GitLab merge request decoration doesn't work with encrypted token (developer edition 8.4.1)


I have a SonarQube Developer Edition 8.4.1 instance which analyzes private projects on I’ve created a GitLab account with Reporter access to said projects, and generated a Personal Access token for that user.

When I setup merge request decoration by entering that token in cleartext, everything works just fine. On the other hand, if I encrypt it using the secret key of the instance, and enter the encrypted token like this:


then the decoration fails wth the warning:

Merge Request decoration failed. Please check your configuration and the connectivity to GitLab

Is the encrypted form not supported here? It would be nice if it were, I don’t like too much storing cleartext access to a user which basically has read access to all of the repositories of my organization (especially in the SonarQube database backups).


Hi, indeed encryption is not supported here. Your post has been moved to the Suggest new features category.

Hi, thanks for your reply.

Do you think it has a chance to be implemented, say, before next LTS release for instance?


I’ve created a feature request ticket for this. Feel free to watch and vote. Neither Pierre nor I can make any promises, but IMO this makes sense & I’m going to keep my fingers crossed.



Thanks, I’ll do that and hope for the best :slightly_smiling_face: