I am new to Docker and K8s. As a tutorial, I created a small python service that fetches messages from GCP Pub/Sub and ack's them. Now when I am running K8s cluster with that image I get the following error

PermissionDenied: 403 Request had insufficient authentication scopes. [reason: "ACCESS_TOKEN_SCOPE_INSUFFICIENT"

This is expected since the pubsub needs credentials to use google service. Now in my local machine U usually set environment variable GOOGLE_APPLICATION_CREDENTIALS=c:\some_dir\credentials.json where json holds google_service credentials. My question is what is the correct approach for Docker do I need to copy the credentials file into it or since it's all running in same google project there is an alternative?