fix(gcs): resolve credential conflict in remote storage mount (#8013)

* fix(gcs): resolve credential conflict in remote storage mount

Manually handle GCS credentials to avoid conflict with automatic discovery.
Fixes #8007

* fix(gcs): use %w for error wrapping in gcs_storage_client.go

Address review feedback to use idiomatic error wrapping.

weed/remote_storage/gcs/gcs_storage_client.go

@@ -14,6 +14,8 @@ import (
 	"github.com/seaweedfs/seaweedfs/weed/pb/remote_pb"
 	"github.com/seaweedfs/seaweedfs/weed/remote_storage"
 	"github.com/seaweedfs/seaweedfs/weed/util"
+	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/google"
 	"google.golang.org/api/iterator"
 	"google.golang.org/api/option"
 )
@@ -54,7 +56,27 @@ func (s gcsRemoteStorageMaker) Make(conf *remote_pb.RemoteConf) (remote_storage.
 
 	googleApplicationCredentials = util.ResolvePath(googleApplicationCredentials)
 
-	c, err := storage.NewClient(context.Background(), option.WithCredentialsFile(googleApplicationCredentials))
+	var clientOpts []option.ClientOption
+	if googleApplicationCredentials != "" {
+		var data []byte
+		var err error
+		if strings.HasPrefix(googleApplicationCredentials, "{") {
+			data = []byte(googleApplicationCredentials)
+		} else {
+			data, err = os.ReadFile(googleApplicationCredentials)
+			if err != nil {
+				return nil, fmt.Errorf("failed to read credentials file %s: %w", googleApplicationCredentials, err)
+			}
+		}
+		creds, err := google.CredentialsFromJSON(context.Background(), data, storage.ScopeFullControl)
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse credentials: %w", err)
+		}
+		httpClient := oauth2.NewClient(context.Background(), creds.TokenSource)
+		clientOpts = append(clientOpts, option.WithHTTPClient(httpClient), option.WithoutAuthentication())
+	}
+
+	c, err := storage.NewClient(context.Background(), clientOpts...)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create client: %w", err)
 	}