Hi,
we're having problems setting scopes in credentials_gce() because the scopes are being ignored at credentials_gce.R.

Our RStudio connect pod runs with a different GKE service account that's binded to a separate IAM service account. This service account is different from the one that's attached to our node pool. We tried adding default oauth scopes to the node pool, but that didn't have any effect.

We would like to have the ability to set the scopes with gargle, because other solutions include downloading the service account and attaching it to the pod which are not secure.

My proposed solution is to add the scopes in fetch_gce_access_token function:

fetch_gce_access_token <- function(scopes, service_account) {
  path <- glue("instance/service-accounts/{service_account}/token")
  if(!is.null(scopes)) {
    scopes <- paste(scopes, collapse = ",")
    path <- glue("{path}?scopes={scopes}")
  }
  response <- gce_metadata_request(path)
  httr::content(response, as = "parsed", type = "application/json")
}