gce backend isn't seeing accessKey option when it's specified in the deployment.

[zaphar]

It is possible this is fixed now since the code in the traceback seems to be from a few commits back and the current code looks quite a bit different. However if so the fixes are not installable from the nix package manager which is at version 1.7 so maybe an packet update is all that's needed.

Triggering configuration block:

{
  deployment.targetEnv = "gce";
  deployment.gce = {
    # credentials
    project = "******";
    serviceAccount = "*****@developer.gserviceaccount.com";
    accessKey = ./ca_private.pem;

    # instance properties
    machineName = "wallnet-public-endpoint";
    region = "us-central1";
    instanceType = "e2-micro";
    tags = ["tailscale" "endpoint"];
    scheduling.automaticRestart = true;
    scheduling.onHostMaintenance = "MIGRATE";
    bootstrapImage =  "nixos-20-03";
    rootDiskSize = 5;
  };

  services.tailscale.enable = true;
}

Exception traceback is below:

Traceback (most recent call last):
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/bin/..nixops-wrapped-wrapped", line 991, in <module>
    args.op()
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/bin/..nixops-wrapped-wrapped", line 412, in op_deploy
    max_concurrent_activate=args.max_concurrent_activate)
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/lib/python2.7/site-packages/nixops/deployment.py", line 1063, in deploy
    self.run_with_notify('deploy', lambda: self._deploy(**kwargs))
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/lib/python2.7/site-packages/nixops/deployment.py", line 1052, in run_with_notify
    f()
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/lib/python2.7/site-packages/nixops/deployment.py", line 1063, in <lambda>
    self.run_with_notify('deploy', lambda: self._deploy(**kwargs))
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/lib/python2.7/site-packages/nixops/deployment.py", line 912, in _deploy
    self.evaluate_active(include, exclude, kill_obsolete)
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/lib/python2.7/site-packages/nixops/deployment.py", line 874, in evaluate_active
    self.evaluate()
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/lib/python2.7/site-packages/nixops/deployment.py", line 369, in evaluate
    defn = _create_definition(x, cfg, cfg["targetEnv"])
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/lib/python2.7/site-packages/nixops/deployment.py", line 1261, in _create_definition
    return cls(xml, config)
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/lib/python2.7/site-packages/nixops/backends/gce.py", line 40, in __init__
    self.access_key_path = self.get_option_value(x, 'accessKey', str)
  File "/nix/store/qsh7q3w30rizzvxwz6w83whgr55plsvi-nixops-1.7/lib/python2.7/site-packages/nixops/gce_common.py", line 68, in get_option_value
    raise Exception("option {0} must be set".format(name))
Exception: option accessKey must be set

[tewfik-ghariani]

@zaphar I believe it should be enough to leverage the builtins.readFile utility

accessKey = builtins.readFile ./ca_private.pem;

[zaphar]

That did indeed fix it. Did I just misunderstand the documentation for this?

[tewfik-ghariani]

Most likely, I'll submit a PR to update the examples