fix(openviking): refresh client from env on /reload

[0xDevNinja]

What does this PR do?

Fixes the env-reload half of #21130: OPENVIKING_* env values were snapshotted in initialize() and never refreshed, so /reload (which only updates os.environ) left viking_* tools running against stale auth — users had to restart hermes to pick up keys added to .env after startup.

Fix

Introduce _ensure_client() that re-reads env on each access and rebuilds the client when any OPENVIKING_* value changed; the same client is reused otherwise so the per-call cost stays at one dict comparison + zero network calls on the hot path. Every if not self._client: guard in system_prompt_block, queue_prefetch, sync_turn, on_session_end, on_memory_write, and handle_tool_call becomes if not self._ensure_client():.

Note on the header-collision bug

The original PR also carried a fix for _VikingClient._headers() colliding with API-key auth. That is now redundant — #21232 already landed the omit-empty/legacy-default tenant header behavior upstream, which resolves the same 403. That commit has been dropped; this PR is scoped to the env-reload fix only.

Related Issue

Refs #21130 (env-reload half; header-collision half handled by #21232)

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature
• Breaking change
• Documentation update
• Code refactor / cleanup
• Performance improvement
• Test coverage improvement

Changes Made

• plugins/memory/openviking/__init__.py
  • Add _ensure_client() — re-reads OPENVIKING_ENDPOINT/API_KEY/ACCOUNT/USER/AGENT on each access, rebuilds + health-checks the client only when a value changed.
  • initialize() no longer snapshots env directly; delegates to _ensure_client().
  • Replace every if not self._client: guard with if not self._ensure_client():.
• tests/openviking_plugin/test_openviking.py — coverage for env-change rebuild, no-rebuild on unchanged config, and stale-client behavior across /reload.

Testing

uv run pytest tests/openviking_plugin/test_openviking.py tests/plugins/memory/test_openviking_provider.py -q

Both suites green (13 + 20 passed).

[alt-glitch]

Competing PR: #21136 fixes the same two bugs from #21130. These should be reviewed together — only one should be merged.

[ZaynJarvis]

First fix. Should be resolve with setting account and user as “”. Then headers won’t be sent to ov. This is fixed in some PR recently. For omitting header when unset.

second Lgtm.

[0xDevNinja]

Thanks for the review. You're right — #21232 already landed the omit-when-unset/legacy-default header behavior, which fixes the 403 path I was patching. I dropped that commit and rebased; this PR is now scoped to the env-reload fix only. Updated the description to match.