Gitlab MCP Server
Model Context Protocol (MCP) server for GitLab — exposes 1006 GitLab REST & GraphQL API operations as MCP tools (28 meta-tools / 43 enterprise), 24 resources, 38 prompts, and 17 completion types for AI assistants. Written in Go, single static binary, stdio and HTTP transport.
GitLab MCP Server
A Model Context Protocol (MCP) server that exposes the entire GitLab API as MCP tools, resources, and prompts for AI assistants. Single static binary — zero dependencies.
Security first: Continuously monitored on SonarCloud with quality gates, coverage, and security scanning. Supports read-only mode, safe mode (dry-run preview), and self-hosted GitLab with TLS verification.
Highlights
- 1006 MCP tools — complete GitLab REST API v4 coverage across 162 domain sub-packages: projects, branches, tags, releases, merge requests, issues, pipelines, jobs, groups, users, wikis, environments, deployments, packages, container registry, runners, feature flags, CI/CD variables, templates, admin settings, access tokens, deploy keys, and more
- 28 meta-tools (43 with
GITLAB_ENTERPRISE=true) — domain-grouped dispatchers that reduce token overhead for LLMs (optional, enabled by default). 15 additional enterprise meta-tools available for Premium/Ultimate features - 11 sampling actions — LLM-assisted code review, issue analysis, pipeline failure diagnosis, security review, release notes, milestone reports, and more via
gitlab_analyzemeta-tool (MCP sampling capability) - 4 elicitation tools — interactive creation wizards (issue, MR, release, project) with step-by-step user prompts
- 24 MCP resources — read-only data: user, groups, group members, group projects, projects, issues, pipelines, members, labels, milestones, branches, MRs, releases, tags, workspace roots, and 5 workflow best-practice guides
- 38 MCP prompts — AI-optimized: code review, pipeline status, risk assessment, release notes, standup, workload, user stats, team management, cross-project dashboards, analytics, milestones, audit
- 6 MCP capabilities — logging, completions, roots, progress, sampling, elicitation
- 44 tool icons — SVG data-URI icons on all tools, resources, and prompts for visual identification in MCP clients
- Pagination on all list endpoints with metadata (total items, pages, next/prev)
- Transports: stdio (default for desktop AI) and HTTP (Streamable HTTP for remote clients)
- Cross-platform: Windows, Linux & macOS, amd64 & arm64
- Self-hosted GitLab with self-signed TLS certificate support
Example Prompts
Once connected, just talk to your AI assistant in natural language:
"List my GitLab projects" "Show me open merge requests in my-app" "Create a merge request from feature-login to main" "Review merge request !15 — is it safe to merge?" "List open issues assigned to me" "What's the pipeline status for project 42?" "Why did the last pipeline fail?" "Generate release notes from v1.0 to v2.0"
The server handles the translation from natural language to GitLab API calls. You do not need to know project IDs, API endpoints, or JSON syntax — the AI assistant figures that out for you. See Usage Examples for more scenarios.
Quick Start
1. Download
Download the latest binary for your platform from GitHub Releases and make it executable:
chmod +x gitlab-mcp-server-* # Linux/macOS only
2. Configure your MCP client
Recommended: Run the built-in setup wizard — it configures your GitLab connection and MCP client in one step:
./gitlab-mcp-server --setup
Tip: The wizard supports Web UI, Terminal UI, and plain CLI modes. On Windows, double-click the
.exeto launch the wizard automatically.
Or configure manually — expand your client below:
VS Code (GitHub Copilot)
Add to .vscode/mcp.json in your workspace:
{
"servers": {
"gitlab": {
"type": "stdio",
"command": "/path/to/gitlab-mcp-server",
"env": {
"GITLAB_URL": "https://gitlab.example.com",
"GITLAB_TOKEN": "glpat-xxxxxxxxxxxxxxxxxxxx"
}
}
}
}
Claude Desktop
Add to claude_desktop_config.json:
{
"mcpServers": {
"gitlab": {
"command": "/path/to/gitlab-mcp-server",
"env": {
"GITLAB_URL": "https://gitlab.example.com",
"GITLAB_TOKEN": "glpat-xxxxxxxxxxxxxxxxxxxx"
}
}
}
}
Cursor
Add to .cursor/mcp.json:
{
"mcpServers": {
"gitlab": {
"command": "/path/to/gitlab-mcp-server",
"env": {
"GITLAB_URL": "https://gitlab.example.com",
"GITLAB_TOKEN": "glpat-xxxxxxxxxxxxxxxxxxxx"
}
}
}
}
Claude Code
claude mcp add gitlab /path/to/gitlab-mcp-server \
-e GITLAB_URL=https://gitlab.example.com \
-e GITLAB_TOKEN=glpat-xxxxxxxxxxxxxxxxxxxx
Windsurf
Add to ~/.codeium/windsurf/mcp_config.json:
{
"mcpServers": {
"gitlab": {
"command": "/path/to/gitlab-mcp-server",
"env": {
"GITLAB_URL": "https://gitlab.example.com",
"GITLAB_TOKEN": "glpat-xxxxxxxxxxxxxxxxxxxx"
}
}
}
}
JetBrains IDEs
Add to the MCP configuration in Settings → Tools → AI Assistant → MCP Servers:
{
"servers": {
"gitlab": {
"type": "stdio",
"command": "/path/to/gitlab-mcp-server",
"env": {
"GITLAB_URL": "https://gitlab.example.com",
"GITLAB_TOKEN": "glpat-xxxxxxxxxxxxxxxxxxxx"
}
}
}
}
Zed
Add to Zed settings (settings.json):
{
"context_servers": {
"gitlab": {
"command": "/path/to/gitlab-mcp-server",
"args": [],
"env": {
"GITLAB_URL": "https://gitlab.example.com",
"GITLAB_TOKEN": "glpat-xxxxxxxxxxxxxxxxxxxx"
}
}
}
}
Kiro
Add to .kiro/settings/mcp.json:
{
"mcpServers": {
"gitlab": {
"command": "/path/to/gitlab-mcp-server",
"args": [],
"env": {
"GITLAB_URL": "https://gitlab.example.com",
"GITLAB_TOKEN": "glpat-xxxxxxxxxxxxxxxxxxxx"
}
}
}
}
3. Verify
Open your AI client and try:
"List my GitLab projects"
See the Getting Started guide for detailed setup instructions.
Tool Modes
Two registration modes, controlled by the META_TOOLS environment variable:
| Mode | Tools | Description |
|---|---|---|
| Meta-Tools (default) | 28 base / 43 enterprise | Domain-grouped dispatchers with action parameter. Lower token usage. |
| Individual | 1006 | Every GitLab operation as a separate MCP tool. |
Meta-tool summary:
| Meta-Tool | Actions | Description |
|---|---|---|
gitlab_access | 48 | Manage GitLab access credentials: access tokens (project/group/personal), deploy tokens, deploy keys, access requests, and invitations. |
gitlab_admin | 82 | GitLab instance administration: topics, settings, appearance, broadcast messages, features, licenses, system hooks, Sidekiq metrics, plan limits, usage data, migrations, OAuth apps, metadata, custom attributes, error tracking, secure files, Terraform states, cluster agents, dependency proxy, and imports. |
gitlab_analyze | 11 | LLM-assisted analysis of GitLab data via MCP sampling. |
gitlab_branch | 11 | CRUD and protect Git branches. |
gitlab_ci_catalog | 2 | Discover and inspect CI/CD Catalog resources: reusable pipeline components and templates (Premium/Ultimate, GraphQL). |
gitlab_ci_variable | 15 | Manage GitLab CI/CD variables at instance, group, and project scope. |
gitlab_custom_emoji | 3 | CRUD group-level custom emoji via GraphQL (Premium/Ultimate). |
gitlab_discover_project | 0 | Resolve a git remote URL to a GitLab project. |
gitlab_environment | 23 | Manage GitLab environments, protected environments, deployment freeze periods, and deployment records. |
gitlab_feature_flags | 10 | CRUD GitLab feature flags and feature flag user lists (named sets of user IDs). |
gitlab_group | 130 | Manage GitLab groups: CRUD, subgroups, members, labels, milestones, webhooks, badges, boards, uploads, and import/export. |
gitlab_issue | 63 | Manage GitLab issues: CRUD, notes, discussions, links, time tracking, work items, award emoji, statistics, and resource events. |
gitlab_job | 25 | Manage GitLab CI/CD jobs: list, get, retry, cancel, erase, play manual jobs, wait for completion, download artifacts/logs, and manage CI/CD job token scope. |
gitlab_merge_request | 53 | Manage GitLab merge requests: create, list, get, update, merge, approve, rebase, delete. |
gitlab_model_registry | 1 | Download ML model package files from GitLab Model Registry (Premium/Ultimate). |
gitlab_mr_review | 22 | Review and comment on GitLab merge requests: notes, threaded discussions, code diffs, draft notes (batch review), and diff versions. |
gitlab_package | 24 | Manage GitLab package registry, container registry, and protection rules. |
gitlab_pipeline | 33 | Manage GitLab CI/CD pipelines: list, get, create, retry, cancel, delete, and wait for completion. |
gitlab_project | 122 | Manage GitLab projects: CRUD, settings, members, labels, milestones, webhooks, badges, boards, integrations, uploads, Pages, avatars, approval rules, mirrors, and import/export. |
gitlab_release | 12 | CRUD GitLab releases and release asset links (binaries, downloads). |
gitlab_repository | 40 | Browse and manage GitLab repository content: file tree, read/write/delete files, commits, diffs, cherry-pick, revert, blame, compare branches, contributors, archives, changelogs, submodules, render markdown, and commit discussions. |
gitlab_runner | 34 | Manage CI/CD runners: CRUD, project/group assignment, registration, token resets, and runner controllers (admin, experimental). |
gitlab_search | 10 | Search GitLab by scope. |
gitlab_snippet | 34 | Manage GitLab snippets (personal and project-scoped): CRUD, raw content, file content, discussions, notes, and award emoji. |
gitlab_tag | 9 | Manage Git tags: create, list, get, delete, verify GPG signatures, and protect/unprotect tags. |
gitlab_template | 12 | Browse GitLab templates (gitignores, CI/CD YAML, Dockerfiles, licenses, project templates) and lint CI configuration. |
gitlab_user | 74 | Manage GitLab users: CRUD, SSH/GPG keys, emails, PATs, impersonation tokens, status, todos, events, notifications, namespaces, and avatars. |
gitlab_wiki | 6 | CRUD and upload attachments to GitLab project wiki pages. |
gitlab_attestation 🏢 | 2 | List and download build attestations (SLSA provenance) for project artifacts. |
gitlab_audit_event 🏢 | 6 | List and get GitLab audit events at instance, group, and project levels for compliance tracking. |
gitlab_compliance_policy 🏢 | 2 | Get and update admin compliance policy settings (CSP namespace configuration). |
gitlab_dependency 🏢 | 4 | List project dependencies and create/download SBOM exports (CycloneDX). |
gitlab_dora_metrics 🏢 | 2 | Get DORA metrics: deployment frequency, lead time, MTTR, change failure rate. |
gitlab_enterprise_user 🏢 | 4 | Manage enterprise users for a GitLab group: list, get, disable 2FA, delete. |
gitlab_external_status_check 🏢 | 14 | Manage external status checks for MRs and projects. |
gitlab_geo 🏢 | 8 | Manage Geo replication sites: CRUD, repair OAuth, and check replication status (admin, Premium/Ultimate). |
gitlab_group_scim 🏢 | 4 | Manage SCIM identities for GitLab group provisioning. |
gitlab_member_role 🏢 | 6 | Manage custom member roles at instance or group level. |
gitlab_merge_train 🏢 | 4 | Manage GitLab merge trains (automated merge queues). |
gitlab_project_alias 🏢 | 4 | CRUD project aliases: short names that redirect to projects (admin, Premium/Ultimate). |
gitlab_security_finding 🏢 | 1 | List pipeline security report findings via GraphQL (Premium/Ultimate). |
gitlab_storage_move 🏢 | 18 | Manage repository storage moves for projects, groups, and snippets (admin only). |
gitlab_vulnerability 🏢 | 8 | List, triage, and summarize project vulnerabilities (Premium/Ultimate, GraphQL). |
28 base / 43 with enterprise meta-tools. See Meta-Tools Reference for the complete list with actions and examples.
Compatibility
| MCP Capability | Support |
|---|---|
| Tools | 1006 individual / 28–43 meta |
| Resources | 24 (static + templates) |
| Prompts | 38 templates |
| Completions | Project, user, group, branch, tag |
| Logging | Structured (text/JSON) + MCP notifications |
| Progress | Tool execution progress reporting |
| Sampling | 11 LLM-powered analysis actions via gitlab_analyze |
| Elicitation | 4 interactive creation wizards |
| Roots | Workspace root tracking |
Tested with: VS Code + GitHub Copilot, Claude Desktop, Claude Code, Cursor, Windsurf, JetBrains IDEs, Zed, Kiro.
See the full Compatibility Matrix for detailed client support.
Documentation
Full documentation is available at jmrplens.github.io/gitlab-mcp-server.
| Document | Description |
|---|---|
| Getting Started | Download, setup wizard, per-client configuration |
| Configuration | Environment variables, transport modes, TLS |
| Tools Reference | All 1006 individual tools with input/output schemas |
| Meta-Tools | 28/43 domain meta-tools with action dispatching |
| Resources | All 24 resources with URI templates |
| Prompts | All 38 prompts with arguments and output format |
| Auto-Update | Self-update mechanism, modes, and release format |
| Security | Security model, token scopes, input validation |
| Architecture | System architecture, component design, data flow |
| Development Guide | Building, testing, CI/CD, contributing |
Tech Stack
| Component | Technology |
|---|---|
| Language | Go 1.26+ |
| MCP SDK | github.com/modelcontextprotocol/go-sdk v1.5.0 |
| GitLab Client | gitlab.com/gitlab-org/api/client-go/v2 v2.20.1 |
| Transport | stdio (default), HTTP (Streamable HTTP) |
Building from Source
git clone https://github.com/jmrplens/gitlab-mcp-server.git
cd gitlab-mcp-server
make build
See the Development Guide for cross-compilation and contributing guidelines.
Docker
docker pull ghcr.io/jmrplens/gitlab-mcp-server:latest
# Single-instance mode (default GitLab URL for all clients)
docker run -d --name gitlab-mcp-server -p 8080:8080 \
-e GITLAB_URL=https://gitlab.example.com \
-e GITLAB_SKIP_TLS_VERIFY=true \
ghcr.io/jmrplens/gitlab-mcp-server:latest
# Multi-instance mode (clients send GITLAB-URL header per request)
docker run -d --name gitlab-mcp-server -p 8080:8080 \
ghcr.io/jmrplens/gitlab-mcp-server:latest
Clients authenticate via PRIVATE-TOKEN or Authorization: Bearer headers, and can optionally send a GITLAB-URL header to target a specific GitLab instance. See HTTP Server Mode and Docker documentation for Docker Compose and configuration options.
FAQ
Does it work with self-hosted GitLab?
Yes. Set GITLAB_URL to your instance URL. Self-signed TLS certificates are supported via GITLAB_SKIP_TLS_VERIFY=true.
Is my data safe?
The server runs locally on your machine (stdio mode) or on your own infrastructure (HTTP mode). No data is sent to third parties — all API calls go directly to your GitLab instance. See SECURITY.md for details.
Can I use it in read-only mode?
Yes. Set GITLAB_READ_ONLY=true to disable all mutating tools (create, update, delete). Only read operations will be available.
Alternatively, set GITLAB_SAFE_MODE=true for a dry-run mode: mutating tools remain visible but return a structured JSON preview instead of executing. Useful for auditing, training, or reviewing what an AI assistant would do.
What GitLab editions are supported?
Both Community Edition (CE) and Enterprise Edition (EE). Set GITLAB_ENTERPRISE=true to enable 15 additional tools for Premium/Ultimate features (DORA metrics, vulnerabilities, compliance, etc.).
How does it handle rate limiting?
The server includes retry logic with backoff for GitLab API rate limits. Errors are classified as transient (retryable) or permanent, with actionable hints in error messages.
Which AI clients are supported?
Any MCP-compatible client: VS Code + GitHub Copilot, Claude Desktop, Cursor, Claude Code, Windsurf, JetBrains IDEs, Zed, Kiro, and others. The built-in setup wizard can auto-configure most clients.
Contributing
See CONTRIBUTING.md for development guidelines, branch naming, commit conventions, and pull request process.
Security
See SECURITY.md for the security policy and vulnerability reporting.
Code of Conduct
See CODE_OF_CONDUCT.md. This project follows the Contributor Covenant v2.1.
Related Servers
Scout Monitoring MCP
sponsorPut performance and error data directly in the hands of your AI assistant.
Alpha Vantage MCP Server
sponsorAccess financial market data: realtime & historical stock, ETF, options, forex, crypto, commodities, fundamentals, technical indicators, & more
Replicate Minimax Image-01
Generate images using the minimax/image-01 model on Replicate.
MCP Rust CLI server template
A Rust template for creating MCP CLI servers, with support for JSON-based prompts, resources, and tools.
Sentry
Retrieve and analyze issues, error reports, and debugging information from Sentry.io.
Postman MCP Server
Interact with the Postman API via an MCP server. Requires a Postman API key.
TMUX
Lets agents create sessions, split panes, run commands, and capture output with TMUX
Fossil MCP
The code quality toolkit for the vibe coding era.
Bruno MCP Server
Execute Bruno collections using the Bruno CLI, with support for environment files and detailed test results.
Clay MCP Server
An MCP server for interacting with the Clay API, which requires a Clay API key.
AiDex
Persistent code index using Tree-sitter for fast, precise code search. Replaces grep with ~50 token responses instead of 2000+.
SuperCollider MCP Server
An MCP server for the SuperCollider programming language that executes synths using supercolliderjs.