As the OpenShift Console, I want my associated Service Account to have watch permissions on ClusterCatalog resources, so that the console can provide real-time updates about the status and content of OperatorHub sources.

Description

The OpenShift Console displays content from OperatorHub, which is populated by ClusterCatalog resources. For the console to accurately reflect the current state of these catalogs, its backend needs to monitor these resources in real-time. This requires adding watch permissions for ClusterCatalogs to the console service account's ClusterRole. This change will be made directly in the console operator's manifest files, ensuring the Service Account has the necessary privileges upon deployment.

Acceptance Criteria

• The console's cluster role manifest file is updated.

• A new rule is added to the ClusterRole granting the watch verb for the clustercatalogs resource in the operators.coreos.com API group.

• After the operator is deployed with the updated manifest, the console's Service Account has the required watch permission.

• The console backend can successfully establish a watch on ClusterCatalog resources without encountering any permission errors.