if: github.repository == 'gradle/gradle'

    steps:
      - name: Checkout repository
        uses: actions/checkout@v6
      
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v6
        with:
          role-to-assume: arn:aws:iam::992382829881:role/GHASecrets_gradle_all
          aws-region: "eu-central-1"
      
      - name: Get secrets

     * @param userAgent The user agent string.
     */
    public void setUserAgent(final String userAgent) {
        this.userAgent = userAgent;
    }

    /**
     * Sets the credentials provider.
     * @param credentialsProvider The credentials provider.
     */
    public void setCredentialsProvider(final CredentialsProvider credentialsProvider) {
        this.credentialsProvider = credentialsProvider;
    }

    /**

            {{- if .Values.etcd.clientCert }}
            - name: MINIO_ETCD_CLIENT_CERT
              value: "/tmp/credentials/etcd_client_cert.pem"
            {{- end }}
            {{- if .Values.etcd.clientCertKey }}
            - name: MINIO_ETCD_CLIENT_CERT_KEY
              value: "/tmp/credentials/etcd_client_cert_key.pem"
            {{- end }}
            {{- if .Values.etcd.pathPrefix }}

	// is a real user (i.e. not derived credentials).
	if isSvcAccForRequestor {
		if requestorIsDerivedCredential {
			if requestorParentUser == "" {
				writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx,
					errors.New("service accounts cannot be generated for temporary credentials without parent")), r.URL)
				return
			}
			targetUser = requestorParentUser
		}

    private static final long serialVersionUID = 4328214169536360351L;
    /** The NT hash for authentication */
    private final byte[] ntHash;

    /**
     * Create username/password credentials with specified domain
     *
     * @param domain the authentication domain
     * @param username the username
     * @param passwordHash
     *            NT password hash
     */

          description: "the Git branch specifier to build (<branchName>, <tagName>, <commitId>, etc.)\n"
    scm:
      - git:
          name: origin
          # master node jenkins user ~/.ssh
          credentials-id: f6c7695a-671e-4f4f-a331-acdce44ff9ba
          reference-repo: "/var/lib/jenkins/.git-references/elasticsearch.git"
          branches:
            - "${branch_specifier}"

     *
     * @param req
     *            The request being serviced.
     * @param resp
     *            The response.
     * @param challenge
     *            The domain controller challenge.
     * @return credentials passed in the servlet request
     * @throws IOException
     *             If an IO error occurs.
     */

        }

    }

    /**
     * Resolves the SPNEGO credential to a user entity.
     *
     * This method handles the resolution of SPNEGO credentials by checking
     * if the user is an admin user or needs to be authenticated through LDAP.
     *
     * @param resolver The credential resolver to use for user lookup
     */
    @Override

        // Use a fresh context to avoid affecting previous tests
        CIFSContext ctx2 = mock(CIFSContext.class);
        Configuration config2 = mock(Configuration.class);
        Credentials creds2 = mock(Credentials.class);
        NameServiceClient nsc2 = mock(NameServiceClient.class);
        when(ctx2.getConfig()).thenReturn(config2);
        when(ctx2.getCredentials()).thenReturn(creds2);

    /**
     * GCS project ID.
     * Google Cloud project ID for GCS storage.
     */
    @Size(max = 200)
    public String storageProjectId;

    /**
     * Storage credentials file path for GCS.
     * Path to the service account credentials JSON file.
     */
    @Size(max = 1000)
    public String storageCredentialsPath;