fix: Google Cloud Secret Store Refactoring

[ZPascal]

PR Summary: Google Cloud Secret Store Refactoring

Overview

This PR updates the Google Cloud secret store plugin to improve credential file handling with explicit type detection.

Changes

Code Refactoring

File: plugins/secretstores/googlecloud/googlecloud.go

• Replaced API: Changed from credentials.DetectDefault() to credentials.NewCredentialsFromJSON() for more explicit credential handling
• Remove deprecated variables: The variable DetectOptions CredentialsFile is deprecated, and the functionality has been removed.
• Added credential file parsing: Now manually reads and parses the service account JSON file instead of relying on auto-detection
• New helper function: Added parseFileType() to extract the type field from the service account JSON, which is required to instantiate credentials correctly
• Improved error handling: Separate error messages for file reading vs. JSON parsing failures

Test Updates

File: plugins/secretstores/googlecloud/googlecloud_test.go

• Updated error message assertions to reflect new parsing flow
• Added test case for missing CA certificate path in GDCH (Google Distributed Cloud Hosted) service accounts

Test Data

New file: plugins/secretstores/googlecloud/testdata/gdch-missing-ca-cert-path.json

• Added test fixture for GDCH service account credentials with incomplete configuration

Benefits

• More explicit and debuggable credential initialization
• Better error messages for troubleshooting credential file issues
• Compatibility with the latest Google Cloud auth library
• Improved support for GDCH (Google Distributed Cloud Hosted) authentication flows

Checklist

• No AI generated code was used in this PR

[srebhan]

Shouldn't this just work with v0.18 which included googleapis/google-cloud-go#13317?

[ZPascal]

Shouldn't this just work with v0.18 which included googleapis/google-cloud-go#13317?

Yes, but the variable DetectOptions CredentialsFile is deprecated and I've adapted the code.

[srebhan]

Ok, so the PR title should be something like "update google auth dependency"? Or you should split the PR into two where you first remove the deprecated usage and then bump the lib...

[ZPascal]

Google Cloud Secret Store Refactoring

HI @srebhan, I think it is better to split the PR. I'll take care of it.

[ZPascal]

Google Cloud Secret Store Refactoring

HI @srebhan, I think it is better to split the PR. I'll take care of it.

Hi @srebhan, I've updated the PR. This dedicated PR to bump the version should be merged first. The deprecation is a part of the v0.18 release.

[telegraf-tiger]

Download PR build artifacts for linux_amd64.tar.gz, darwin_arm64.tar.gz, and windows_amd64.zip.
Downloads for additional architectures and packages are available below.

☺️ This pull request doesn't significantly change the Telegraf binary size (less than 1%)

📦 Click here to get additional PR build artifacts

Artifact URLs

. DEB	. RPM	. TAR . GZ	. ZIP
amd64.deb	aarch64.rpm	darwin_amd64.tar.gz	windows_amd64.zip
arm64.deb	armel.rpm	darwin_arm64.tar.gz	windows_arm64.zip
armel.deb	armv6hl.rpm	freebsd_amd64.tar.gz	windows_i386.zip
armhf.deb	i386.rpm	freebsd_armv7.tar.gz
i386.deb	ppc64le.rpm	freebsd_i386.tar.gz
mips.deb	riscv64.rpm	linux_amd64.tar.gz
mipsel.deb	s390x.rpm	linux_arm64.tar.gz
ppc64el.deb	x86_64.rpm	linux_armel.tar.gz
riscv64.deb		linux_armhf.tar.gz
s390x.deb		linux_i386.tar.gz
		linux_mips.tar.gz
		linux_mipsel.tar.gz
		linux_ppc64le.tar.gz
		linux_riscv64.tar.gz
		linux_s390x.tar.gz