Help installing google-cloud-secret_manager/protobuf gems

Has anyone got a working shell.nix with google-cloud-secret_manager gem?

I had the follow shell.nix working but after playing around with using a separate Gemfile.local to host some local gems and switching to them I suddenly started getting errors. If I reduce the Gemfile down I still get errors as soon as I add the google-cloud-secret_manager.

Gemfile:

source 'https://rubygems.org'

gem 'google-cloud-secret_manager'

shell.nix:

with (import <nixpkgs> {});
let
  gems = bundlerEnv {
    name = "gems-for-test-shell";
    ruby = ruby_3_2;
    gemfile = ./Gemfile;
    lockfile = ./Gemfile.lock;
    gemset = ./gemset.nix;

    # Bit of a clunky way to build a platform specific gem under NixOS but it works.
    # Set the sha256 to an empty string to get the sha256 for the latest version.
    gemConfig = pkgs.defaultGemConfig // {
      google-protobuf = attrs:
        if pkgs.stdenv.isLinux then {
          version = attrs.version + "-x86_64-linux";
          source = attrs.source // { sha256 = "sha256-zuuoedkxOivQYAqX1v489Smps30SygJviRmWwRi3/7I="; };
          nativeBuildInputs = with pkgs; [ autoPatchelfHook ];
        } else attrs;
      grpc = attrs:
        if pkgs.stdenv.isLinux then {
          version = attrs.version + "-x86_64-linux";
          source = attrs.source // { sha256 = "sha256-mF5XBwNpG4mF77MmqvsWj0CFsKDMs3a8u9FfGaLSI3o="; };
          nativeBuildInputs = with pkgs; [ autoPatchelfHook ];
        } else attrs;
    };
  };
in mkShell {
  packages = [
    gems
    gems.wrappedRuby
  ]; 
}
bundix -l # Generates the .lock file

nix-shell --show-trace # spits out the following:

error:
       … while calling the 'derivationStrict' builtin

         at /builtin/derivation.nix:9:12: (source not available)

       … while evaluating derivation 'nix-shell'
         whose name attribute is located at /nix/store/p97d5hqlrarm9ixy2fyad7aykaxn8qsj-nixos/nixos/pkgs/stdenv/generic/make-derivation.nix:331:7

       … while evaluating attribute 'nativeBuildInputs' of derivation 'nix-shell'

         at /nix/store/p97d5hqlrarm9ixy2fyad7aykaxn8qsj-nixos/nixos/pkgs/stdenv/generic/make-derivation.nix:375:7:

          374|       depsBuildBuild              = elemAt (elemAt dependencies 0) 0;
          375|       nativeBuildInputs           = elemAt (elemAt dependencies 0) 1;
             |       ^
          376|       depsBuildTarget             = elemAt (elemAt dependencies 0) 2;

       … while evaluating derivation 'gems-for-test-shell'
         whose name attribute is located at /nix/store/p97d5hqlrarm9ixy2fyad7aykaxn8qsj-nixos/nixos/pkgs/stdenv/generic/make-derivation.nix:331:7

       … while evaluating attribute 'passAsFile' of derivation 'gems-for-test-shell'

         at /nix/store/p97d5hqlrarm9ixy2fyad7aykaxn8qsj-nixos/nixos/pkgs/build-support/trivial-builders/default.nix:69:9:

           68|         inherit buildCommand name;
           69|         passAsFile = [ "buildCommand" ]
             |         ^
           70|           ++ (derivationArgs.passAsFile or [ ]);

       … while evaluating derivation 'ruby3.2-gapic-common-0.21.1'
         whose name attribute is located at /nix/store/p97d5hqlrarm9ixy2fyad7aykaxn8qsj-nixos/nixos/pkgs/stdenv/generic/make-derivation.nix:331:7

       … while evaluating attribute 'gemPath' of derivation 'ruby3.2-gapic-common-0.21.1'

         at /nix/store/p97d5hqlrarm9ixy2fyad7aykaxn8qsj-nixos/nixos/pkgs/development/ruby-modules/bundled-common/functions.nix:93:5:

           92|     gemName = name;
           93|     gemPath = map (gemName: gems.${gemName}) (attrs.dependencies or []);
             |     ^
           94|   });

       … while calling anonymous lambda

         at /nix/store/p97d5hqlrarm9ixy2fyad7aykaxn8qsj-nixos/nixos/pkgs/development/ruby-modules/bundled-common/functions.nix:93:20:

           92|     gemName = name;
           93|     gemPath = map (gemName: gems.${gemName}) (attrs.dependencies or []);
             |                    ^
           94|   });

       … while calling anonymous lambda

         at /nix/store/p97d5hqlrarm9ixy2fyad7aykaxn8qsj-nixos/nixos/pkgs/development/ruby-modules/bundled-common/default.nix:61:56:

           60|
           61|   gems = lib.flip lib.mapAttrs configuredGemset (name: attrs: buildGem name attrs);
             |                                                        ^
           62|

       … from call site

         at /nix/store/p97d5hqlrarm9ixy2fyad7aykaxn8qsj-nixos/nixos/pkgs/development/ruby-modules/bundled-common/default.nix:61:63:

           60|
           61|   gems = lib.flip lib.mapAttrs configuredGemset (name: attrs: buildGem name attrs);
             |                                                               ^
           62|

       … while calling 'buildGem'

         at /nix/store/p97d5hqlrarm9ixy2fyad7aykaxn8qsj-nixos/nixos/pkgs/development/ruby-modules/bundled-common/default.nix:101:20:

          100|
          101|   buildGem = name: attrs: (
             |                    ^
          102|     let

       error: value is null while a set was expected

As I say, this was working until I started playing around. Any help or ideas on how I can debug this or clean up some messed up state (!?!) and I’d be eternally grateful.

Fixed it!

Adding targets = []; to both configs seems to have fixed the issue. It now looks like this:

    gemConfig = pkgs.defaultGemConfig // {
      grpc = attrs:
        if pkgs.stdenv.isLinux then {
          version = attrs.version + "-x86_64-linux";
          source = attrs.source // { sha256 = "sha256-mF5XBwNpG4mF77MmqvsWj0CFsKDMs3a8u9FfGaLSI3o="; };
          nativeBuildInputs = with pkgs; [ autoPatchelfHook ];
          targets = [];
        } else attrs;
      google-protobuf = attrs:
        if pkgs.stdenv.isLinux then {
          version = attrs.version + "-x86_64-linux";
          source = attrs.source // { sha256 = "sha256-zuuoedkxOivQYAqX1v489Smps30SygJviRmWwRi3/7I="; };
          nativeBuildInputs = with pkgs; [ autoPatchelfHook ];
          targets = [];
        } else attrs;
    };

Seems to be working for me at the moment. I’ll continue testing.

Now I’m using devenv.sh. Much better solution as it’s an isolated Ruby/Bundler env and behaves more like using Ruby on standard distros.