Encrypt username and password when using Elasticsearch integration

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Close this issue

Problem to solve

Prevent usernames and passwords from being sent in plaintext when connecting to Elasticsearch using the Elasticsearch integration. Currently, when Elasticsearch requires authentication, we pass the username and password in the URL (http://<username>:<password>@<elastic_host>:9200/).

Proposal

Encrypt the username and password in the Elasticsearch connection.

Documentation

https://docs.gitlab.com/ee/integration/elasticsearch.html#enabling-elasticsearch

What does success look like, and how can we measure that?

Username and password are encrypted when connecting to Elasticsearch.

Links / references

Customer ticket: https://gitlab.zendesk.com/agent/tickets/123802 (internal use)

Edited Aug 27, 2025 by 🤖 GitLab Bot 🤖