So am trying to deploy Jenkins into my existing k8s cluster, but then am getting this notification (insufficient OAuth scopes). what scope am I missing on my service account?
This is a GCP issue.
Make sure that the user you are using to launch the service has Owner or Compute Admin privileges on your GCP project.
By default Node pool are created with the following scopes which does not include the right scope:
"nodePools": [ { "name": "default-pool", "config": { "oauthScopes": [ "https://www.googleapis.com/auth/compute", "https://www.googleapis.com/auth/devstorage.read_only", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/monitoring", "https://www.googleapis.com/auth/servicecontrol", "https://www.googleapis.com/auth/service.management.readonly", "https://www.googleapis.com/auth/trace.append" ],
To fix the error:
If this is a GKE test Cluster, just recreate it with the right scope. You can create a new node pool with the required scopes and then migrate your workloads over to the new node pool.
If you are using gcloud, add this scope:
--scopes=https://www.googleapis.com/auth/cloud-platform
If you decide to recreate the Node Pool, remember to drain and delete the old Node Pool afterwards. I think the following post will be helpful as it related to your case.