and the API, and see if it gets approved correctly, shows up in reviewer tools, have the right status in devhub, and relevant activity logs are created as before.

[AlexandraMoga]

Verified fixed on -dev. Unlisted extensions are no longer instantly signed, their auto-approval will happen in ~5 minutes.
These are the test scenarios covered:

• submitting a new unlisted extension in dev-hub
• submitting a new version for an unlisted extension
• submitting an unlisted version for a listed add-on
• submission of language packs and dictionaries
• submitting an unlisted version for a recommended extension (making sure it is auto-approved and receives no recommendation file after signing)
• submitting add-ons through the signing API

The submission success message has been updated as well, and the the email notification is sent only after the add-on is auto-approved.

The issues found with unlisted themes and delay auto-approval have been reported separately.