pýrus

As an outcome from the #1347, the following resource types should be enabled in zuul openlab: * blockstorage/noauth * blockstorage/v1 * clustering/v1 * containerinfra/v1 * db/v1 * messaging/v2 * networking/v2/extensions/fwaas...

Initial idea was to start nodeserver without secrets. It may be required by security purpose. Additionally, follow CSI spec and configure openstack client from secrets, provided in storageclass manifest when...

See an aws node controller for reference: https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/deploy/kubernetes/base/node.yaml It doesn't have secrets

@jtopjian no, but it should be called before each API call. You can imaging the mess in app.

> But, if I understand correctly, this feature would conditionally renew a token if any API call was made during a certain window. Is this correct? currently a client token...

@jtopjian here is a nice example from swift code of the logic I propose to introduce: https://opendev.org/openstack/glance_store/src/commit/d05024afc3bed9deca1acc49f4a8d6faf14b0545/glance_store/_drivers/swift/connection_manager.py#L75

> The trigger on a 401 is actually the simple part. Unless I'm mistaken, the implementation that you're talking about would just be a similar, but instead of firing after...

One of the ideas of post-call hooks is to retry a call, when a server returned an error, e.g. 502 net/http timeout.

> What limitations are you hitting with creating a new provider client "from scratch"? I don't want to issue an auth logic every time I create a provider. In addition...

I managed to solve the issue by creating a custom cloneAuth function, based on `v3auth`. ```go // global client var client *gophercloud.ProviderClient // shared auth options var ao *gophercloud.AuthOptions func...