gitlab-api
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@gitlab-apishow open merge requests in project my-group/my-project"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Gitlab Api
CLI or API | MCP | Agent
Version: 26.4.0
Documentation — Installation, deployment, usage across the API, CLI, and MCP interfaces, the integrated A2A agent server, and guidance for provisioning the backing GitLab instance are maintained in the official documentation.
Related MCP server: Kepler MCP GitLab Server
Overview
Gitlab Api is a production-grade Agent and Model Context Protocol (MCP) server designed to interface directly with GitLab API + MCP Server + A2A Server.
Key Features
Consolidated Action-Routed MCP Tools: Minimizes token overhead and eliminates tool bloat in LLM contexts by grouping methods into optimized, togglable tool modules.
Enterprise-Grade Security: Comprehensive support for Eunomia policies, OIDC token delegation, and granular execution context tracking.
Integrated Graph Agent: Built-in Pydantic AI agent supporting the Agent Control Protocol (ACP) and standard Web interfaces (AG-UI).
Native Telemetry & Tracing: Out-of-the-box OpenTelemetry exports and native Langfuse tracing.
CLI or API
This agent wraps the GitLab API + MCP Server + A2A Server API. You can interact with it programmatically or via its integrated execution entrypoints.
Detailed instructions on how to use the underlying API wrappers, extended schema bindings, and developer SDK references are maintained in docs/index.md.
MCP
This server utilizes dynamic Action-Routed tools to optimize token overhead and maximize IDE compatibility.
Tool surface — MCP_TOOL_MODE
Set MCP_TOOL_MODE (in the shared ~/.config/agent-utilities/config.json or env):
condensed (default — the action-routed tools below), verbose (one named 1:1 tool
per API method, e.g. gitlab_get_branches(...), tagged verbose), or both. Filter
the verbose set with --tools tag:verbose / MCP_ENABLED_TAGS=verbose. See the
agent-utilities MCP Tool Modes guide.
Available MCP Tools
Auto-generated from the live MCP server — do not edit by hand.
Condensed action-routed tools (default — MCP_TOOL_MODE=condensed)
MCP Tool | Toggle Env Var | Description |
|
| Execute arbitrary GitLab REST API requests directly. |
|
| Manage gitlab branches operations. |
|
| Manage gitlab commits operations. |
|
| Manage gitlab deploy tokens operations. |
|
| Discover the dynamic GitLab GraphQL schema including types, fields, and custom attributes in real-time. |
|
| Manage gitlab environments operations. |
|
| Manage GitLab epics. |
|
| Execute raw GraphQL queries and mutations natively on GitLab. |
|
| Run a typed GitLab GraphQL operation by name. |
|
| Manage gitlab groups operations. |
|
| Natively ingest GitLab CI pipeline runs (+ jobs) into epistemic-graph. |
|
| Natively ingest GitLab projects into epistemic-graph as typed :Project nodes. |
|
| List the configured GitLab tenants (CONCEPT:AU-KG.backend.declared-columns-so-schema). |
|
| Manage GitLab issues. |
|
| Manage gitlab jobs operations. |
|
| Manage GitLab labels. |
|
| Manage gitlab members operations. |
|
| Manage gitlab merge requests operations. |
|
| Manage gitlab merge rules operations. |
|
| Manage GitLab milestones. |
|
| Manage gitlab namespaces operations. |
|
| Manage GitLab notes/comments on issues, merge requests, commits, and epics. |
|
| Manage gitlab packages operations. |
|
| Manage gitlab pipeline schedules operations. |
|
| Manage gitlab pipelines operations. |
|
| Manage gitlab projects operations. |
|
| Manage gitlab protected branches operations. |
|
| Manage gitlab releases operations. |
|
| Manage gitlab runners operations. |
|
| Manage GitLab snippets. |
|
| Manage gitlab tags operations. |
|
| Manage gitlab users operations. |
|
| Review a project's dependency list and security vulnerabilities (the GitLab counterpart to GitHub Dependabot). |
|
| Manage gitlab wiki operations. |
Verbose 1:1 API-mapped tools (MCP_TOOL_MODE=verbose or both)
MCP Tool | Toggle Env Var | Description |
|
| Accept (merge) a merge request. |
|
| Make a custom API request to the GitLab server. |
|
| Approve a specific merge request. |
|
| Archive a specific project. |
|
| Cancel a merge request's queued "merge when pipeline succeeds" (auto-merge). |
|
| Cancel a specific job within a project. |
|
| Cherry-pick a commit into a new branch. |
|
| Create a new branch in a project. |
|
| Create a new commit. |
|
| Create a comment on a commit. |
|
| Create a new environment for a project. |
|
| Create a new group epic. |
|
| Create a deploy token for a group. |
|
| Create a new issue. |
|
| Create a new label. |
|
| Create a new merge request. |
|
| Create a project milestone. |
|
| Create a new note/comment on an issue. |
|
| Create a pipeline schedule for a specific project. |
|
| Create a variable for a pipeline schedule. |
|
| Create a new project. |
|
| Create a deploy token for a project. |
|
| Create a new project-level merge request approval rule. |
|
| Create a new release in a project. |
|
| Create evidence for a release in a project. |
|
| Create a project snippet or personal snippet. |
|
| Create a tag in a project. |
|
| Create a new user. |
|
| Create a new wiki page for a project. |
|
| Delete a branch in a project. |
|
| Delete an environment for a project. |
|
| Delete a group epic. |
|
| Delete a deploy token for a group. |
|
| Delete an issue. |
|
| Delete a label. |
|
| Delete all merged branches in a project. |
|
| Delete a project milestone. |
|
| Delete a note. |
|
| Delete a pipeline schedule for a specific project. |
|
| Delete a variable from a pipeline schedule. |
|
| Delete a specific project. |
|
| Delete a deploy token for a project. |
|
| Delete a project-level merge request approval rule. |
|
| Delete a runner from a project. |
|
| Delete a release in a project. |
|
| Delete a runner. |
|
| Unshare a specific project from a group. |
|
| Delete a snippet. |
|
| Delete stopped environments (review apps) for a project. |
|
| Delete a tag in a project. |
|
| Delete a user. |
|
| Delete a wiki page for a project. |
|
| Download a release asset from a group's release. |
|
| Download a repository package for a specific project. |
|
| Edit a specific group. |
|
| Edit a group-level merge request approval setting. |
|
| Edit a pipeline schedule for a specific project. |
|
| Edit a specific project. |
|
| Edit a project-level merge request approval setting. |
|
| Enable a runner in a project. |
|
| Erase a specific job within a project. |
|
| Get the approval state of merge requests for a specific project. |
|
| Retrieve information about a specific branch in a project. |
|
| Retrieve information about branches in a project. |
|
| Get a specific commit. |
|
| Get comments on a commit. |
|
| Get the diff of a commit. |
|
| Get discussions on a commit. |
|
| Get GPG signature of a commit. |
|
| Get merge requests associated with a commit. |
|
| Get references of a commit. |
|
| Get statuses of a commit. |
|
| Get commits. |
|
| Get all deploy tokens. |
|
| Get details of a specific environment. |
|
| Get a list of environments for a project. |
|
| Get a specific group epic. |
|
| Get all epics for a group. |
|
| Get details of a specific group. |
|
| Get a specific deploy token for a group. |
|
| Get deploy tokens for a specific group. |
|
| Get descendant groups of a specific group. |
|
| Get the list of issues for a group (and, by default, its subgroups). |
|
| Get details of a group-level merge request approval setting. |
|
| Get members of a specific group. |
|
| Get merge requests associated with a specific group. |
|
| Get projects associated with a specific group. |
|
| Get information about releases in a group. |
|
| Get information about runners in a group. |
|
| Get subgroups of a specific group. |
|
| Get a group's security vulnerability findings (Ultimate). |
|
| Get a list of groups. |
|
| Get a single issue. |
|
| Get list of issues. Can filter by project_id. |
|
| Get a specific label by name. |
|
| Get all labels for a project. |
|
| Get information about the latest release in a project. |
|
| Get the asset for the latest release in a project. |
|
| Get evidence for the latest release in a project. |
|
| Get merge request-level approval rules for a specific project and merge request. |
|
| Get a list of merge requests. |
|
| Get a specific project milestone. |
|
| Get all milestones for a project. |
|
| Get information about a specific namespace. |
|
| Get information about namespaces. |
|
| Get information about nested projects within a group. |
|
| Get a specific note. |
|
| Get all notes for a specific issue. |
|
| Get information about a specific pipeline in a project. |
|
| Get jobs associated with a specific pipeline within a project. |
|
| Get information about a specific pipeline schedule in a project. |
|
| Get pipeline schedules for a specific project. |
|
| Get information about pipelines for a specific project. |
|
| Get pipelines triggered from a specific pipeline schedule. |
|
| Get information about a specific project. |
|
| Get information about contributors to a project. |
|
| Get a project's Dependency List (all detected dependencies). |
|
| Get a specific deploy token for a project. |
|
| Get deploy tokens for a specific project. |
|
| Get groups associated with a specific project. |
|
| Get details of a specific job within a project. |
|
| Get the log of a specific job within a project. |
|
| Get jobs associated with a specific project. |
|
| Get details of a specific project-level merge request approval rule. |
|
| Get project-level merge request approval rules. |
|
| Get details of a project-level merge request approval setting. |
|
| Get members of a specific project. |
|
| Get details of a specific merge request in a project. |
|
| Get merge requests for a specific project. |
|
| Get information about runners in a project. |
|
| Get statistics for a specific project. |
|
| Get a project's security vulnerabilities (Ultimate). |
|
| Get information about projects. |
|
| Get information about a specific protected branch in a project. |
|
| Get information about protected branches in a project. |
|
| Get details of a specific protected environment. |
|
| Get a list of protected environments for a project. |
|
| Get information about a specific protected tag in a project. |
|
| Get information about protected tags in a project. |
|
| Get information about a release by its tag in a project. |
|
| Get information about releases in a project. |
|
| Get information about repository packages for a specific project. |
|
| Get information about a specific runner. |
|
| Get jobs for a specific runner. |
|
| Get information about runners. |
|
| Get a specific snippet. |
|
| Get list of snippets. Can filter by project_id. |
|
| Get information about a specific tag in a project. |
|
| Get information about tags in a project. |
|
| Get information about a specific user. |
|
| Get information about users. |
|
| Get a single vulnerability by its global ID (Ultimate). |
|
| Get a list of wiki pages for a project. |
|
| Get information about a specific wiki page. |
|
| Get approvals for a specific merge request. |
|
| Pause or unpause a specific runner. |
|
| Post build status to a commit. |
|
| Protect a specific branch in a project. |
|
| Protect an environment for a project. |
|
| Protect a tag in a project. |
|
| Publish a repository package for a specific project. |
|
| Register a new runner. |
|
| Require code owner approvals for a specific branch in a project. |
|
| Reset GitLab runner registration token. |
|
| Reset registration token for a group's runner. |
|
| Reset registration token for a project's runner. |
|
| Reset authentication token for a runner. |
|
| Retry a specific job within a project. |
|
| Revert a commit. |
|
| Run a pipeline for a specific project. |
|
| Run a pipeline schedule for a specific project. |
|
| Run a specific job within a project. |
|
| Share a specific project with a group. |
|
| Stop an environment for a project. |
|
| Stop stale environments for a project. |
|
| Take ownership of a pipeline schedule for a specific project. |
|
| Unapprove a specific merge request. |
|
| Unarchive a specific project. |
|
| Unprotect a specific branch in a project. |
|
| Unprotect an environment for a project. |
|
| Unprotect a tag in a project. |
|
| Update an existing environment for a project. |
|
| Update a group epic. |
|
| Update an issue. |
|
| Update an existing label. |
|
| Update a project milestone. |
|
| Update a note. |
|
| Update an existing project-level merge request approval rule. |
|
| Update a protected environment for a project. |
|
| Update information about a release in a project. |
|
| Update details for a specific runner. |
|
| Update a snippet. |
|
| Update an existing user. |
|
| Update an existing wiki page for a project. |
|
| Upload an attachment to a wiki page for a project. |
|
| Verify runner authentication. |
34 action-routed tool(s) (default) · 196 verbose 1:1 tool(s). Each is enabled unless its <DOMAIN>TOOL toggle is set false; MCP_TOOL_MODE selects the surface (condensed default · verbose 1:1 · both). Auto-generated — do not edit.
Detailed tool schemas, parameter shapes, and validation constraints are preserved in docs/mcp.md.
Dynamic Tool Selection & Visibility
This MCP server supports dynamic toolset selection and visibility filtering at runtime. This allows you to restrict the set of exposed tools in order to prevent blowing up the LLM's context window.
You can configure tool filtering via multiple input channels:
CLI Arguments: Pass
--toolsor--toolsets(or their disabled counterparts--disabled-toolsand--disabled-toolsets) during startup.Environment Variables: Define standard environment variables:
MCP_ENABLED_TOOLS/MCP_DISABLED_TOOLSMCP_ENABLED_TAGS/MCP_DISABLED_TAGS
HTTP SSE Request Headers: Pass custom headers during transport initialization:
x-mcp-enabled-tools/x-mcp-disabled-toolsx-mcp-enabled-tags/x-mcp-disabled-tags
HTTP SSE Request Query Parameters: Append query parameters directly to your transport connection URL:
?tools=tool1,tool2?tags=tag1
When query strings or parameters are supplied, an LLM-free Knowledge Graph resolution layer (using DynamicToolOrchestrator) matches query intents against known tool tags, names, or descriptions, with safe fallback and automated 24-hour background cache refreshing.
MCP Configuration Examples
Install the slim
[mcp]extra. All examples installgitlab-api[mcp]— the MCP-server extra that pulls only the FastMCP / FastAPI tooling (agent-utilities[mcp]). It deliberately excludes the heavy agent runtime (pydantic-ai, the epistemic-graph engine,dspy,llama-index), souvx/ container installs are far smaller. Use the full[agent]extra only when you need the integrated Pydantic AI agent.
stdio Transport (local IDEs — Cursor, Claude Desktop, VS Code)
{
"mcpServers": {
"gitlab-mcp": {
"command": "uvx",
"args": [
"--from",
"gitlab-api[mcp]",
"gitlab-mcp"
],
"env": {
"MCP_TOOL_MODE": "condensed",
"BRANCHESTOOL": "True",
"COMMITSTOOL": "True",
"CUSTOM_APITOOL": "True",
"DEPLOY_TOKENSTOOL": "True",
"ENVIRONMENTSTOOL": "True",
"EPICSTOOL": "True",
"GITLAB_TOKEN": "your_gitlab_token_here",
"GITLAB_URL": "https://gitlab.example.com",
"GRAPHQLTOOL": "True",
"GRAPHQL_OPSTOOL": "True",
"GROUPSTOOL": "True",
"ISSUESTOOL": "True",
"JOBSTOOL": "True",
"LABELSTOOL": "True",
"MEMBERSTOOL": "True",
"MERGE_REQUESTSTOOL": "True",
"MERGE_RULESTOOL": "True",
"MILESTONESTOOL": "True",
"MISCTOOL": "True",
"NAMESPACESTOOL": "True",
"NOTESTOOL": "True",
"PACKAGESTOOL": "True",
"PIPELINESTOOL": "True",
"PIPELINE_SCHEDULESTOOL": "True",
"PROJECTSTOOL": "True",
"PROTECTED_BRANCHESTOOL": "True",
"RELEASESTOOL": "True",
"RUNNERSTOOL": "True",
"SNIPPETSTOOL": "True",
"TAGSTOOL": "True",
"USERSTOOL": "True",
"VULNERABILITIESTOOL": "True",
"WIKITOOL": "True"
}
}
}
}Streamable-HTTP Transport (networked / production)
{
"mcpServers": {
"gitlab-mcp": {
"command": "uvx",
"args": [
"--from",
"gitlab-api[mcp]",
"gitlab-mcp",
"--transport",
"streamable-http",
"--port",
"8000"
],
"env": {
"TRANSPORT": "streamable-http",
"HOST": "0.0.0.0",
"PORT": "8000",
"MCP_TOOL_MODE": "condensed",
"BRANCHESTOOL": "True",
"COMMITSTOOL": "True",
"CUSTOM_APITOOL": "True",
"DEPLOY_TOKENSTOOL": "True",
"ENVIRONMENTSTOOL": "True",
"EPICSTOOL": "True",
"GITLAB_TOKEN": "your_gitlab_token_here",
"GITLAB_URL": "https://gitlab.example.com",
"GRAPHQLTOOL": "True",
"GRAPHQL_OPSTOOL": "True",
"GROUPSTOOL": "True",
"ISSUESTOOL": "True",
"JOBSTOOL": "True",
"LABELSTOOL": "True",
"MEMBERSTOOL": "True",
"MERGE_REQUESTSTOOL": "True",
"MERGE_RULESTOOL": "True",
"MILESTONESTOOL": "True",
"MISCTOOL": "True",
"NAMESPACESTOOL": "True",
"NOTESTOOL": "True",
"PACKAGESTOOL": "True",
"PIPELINESTOOL": "True",
"PIPELINE_SCHEDULESTOOL": "True",
"PROJECTSTOOL": "True",
"PROTECTED_BRANCHESTOOL": "True",
"RELEASESTOOL": "True",
"RUNNERSTOOL": "True",
"SNIPPETSTOOL": "True",
"TAGSTOOL": "True",
"USERSTOOL": "True",
"VULNERABILITIESTOOL": "True",
"WIKITOOL": "True"
}
}
}
}Alternatively, connect to a pre-deployed Streamable-HTTP instance by url:
{
"mcpServers": {
"gitlab-mcp": {
"url": "http://localhost:8000/gitlab-mcp/mcp"
}
}
}Deploying the Streamable-HTTP server via Docker:
docker run -d \
--name gitlab-mcp-mcp \
-p 8000:8000 \
-e TRANSPORT=streamable-http \
-e HOST=0.0.0.0 \
-e PORT=8000 \
-e MCP_TOOL_MODE=condensed \
-e BRANCHESTOOL=True \
-e COMMITSTOOL=True \
-e CUSTOM_APITOOL=True \
-e DEPLOY_TOKENSTOOL=True \
-e ENVIRONMENTSTOOL=True \
-e EPICSTOOL=True \
-e GITLAB_TOKEN=your_gitlab_token_here \
-e GITLAB_URL=https://gitlab.example.com \
-e GRAPHQLTOOL=True \
-e GRAPHQL_OPSTOOL=True \
-e GROUPSTOOL=True \
-e ISSUESTOOL=True \
-e JOBSTOOL=True \
-e LABELSTOOL=True \
-e MEMBERSTOOL=True \
-e MERGE_REQUESTSTOOL=True \
-e MERGE_RULESTOOL=True \
-e MILESTONESTOOL=True \
-e MISCTOOL=True \
-e NAMESPACESTOOL=True \
-e NOTESTOOL=True \
-e PACKAGESTOOL=True \
-e PIPELINESTOOL=True \
-e PIPELINE_SCHEDULESTOOL=True \
-e PROJECTSTOOL=True \
-e PROTECTED_BRANCHESTOOL=True \
-e RELEASESTOOL=True \
-e RUNNERSTOOL=True \
-e SNIPPETSTOOL=True \
-e TAGSTOOL=True \
-e USERSTOOL=True \
-e VULNERABILITIESTOOL=True \
-e WIKITOOL=True \
knucklessg1/gitlab-api:mcpAuto-generated from the code-read env surface (MCP_TOOL_MODE + package vars) — do not edit.
Additional Deployment Options
gitlab-api can also run as a local container (Docker / Podman / uv) or be
consumed from a remote deployment. The
Deployment guide has full, copy-paste
mcp_config.json for all four transports — stdio, streamable-http,
local container / uv, and remote URL:
Local container / uv — launch the server from
mcp_config.jsonviauvx,docker run, orpodman run, or point at a local streamable-http container byurl.Remote URL — connect to a server deployed behind Caddy at
http://gitlab-mcp.arpa/mcpusing the"url"key.
Environment Variables
Package environment variables
Variable | Example | Description |
|
| |
|
| |
|
| options: stdio, streamable-http, sse |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| options: none, embedded, remote |
|
| |
|
| |
|
| |
|
| |
|
| verify TLS certs; set False for self-signed homelab instances |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
Inherited agent-utilities variables (apply to every connector)
Variable | Example | Description |
|
| Tool surface: |
| — | Comma-separated tool allow-list |
| — | Comma-separated tool deny-list |
| — | Comma-separated tag allow-list |
| — | Comma-separated tag deny-list |
| — | Outbound MCP auth ( |
| — | OIDC client id (service-account auth) |
| — | OIDC client secret (service-account auth) |
|
| Verbose logging |
|
| Unbuffered stdout (recommended in containers) |
|
| URL of the MCP server the agent connects to |
|
| LLM provider for the agent |
|
| Model id for the agent |
|
| Serve the AG-UI web interface |
45 package + 14 inherited variable(s). Auto-generated from .env.example + the shared agent-utilities set — do not edit.
Every variable the server reads.
Connection & Credentials
The connector is single-host by default and multi-tenant when gitlab_instances is
configured (see Multi-Tenancy). When no
instances are configured, it falls back to the single-host GITLAB_* values below.
Variable | Description | Default |
| Base GitLab instance URL |
|
| GitLab personal/project access token ( | — |
| TLS certificate verification |
|
Multiple instances are declared once under
gitlab_instancesin the shared agent-utilities XDG config (~/.config/agent-utilities/config.json) — each entry hasname,url,token, andverify_ssl. Target a tenant by name from the client factory; an unset instance resolves to the first configured one (elseGITLAB_URL/GITLAB_TOKEN).
MCP server / transport
Variable | Description | Default |
|
|
|
| Bind host (HTTP transports) |
|
| Bind port (HTTP transports) |
|
| Tool surface: |
|
| Comma-separated tool allow/deny list | — |
| Comma-separated tag allow/deny list | — |
| Verbose logging |
|
| Unbuffered stdout (recommended in containers) |
|
Tool toggles
Each action-routed tool can be disabled individually via its toggle env var (set to false).
The full list is in the Available MCP Tools table above
(e.g. PROJECTSTOOL, MERGE_REQUESTSTOOL, PIPELINESTOOL, GRAPHQLTOOL, CUSTOM_APITOOL).
Telemetry & governance
Variable | Description | Default |
| Enable OpenTelemetry export |
|
| OTLP collector endpoint | — |
| OTLP auth keys | — |
| OTLP protocol (e.g. | — |
| Authorization mode: |
|
| Embedded policy file |
|
| Remote Eunomia server URL | — |
Agent CLI (full [agent] runtime only)
Variable | Description | Default |
| URL of the MCP server the agent connects to |
|
| LLM provider (e.g. |
|
| Model id (e.g. |
|
| Serve the AG-UI web interface |
|
See .env.example for a copy-paste starting point.
Agent
This repository features a fully integrated Pydantic AI Graph Agent. It communicates over the Agent Control Protocol (ACP) and interacts seamlessly with the Agent Web UI (AG-UI) and Terminal interface.
Running the Agent CLI
To start the interactive command-line agent:
# Set credentials
export GITLAB_URL="your_value"
export GITLAB_TOKEN="your_value"
# Run the agent server
gitlab-agent --provider openai --model-id gpt-4oDocker Compose Orchestration
The following docker/agent.compose.yml configures the Agent, Web UI, and Terminal Interface together:
version: '3.8'
services:
gitlab-api-mcp:
image: knucklessg1/gitlab-api:mcp
container_name: gitlab-api-mcp
hostname: gitlab-api-mcp
restart: always
env_file:
- ../.env
environment:
- PYTHONUNBUFFERED=1
- HOST=0.0.0.0
- PORT=8000
- TRANSPORT=streamable-http
ports:
- "8000:8000"
healthcheck:
test: ["CMD", "python3", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
logging:
driver: json-file
options:
max-size: "10m"
max-file: "3"
gitlab-api-agent:
image: knucklessg1/gitlab-api:latest
container_name: gitlab-api-agent
hostname: gitlab-api-agent
restart: always
depends_on:
- gitlab-api-mcp
env_file:
- ../.env
command: [ "gitlab-agent" ]
environment:
- PYTHONUNBUFFERED=1
- HOST=0.0.0.0
- PORT=9017
- MCP_URL=http://gitlab-api-mcp:8000/mcp
- PROVIDER=${PROVIDER:-openai}
- MODEL_ID=${MODEL_ID:-gpt-4o}
- ENABLE_WEB_UI=True
- ENABLE_OTEL=True
ports:
- "9017:9017"
healthcheck:
test: ["CMD", "python3", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:9017/health')"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
logging:
driver: json-file
options:
max-size: "10m"
max-file: "3"
Detailed graph node architecture explanations, custom skill configurations, and agentic trace guides are available in docs/agent.md.
Multi-Tenancy (multiple GitLab instances)
The client is natively multi-tenant. The set of instances is declared once in the
shared agent-utilities XDG config (~/.config/agent-utilities/config.json) under
gitlab_instances — the same list the Knowledge-Graph GitLab indexer reads, so one
config drives both code/metadata indexing and every API/MCP call:
{
"gitlab_instances": [
{"name": "internal", "url": "https://gitlab.arpa", "token": "glpat-xxxx", "verify_ssl": false},
{"name": "public", "url": "https://gitlab.com", "token": "glpat-yyyy", "verify_ssl": true}
]
}Target a tenant by name from the client factory; a bare URL still works, and an
unset instance resolves to the first configured one (else GITLAB_URL/GITLAB_TOKEN):
from gitlab_api.auth import get_client
from gitlab_api.instances import list_configured_instances
internal = get_client(instance="internal") # resolves url+token+verify from config
public = get_client(instance="public")
default = get_client() # first configured / GITLAB_URL fallback
names = [i.name for i in list_configured_instances()]The MCP server exposes a gitlab_instances tool (action=list|get) to discover the
configured tenants (tokens are never returned). When no instances are configured, the
connector falls back to the single-host GITLAB_URL/GITLAB_TOKEN it has always used.
Security & Governance
Built directly upon the enterprise-ready agent-utilities core, standard security parameters are fully supported:
Access Control & Policy Enforcement
Eunomia Policies: Fine-grained, policy-driven tool authorization. Supports
none, localembedded(mcp_policies.json), or centralizedremotemodes.OIDC Token Delegation: Compliant with RFC 8693 token exchange for flowing authenticating user credentials from Web UI / ACP → Agent → MCP.
Scoped Credentials: Execution context runs restricted to the specific caller identity.
Runtime Security Grid
Feature | Functionality | Enablement |
Tool Guard | Sensitivity inspection with human-in-the-loop validation | Enabled by default |
Prompt Injection Defense | Input scanning, repetition monitoring, and recursive loop blocks | Enabled by default |
Context Safety Guard | Stuck-loop detectors and contextual overflow preemptive alerts | Enabled by default |
Installation
Pick the extra that matches what you want to run:
Extra | Installs | Use when |
| Slim MCP server only ( | You only run the MCP server (smallest install / image) |
| Full agent runtime ( | You run the integrated agent |
| Everything ( | Development / both surfaces |
# MCP server only (recommended for tool hosting — slim deps)
uv pip install "gitlab-api[mcp]"
# Full agent runtime (Pydantic AI + epistemic-graph engine)
uv pip install "gitlab-api[agent]"
# Everything (development)
uv pip install "gitlab-api[all]" # or: python -m pip install "gitlab-api[all]"Container images (:mcp vs :agent)
One multi-stage docker/Dockerfile builds two right-sized images, selected by --target:
Image tag | Build target | Contents | Entrypoint |
|
|
|
|
|
|
|
|
docker build --target mcp -t knucklessg1/gitlab-api:mcp docker/ # slim MCP server
docker build --target agent -t knucklessg1/gitlab-api:latest docker/ # full agentdocker/mcp.compose.yml runs the slim :mcp server; docker/agent.compose.yml runs the
agent (:latest) with a co-located :mcp sidecar.
Knowledge-graph database (epistemic-graph)
The full agent ([agent] / :latest) embeds the epistemic-graph engine (pulled in
transitively via agent-utilities[agent]). For production — or to share one knowledge graph
across multiple agents — run epistemic-graph as its own database container and point the
agent at it instead of embedding it. Deployment recipes (single-node + Raft HA), connection
config, and the full database architecture (with diagrams) are documented in the
epistemic-graph deployment guide.
The slim [mcp] server does not require the database.
Documentation
The complete documentation is published as the official documentation site and is the recommended reference for installation, deployment, and day-to-day operation.
Page | Contents |
pip, source, extras, prebuilt Docker image | |
run the MCP and agent servers, Compose, Caddy + Technitium, env config | |
the MCP tools, the | |
deploy GitLab with Docker | |
the action-routed tool surface and architecture | |
concept registry ( |
Repository Owners
Contribute
Contributions are welcome! Please ensure code quality by executing local checks before submitting pull requests:
Format code using
ruff format .Lint code using
ruff check .Validate type-safety with
mypy .Execute test suites using
pytest
Deploy with agent-os-genesis
This package can be provisioned for you — skill-guided — by the agent-os-genesis
universal skill (its single-package deploy mode): it picks your install method, seeds
secrets to OpenBao/Vault (or .env), trusts your enterprise CA, registers the MCP
server, and verifies it — the same machinery that stands up the whole Agent OS, narrowed
to just this package. Ask your agent to "deploy gitlab-api with agent-os-genesis".
Install mode | Command |
Bare-metal, prod (PyPI) |
|
Bare-metal, dev (editable) |
|
Container, prod | deploy |
Container, dev (editable) | deploy |
Secrets are read-existing + seeded via vault_sync — you are only prompted for what's missing.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Knuckles-Team/gitlab-api'
If you have feedback or need assistance with the MCP directory API, please join our Discord server