(https://issues.jenkins.io/browse/JENKINS-65333 somehow make a similar point but addressed only one particular problem)

CredentialsProvider lookup can be very costly. Looking up all providers for nothing. This is particularly visible in environments that use remote vaults (Hashicorp Vault for example).

One particular example is the case of finding a single credentials CredentialsProvider#findCredentialById. It does not halt on first findings, instead it goes through all possible providers and eventually find the first match: https://github.com/jenkinsci/credentials-plugin/blob/1337.v60b_d7b_c7b_c9f/src/main/java/com/cloudbees/plugins/credentials/CredentialsProvider.java#L978.

But in many cases, CredentialsProvider#lookupCredentials is used to lookup a specific unique credentials ID with the IdMatcher. Probably due to a limitation that CredentialsProvider#findCredentialById requires a run.

Particularly greedy processes are the BranchIndexing / OrganizationScan of GitHub Branch Source that can generate many many lookups, for the same credentials ID..

For that reason I am linking the 2 plugins here.