Backend should enforce HTTPS requirement when basicAuthConfig is used for Helm repositories

[coderabbitai]

Background

While adding basic authentication support for Helm repositories in PR #15624, frontend validation was implemented to require HTTPS when basicAuthConfig is present (see comment thread).

However, the backend does not currently enforce this security requirement, allowing users to bypass the frontend validation by directly creating or modifying repository resources via the API.

Current State

• Frontend validation: Correctly requires HTTPS when basicAuthConfig is present (frontend/packages/helm-plugin/src/components/forms/HelmChartRepository/helmchartrepository-validation-utils.ts)
• Backend validation: Missing in pkg/helm/chartproxy/repos.go (lines 169-246) where basicAuthConfig is extracted and applied without URL scheme validation
• Test files confirm backend accepts HTTP URLs with basicAuthConfig

Required Action

Add server-side validation in pkg/helm/chartproxy/repos.go to reject repository create/update requests when:

• basicAuthConfig is provided, AND
• Repository URL does not use HTTPS scheme

The validation should return a clear HTTP 400 error when this constraint is violated.

Additional Context

• The backend code in question is approximately 3 years old
• This issue was identified during PR review but deemed out of scope for RFE-7965: add basic auth support for helm repositories #15624
• Related Jira: https://issues.redhat.com/browse/RFE-7965

Requested by: @webbnh
Tracked from: #15624 (comment)

[webbnh]

Tracked in HELM-612.