Currently all Helm endpoints part of the console backend talk to the cluster API on behalf of currently logged user. Such approach certainly makes a lot of sense for all supported Helm operations, but recent introduction of multi/custom helm chart support (APPSVC-314) expects wrongly that regular users have access to HelmChartRepository CRs and optionally referred configmaps and secrets from openshift-config namespace.

As the consequence, admins are able to browse from configured custom Helm repository, whereas regular users, due to missing read permissions on HelmChartRepository CRs, still see just charts from default RedHat repo.

Giving permissions to all users is not what we would like to, because it might become a great security concern. Instead, we are going to read needed resources on behalf of console service account, associating appropriate permissions to it.