fix(storage/driver/gcs): use non-deprecated credential validation API
What does this MR do?
Replace google.CredentialsFromJSONWithParams with google.CredentialsFromJSONWithTypeAndParams to validate that credentials match the expected ServiceAccount type before parsing. The old function is deprecated in golang.org/x/oauth2@v0.35.0 because it does not validate credential type, which is a security risk when accepting credentials from untrusted sources.
Both call sites already gate on service account JSON via google.JWTConfigFromJSON, so adding google.ServiceAccount as the credential type formalizes an existing invariant.
Also bumps cloud.google.com/go/storage to v1.60.0 and golang.org/x/oauth2 to v0.35.0 (plus transitive deps), re-applying the upgrade reverted in !2779 (merged).
Related to #2142 (closed)
Author checklist
-
CODEOWNERS Review: This MR requires approval from at least one CODEOWNER per category/file.
- If codeowners are absent or the change is urgent, any registry maintainer can temporarily disable CODEOWNERS reviews in the project settings. When doing so:
- Add a comment on the MR justifying the bypass
- Mention/CC the designated codeowners in the MR for async review
- Re-enable CODEOWNERS reviews in project settings once the MR is merged
- If you lack permissions to disable CODEOWNERS reviews, reach out to the Engineering Manager (
@jaime) or Senior Engineering Manager (@crystalpoole) for assistance.
- If codeowners are absent or the change is urgent, any registry maintainer can temporarily disable CODEOWNERS reviews in the project settings. When doing so:
- Assign one of conventional-commit prefixes to the MR.
-
fix: Indicates a bug fix, triggers a patch release. -
feat: Signals the introduction of a new feature, triggers a minor release. -
perf: Focuses on performance improvements that don't introduce new features or fix bugs, triggers a patch release. -
docs: Updates or changes to documentation. Does not trigger a release. -
style: Changes that do not affect the code's functionality. Does not trigger a release. -
refactor: Modifications to the code that do not fix bugs or add features but improve code structure or readability. Does not trigger a release. -
test: Changes related to adding or modifying tests. Does not trigger a release. -
chore: Routine tasks that don't affect the application, such as updating build processes, package manager configs, etc. Does not trigger a release. -
build: Changes that affect the build system or external dependencies. May trigger a release. -
ci: Modifications to continuous integration configuration files and scripts. Does not trigger a release. -
revert: Reverts a previous commit. It could result in a patch, minor, or major release.
-
-
MR contains database changes including schema/background migrations:
- N/A
- Change contains a breaking change - apply the breaking change label.
- Change is considered high risk - apply the label high-risk-change
-
I created or linked to an existing issue for every added or updated
TODO,BUG,FIXMEorOPTIMIZEprefixed comment -
Changes cannot be rolled back
- N/A — rollback is safe since the deprecated function still exists in v0.35.0.
Documentation/resources
Reviewer checklist
- Ensure the commit and MR tittle are still accurate.
- If the change contains a breaking change, verify the breaking change label.
- If the change is considered high risk, verify the label high-risk-change
- Identify if the change can be rolled back safely. (note: all other reasons for not being able to rollback will be sufficiently captured by major version changes).