feat: add GCP Secret Manager OpenFeature provider

[mahpatil]

Summary

• Adds a new OpenFeature provider for GCP Secret Manager that reads feature flags from GCP Secret Manager secrets
• Includes flag caching, value conversion for all OpenFeature types (bool, string, int, double, object), and background polling for updates
• Adds a sample application under samples/gcp-secret-manager-sample/ with setup/teardown scripts

Provider Details

• Package: providers/gcp-secret-manager
• Class: GcpSecretManagerProvider
• Supports all OpenFeature flag types via structured or plain-text secret values
• Configurable poll interval and GCP project settings

Test plan

• Unit tests for FlagCache, FlagValueConverter, and GcpSecretManagerProvider
• Integration test (GcpSecretManagerProviderIntegrationTest) requires a real GCP project — set GCP_PROJECT_ID env var to run
• Sample app: follow samples/gcp-secret-manager-sample/README.md to run end-to-end

[gemini-code-assist]

Code Review

This pull request introduces a new OpenFeature provider for Google Cloud Secret Manager, enabling feature flags to be managed as GCP secrets. The changes include the core provider implementation with caching and value conversion, along with comprehensive unit and integration tests, and a sample application. Feedback suggests adding an initial entry to the new module's CHANGELOG.md, refining the spotbugs-exclusions.xml to only include relevant exclusions, and improving the testability of FlagCache by injecting a Clock instance instead of relying on Instant.now() and Thread.sleep().

[gemini-code-assist]

A new module should have an initial entry in its CHANGELOG.md to document its creation and initial version. This helps maintain a clear history of changes from the very beginning.

Suggested change

	# Changelog
	## 0.0.1
	### ✨ New Features
	* Initial release of the GCP Secret Manager OpenFeature provider.

[gemini-code-assist]

This spotbugs-exclusions.xml file is specific to the gcp-secret-manager provider. It should ideally only contain exclusions relevant to this module. The current file includes exclusions for other modules, which indicates a copy-paste error and makes the configuration less maintainable.

<?xml version="1.0" encoding="UTF-8"?>
<FindBugsFilter xmlns="https://github.com/spotbugs/filter/3.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="https://github.com/spotbugs/filter/3.0.0 https://raw.githubusercontent.com/spotbugs/spotbugs/3.1.0/spotbugs/etc/findbugsfilter.xsd">

    <!-- All bugs in test classes, except for JUnit-specific bugs -->
    <Match>
        <Class name="~.*\.*Test" />
        <Not>
            <Bug code="IJU" />
        </Not>
    </Match>
</FindBugsFilter>

[gemini-code-assist]

Using Instant.now() directly within CacheEntry makes time-sensitive logic harder to test deterministically. Consider injecting a Clock instance into FlagCache and subsequently into CacheEntry to allow for better testability and control over time.

        CacheEntry(String value, Duration ttl, Clock clock) {
            this.value = value;
            this.expiresAt = Instant.now(clock).plus(ttl);
        }

        boolean isExpired() {
            return Instant.now(clock).isAfter(expiresAt);
        }

[gemini-code-assist]

Using Thread.sleep() in tests can lead to flaky tests and slow down the test suite. For time-sensitive logic like cache expiry, it's better to use a Clock abstraction (e.g., java.time.Clock) that can be mocked or controlled in tests. This would make tests deterministic and faster.

// Simulate time passing using a mocked Clock if FlagCache is refactored to accept one