cloud-provider-openstack is not the only service needing access to the cloud credentials. The list also includes:

• image-registry (Swift and Glance access)
• cloud-network-config-controller (Neutron and Nova access for EgressIPs support)
• CSIs (Cinder and Manila access)
• Ingress (I have no damn clue why it could need it, but I see it on other platforms)

Normally this is solved by cloud-credentials-operator, but in HyperShift we don't have it. hosted-control-plane-operator needs to take care of this alone. The code goes here: https://github.com/openshift/hypershift/blob/1af078fe4b9ebd63a9b6e506f03abc9ae6ed4edd/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources.go#L1156

We also need to pass CA here! It might be non-trivial!