Gitlab MCP Server

เซิร์ฟเวอร์ Model Context Protocol (MCP) สำหรับ GitLab — เปิดเผยการดำเนินการ API REST และ GraphQL ของ GitLab จำนวน 1006 รายการเป็นเครื่องมือ MCP (28 เมตา-เครื่องมือ / 43 องค์กร), 24 ทรัพยากร, 38 พรอมต์, และ 17 ประเภทการเติมเต็มสำหรับผู้ช่วย AI เขียนด้วยภาษา Go, ไบนารีสแตติกเดี่ยว, การขนส่งแบบ stdio และ HTTP

เอกสาร

GitLab MCP Server — let your AI assistant drive GitLab in plain language

GitLab MCP Server

GitHub Release License: MIT Platform Quality Gate Coverage Glama MCP Score

Connect your AI assistant to GitLab so it can review merge requests, triage pipelines, manage issues, and draft releases — in plain language. One static binary (or a container), 1000+ GitLab tools over the full REST + GraphQL API, working with Claude, Cursor, VS Code, and any MCP client.

You talk to your AI assistant; it does the GitLab work. No project IDs, API endpoints, or JSON to remember.

"Review merge request !15 — is it safe to merge?" · "Why did the last pipeline fail?" · "List open issues assigned to me" · "Generate release notes from v1.0 to v2.0"


🤖 Using an AI assistant? Give it this repository URL and ask it to install the server for your client. Everything a model needs to do it headlessly — the declarative per-client config, claude mcp add one-liners, and defaults — is in llms.txt (no interactive wizard required).

Install in 60 seconds

Pick one. Each path ends with you typing a prompt to your assistant.

One-click install

ClientOne-click buttonToken step
VS CodeInstall in VS Codeprompts you (masked)
VS Code InsidersInstall in VS Code Insidersprompts you (masked)
CursorInstall in Cursoredit YOUR_GITLAB_TOKEN
LM StudioAdd to LM Studioedit YOUR_GITLAB_TOKEN
KiroAdd to Kiroedit YOUR_GITLAB_TOKEN

Each button registers the Docker-based server (auto-pulls the image on first run; you need Docker installed). Need a token? Create a Personal Access Token with the api scope. Self-managed GitLab? Add a GITLAB_URL env var in your client's MCP config after install.

Claude Code (claude mcp add)

Docker (no install — pulls the image on first run):

claude mcp add gitlab --env GITLAB_TOKEN=glpat-xxxx --transport stdio \
  -- docker run -i --rm -e GITLAB_TOKEN ghcr.io/jmrplens/gitlab-mcp-server:latest --http=false

Or install the native binary first, then register it:

# Linux/macOS
curl -fsSL https://raw.githubusercontent.com/jmrplens/gitlab-mcp-server/main/scripts/install.sh | sh
# Windows (PowerShell)
irm https://raw.githubusercontent.com/jmrplens/gitlab-mcp-server/main/scripts/install.ps1 | iex

claude mcp add gitlab --env GITLAB_TOKEN=glpat-xxxx -- gitlab-mcp-server

Self-managed GitLab? Add --env GITLAB_URL=https://gitlab.example.com (and --env GITLAB_SKIP_TLS_VERIFY=true for self-signed certs).

Guided setup (any client, no flags to remember)

The binary ships a setup wizard that collects your GitLab token and configures your MCP client for you — ideal if you'd rather not edit JSON:

gitlab-mcp-server --setup

It auto-detects VS Code, Claude Desktop, Claude Code, Cursor, and Windsurf and writes the right config. On Windows, double-click the .exe to launch it.

Manual JSON (Claude Desktop, Cursor, VS Code, …)

Show JSON config for native binary and Docker

Native binary (Claude Desktop mcpServers, Cursor, etc.):

{
  "mcpServers": {
    "gitlab": {
      "command": "/path/to/gitlab-mcp-server",
      "env": { "GITLAB_TOKEN": "glpat-xxxxxxxxxxxxxxxxxxxx" }
    }
  }
}

VS Code (.vscode/mcp.json, note servers + type):

{
  "servers": {
    "gitlab": {
      "type": "stdio",
      "command": "/path/to/gitlab-mcp-server",
      "env": { "GITLAB_TOKEN": "glpat-xxxxxxxxxxxxxxxxxxxx" }
    }
  }
}

Docker variant — replace "command"/"args" with:

"command": "docker",
"args": ["run", "-i", "--rm", "-e", "GITLAB_TOKEN", "ghcr.io/jmrplens/gitlab-mcp-server:latest", "--http=false"]

For a shared, long-running HTTP deployment instead of per-user stdio, see HTTP Server Mode.

Then just ask: open your AI client and try "List my GitLab projects." See the Getting Started guide for per-client details and more example prompts.


Why this server

  • 🗣️ Plain-language GitLab. The AI translates "is MR !15 safe to merge?" into the right API calls. You don't touch endpoints, IDs, or JSON.
  • 🧰 The whole platform — 1000+ tools. Broad GitLab REST v4 + GraphQL coverage: projects, branches, tags, releases, merge requests, issues, pipelines, jobs, groups, users, wikis, environments, deployments, packages, container registry, runners, feature flags, CI/CD variables, security, admin, tokens, and more.
  • 🪶 Low-token by default. The default dynamic surface exposes just 2 tools (find + execute) while reaching the full catalog — so it fits any client's context window. (Token footprint →)
  • Proven with real models. An automated evaluator runs Anthropic, Google, OpenAI, and Qwen against live GitLab instances: 99.5% aggregate success across thousands of operations. (Results →)
  • 🔒 Safe by design. Read-only mode, safe mode (dry-run preview of every mutation), TLS options for self-hosted GitLab, and continuous SonarCloud quality/security gates.
  • 🖥️ Runs anywhere. One static binary or container; Windows, Linux & macOS; amd64 & arm64; stdio (desktop) and HTTP (remote).
More: resources, prompts, and capabilities
  • 45 MCP resources (read-only data: projects, issues, pipelines, MRs, branches, members, the surface-aware gitlab://tools manifest, and workflow best-practice guides).
  • 37 MCP prompts (code review, pipeline status, risk assessment, release notes, standup, analytics, audit, and more).
  • 4 elicitation wizards (interactive issue/MR/release/project creation).
  • 3 MCP capabilities (completions, progress, elicitation) and 50 SVG tool icons for visual identification in MCP clients.
  • Pagination on every list endpoint with full metadata.

Tool surfaces

The server can present GitLab in three shapes, controlled by TOOL_SURFACE. The default needs no configuration.

SurfaceVisible toolsBest for
Dynamic (default)2 (gitlab_find_action, gitlab_execute_action)Lowest token cost; reaches the full catalog via find/execute.
Meta-tools (meta)32 base / 48 Premium / 49 GitLab.com EnterpriseDomain-grouped dispatchers with an action parameter.
Individual (individual)~862 Free/CE · ~999 Premium · 1062–1068 UltimateOne MCP tool per GitLab operation; needs a large context window.

Tool counts scale with your GitLab edition (GITLAB_TIER); higher tiers expose more actions. See Dynamic Toolset and Meta-Tools Reference for the ranking model, safety guards, and full catalogs. For dynamic runs where resources dominate context, set CAPABILITY_SURFACE=minimal.

Token Footprint

Measured with go run ./cmd/audit_tokens/ -footprint against the current catalog. Totals estimate startup context visible to an MCP client: visible tool schemas plus shared resources and prompts, using the cl100k_base tokenizer (GPT-4/GPT-3.5 encoding). For the full matrix (meta and individual surfaces, all META_PARAM_SCHEMA modes), see Token Footprint Reference.

Default configuration: with TOOL_SURFACE unset or TOOL_SURFACE=dynamic, CAPABILITY_SURFACE=full, META_TOOLS unset, META_PARAM_SCHEMA=opaque, and GITLAB_TIER unset (detected, fallback free), the server uses the dynamic find/execute surface. Use TOOL_SURFACE=meta only when you explicitly want domain meta-tools; use TOOL_SURFACE=individual only when your client can handle the full tool catalog.

Configuration (TOOL_SURFACE / CAPABILITY_SURFACE)TierVisible toolsReachable actionsMETA_PARAM_SCHEMATool schema tokensShared tokensTotal tokens
dynamic / full (default)Free/CE2865n/a2,18031,75833,938
dynamic / minimalFree/CE2865n/a2,1801,0883,268
dynamic / full (default)Premium21,003n/a2,18031,75833,938
dynamic / minimalPremium21,003n/a2,1801,0883,268
dynamic / full (default)Ultimate21,066n/a2,18031,75833,938
dynamic / minimalUltimate21,066n/a2,1801,0883,268

Rows use the base Community Edition catalog unless the Tier column says otherwise. GITLAB_TIER controls which actions are available; higher tiers expose more tools and thus more reachable actions.

Compatibility

MCP CapabilitySupport
ToolsUp to 1068 individual / 32–49 meta
Resources45 (static + templates)
Prompts37 templates
CompletionsProject, user, group, branch, tag
LoggingStructured (text/JSON) to stderr
ProgressTool execution progress reporting
Elicitation4 interactive creation wizards

Tested with: VS Code + GitHub Copilot, Claude Desktop, Claude Code, Cursor, Windsurf, JetBrains IDEs, Zed, Kiro, Cline. See the full Compatibility Matrix.

AI Model Tool-Use Evaluation

The project includes an automated evaluator for model-facing MCP quality. It runs schema-only checks against the tool catalog or executes validated model tool calls through MCP against Docker GitLab CE or licensed Enterprise instances populated with fixtures. It measures whether each model chooses the correct action, sends valid parameters, recovers from actionable GitLab errors, and respects destructive-action safeguards — across Anthropic, Google, OpenAI, and Qwen.

Current published result: Docker CE dynamic 20260627-232303.

ProviderModelCompatibilityTool accuracyRecoveryDocker live status
Anthropicclaude-haiku-4-5-20251001OK100.0%100.0% (2/2)100.0% final across 555 ops
Googlegemini-flash-latestOK100.0%100.0% (4/4)100.0% final across 555 ops
OpenAIgpt-5.4-nanoReview99.3%84.6% (11/13)98.0% final across 555 ops
Qwenqwen3.6-flashOK100.0%100.0% (5/5)100.0% final across 555 ops

The published model-evaluation set covers 596 task attempts and 2220 expected MCP operations. Across the selected reports, models emitted 2265 tool calls over 2265 model requests, with 99.5% aggregate final success. See AI Model Evaluation Results for the detailed current matrix.

Enterprise meta & dynamic evaluation results

Current published result: Docker Enterprise meta 20260527.

ProviderModelCompatibilityTool accuracyRecoveryDocker live status
Anthropicclaude-haiku-4-5-20251001OK100.0%100.0% (1/1)100.0% final across 84 ops
Googlegemini-flash-latestReview78.2%100.0% (7/7)100.0% final across 84 ops
OpenAIgpt-5.4-nanoReview100.0%100.0% (4/4)100.0% final across 84 ops
Qwenqwen3.6-flashOK100.0%100.0% (1/1)100.0% final across 84 ops

The published model-evaluation set covers 92 task attempts and 336 expected MCP operations. Across the selected reports, models emitted 345 tool calls over 350 model requests, with 100.0% aggregate final success. See AI Model Evaluation Results for the detailed current matrix.

Current published result: Docker Enterprise dynamic 20260628-015421.

ProviderModelCompatibilityTool accuracyRecoveryDocker live status
Anthropicclaude-haiku-4-5-20251001OK100.0%100.0% (1/1)100.0% final across 202 ops
Googlegemini-flash-latestOK100.0%100.0% (2/2)100.0% final across 202 ops
OpenAIgpt-5.4-nanoOK100.0%No repairs100.0% final across 202 ops
Qwenqwen3.6-flashOK100.0%100.0% (1/1)100.0% final across 202 ops

The published model-evaluation set covers 124 task attempts and 808 expected MCP operations. Across the selected reports, models emitted 817 tool calls over 817 model requests, with 100.0% aggregate final success. See AI Model Evaluation Results for the detailed current matrix.

Documentation

Full documentation is at jmrplens.github.io/gitlab-mcp-server. Use this map for the source-of-truth reference on a specific area:

DocumentDescription
Getting StartedDownload, setup wizard, per-client configuration
IDE ConfigurationPer-client stdio, HTTP legacy, and HTTP OAuth examples
ConfigurationEnvironment variables, transport modes, TLS
Environment VariablesExhaustive environment variable table with defaults and examples
CLI ReferenceAll command-line flags, exit codes, and runtime examples
HTTP Server ModeShared HTTP deployments, authentication, server pool isolation
Tools ReferenceAll individual tools with input/output schemas, including GitLab.com-only Orbit
Meta-Tools32/48/49 domain meta-tools with action dispatching
Dynamic Toolset2-tool low-token mode with canonical action catalog, safety model, and examples
ResourcesAll 45 resources with URI templates
PromptsAll 37 prompts with arguments and output format
Auto-UpdateSelf-update mechanism, modes, and release format
TestingUnit, E2E, schema model evaluation, Docker model evaluation, and curated model results
SecuritySecurity model, token scopes, input validation
ArchitectureSystem architecture, component design, data flow
Development GuideBuilding, testing, CI/CD, contributing
TroubleshootingCommon startup, token, TLS, transport, and tool-discovery issues

FAQ

Does it work with self-hosted GitLab?

Yes. Set GITLAB_URL to your instance URL. When GITLAB_URL is omitted, stdio mode uses https://gitlab.com. Self-signed TLS certificates are supported via GITLAB_SKIP_TLS_VERIFY=true.

Is my data safe?

The server runs locally on your machine (stdio mode) or on your own infrastructure (HTTP mode). No data is sent to third parties — all API calls go directly to your GitLab instance. See SECURITY.md for details.

Can I use it in read-only mode?

Yes. Set GITLAB_READ_ONLY=true to disable all mutating tools (create, update, delete). Only read operations will be available.

Alternatively, set GITLAB_SAFE_MODE=true for a dry-run mode: mutating tools remain visible but return a structured JSON preview instead of executing. Useful for auditing, training, or reviewing what an AI assistant would do.

What GitLab editions are supported?

Both Community Edition (CE) and Enterprise Edition (EE). Set GITLAB_TIER=premium or GITLAB_TIER=ultimate in stdio mode to enable additional tools for Premium/Ultimate features (DORA metrics, vulnerabilities, compliance, etc.); leave it unset to detect the tier from the instance license (fallback free). In HTTP mode, --tier can force the tier, otherwise it is detected per token+URL pool entry from the license.

How does it handle rate limiting?

The server includes retry logic with backoff for GitLab API rate limits. Errors are classified as transient (retryable) or permanent, with actionable hints in error messages.

Which AI clients are supported?

Any MCP-compatible client: VS Code + GitHub Copilot, Claude Desktop, Cursor, Claude Code, Windsurf, JetBrains IDEs, Zed, Kiro, and others. The built-in setup wizard can auto-configure most clients.

Building from Source

git clone https://github.com/jmrplens/gitlab-mcp-server.git
cd gitlab-mcp-server
make build

The published container image is ghcr.io/jmrplens/gitlab-mcp-server:latest. See the Development Guide for cross-compilation, Docker Compose, and contributing guidelines.

ComponentTechnology
LanguageGo 1.26+
MCP SDKgithub.com/modelcontextprotocol/go-sdk v1.6.1
GitLab Clientgitlab.com/gitlab-org/api/client-go/v2 v2.43.0
Transportstdio (default), HTTP (Streamable HTTP)

Contributing & Security

Repository mirror: GitHub is the canonical repository. A read-only mirror is available on GitLab.com for discoverability; please open contributions on GitHub.

Unnecessary statistics — numbers nobody asked for

File counts

CategoryFilesLines
Source (.go, non-test)950192,000
Unit tests (_test.go)519292,607
End-to-end tests14235,177
Total1,611519,784

Functions

CategoryCount
Source functions7,321
— exported (public)2,557
— unexported (private)4,764
Unit test functions (TestXxx)11,315
Subtests (t.Run(...))2,634
End-to-end test functions286

Ratios worth noting

ObservationValue
Test lines vs source lines1.52× more tests than code
Average source file length~202 lines
Average test file length~563 lines
Comment lines in source20,494 (~10.7% of source)
Test functions per source function1.5×

Code patterns

PatternCount
if err != nil checks6,554
defer statements706
struct types defined2,709
//nolint suppressions179
TODO / FIXME / HACK comments2

Project

MetricValue
Go packages224
Direct dependencies (go.mod)13
Indirect dependencies50
Git commits217
Unique contributors4

Hall of fame

RecordFile
Longest source fileinternal/tools/projects/projects.go — 3,818 lines
Longest test fileinternal/tools/projects/projects_test.go — 7,931 lines

Because why not

FactValue
Source code printed at 55 lines/page~3,490 pages of A4
Source lines mentioning "gitlab"12,399 (impossible to avoid)
Longest function name in sourceassertDynamicCompatibilityPolicyOwnedByActionCompat (51 chars)
Longest test function nameTestRequiredMissingAndUnknownParamNames_SchemaValidation_ReturnsSortedMissingAndUnknown (87 chars)