Pass service account keyfile to go bigquery client

I am trying to use service account with go bigquery client. For some reason, there's no Go example of how to pass a service file in when you make a client. I see here https://cloud.google.com/docs/authentication/production but this pattern doesn't follow anything shown. It also isn't shown at https://godoc.org/cloud.google.com/go/bigquery

I have

//bigquery_caller.go
package main

import "C"
import "fmt"
import "cloud.google.com/go/bigquery"
import "golang.org/x/net/context"


func main() {
    ctx := context.Background()
    client, err := bigquery.NewClient(ctx, "project-name")
    if err != nil {
        fmt.Println("Had an error")
    }

    q := client.Query(`
        select * from mytables
    `)

    it, err := q.Read(ctx)

    fmt.Println(it)
    fmt.Println(err)
}

The code works, I get

googleapi: Error 403: Access Denied: Project project-name:

How can I pass a service key file in to go client?

You need to create a service account in your project and furnish a new JSON private key.

Then ensure that the GOOGLE_APPLICATION_CREDENTIALS environmental variable is set to the full path of this file. For example, on Linux:

GOOGLE_APPLICATION_CREDENTIALS=/home/user/Downloads/key.json go run main.go

As an aside, it is best practice to make sure you protect access to this private key file and ensure the service account has the minimum privileges required to perform its role.