Incorrect Authorization

Summary

Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their `GitRepo`. Helm `lookup` bypass: The Helm template engine ran Kubernetes API queries with the fleet-agent's cluster-admin credentials instead of the impersonated `ServiceAccount`. A chart template could therefore access resources beyond the tenant's RBAC scope. `valuesFrom` bypass: `Secret` and `ConfigMap` references in `fleet.yaml` `helm.valuesFrom` were read using the fleet-agent's cluster-admin client. A tenant could reference resources in namespaces the impersonated `ServiceAccount` has no access to. Both issues break Fleet's multi-tenant impersonation boundary. The leaked credentials may belong to external services, making the full impact non-deterministic. Single-tenant deployments where all users are trusted are not affected. This issue affects github.com/rancher/fleet versions 0.11.x prior to 0.11.13, 0.12.x prior to 0.12.14, 0.13.x prior to 0.13.10, 0.14.x prior to 0.14.5 and 0.15.x prior to 0.15.1.