I'm surprised that this is needed. Is this how other plugins track the credentials of runs?

To be honest I have no idea.
This is my first time working on the jenkins / a jenksin plugin codebase and all of it is rather overwhelming. I just noticed that we didn't see any usages of our bitbucket credentials so I started to look into it. But even to find CredentialsProvider.track I had to look through the code of the credentials plugin as I couldn't find any documentation about it - the only hint was the UI showing Note: usage tracking requires the cooperation of plugins and consequently may not track every use. which set me down that path.

With my limited knowledge though it kind of makes sense as at the time of the actual job invocation any generic code wouldn't know about the configured credentials anymore as they would have been transfored already into whatever format is actually required to perform the task (eg an environment variable, or a request header, etc.), and even if you would hook exactly into that transformation you most likely wouldn't have access to the actual Run anymore. Of course I might be completely wrong here - so I'm happy about any insight. I am also fine with dropping this specific thing from the PR and opening up a separat ticket / PR if for the actual credentials tracking of job runs.

Please just let me know on how you want to proceed here.

Other plugins may be using CredentialsProvider.findCredentialById, which usually calls CredentialsProvider.track. However, a search for CredentialsProvider in github-branch-source-plugin shows only CredentialsProvider.lookupCredentials, CredentialsProvider.USE_ITEM, and CredentialsProvider.lookupStores.

So how should we procceed here?
Should I drop the listener for now? I don't think I can dig into this in more detail before end of next week.

@KalleOlaviNiemitalo any feedback on this?