gitlab-mcp
Provides tools for AI-powered GitLab merge request code reviews, including fetching MR details, reading diffs and files, posting inline comments and suggestions, managing labels, tracking review sessions with re-review intelligence, and approving/unapproving merge requests.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@gitlab-mcpreview merge request !12"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
gitlab-mcp
An MCP (Model Context Protocol) server for AI-powered GitLab merge request code reviews.
Provides 23 tools that give an AI agent everything it needs to perform thorough, structured code reviews: fetch MR details, read diffs and files, post inline comments and suggestions, manage labels, track review sessions with re-review intelligence, and approve/unapprove merge requests.
Prerequisites
Bun >= 1.0
A GitLab Personal Access Token (PAT) or OAuth token with
apiscope
Related MCP server: mcp-gitlab-workflow
Quick Start
# Clone and install
git clone <your-repo-url>
cd gitlab-mcp
bun install
# Configure authentication
cp .env.example .env
# Edit .env with your GitLab PAT (see "Creating Tokens" below)
# Run the server (stdio transport)
bun run startNote: The
.envfile is automatically loaded when you runbun run startorbun run devdirectly. When the server is spawned as a subprocess by an MCP client (Claude Code, OpenCode, etc.), environment variables must be passed through the client's configuration — see the setup examples below.
MCP Client Setup
Connect this server to your AI coding agent. The server uses stdio transport — it communicates over stdin/stdout.
Claude Code
Add via the CLI:
claude mcp add gitlab-mr-review --transport stdio \
--env GITLAB_PAT=glpat-xxxxxxxxxxxxxxxxxxxx \
--env GITLAB_BASE_URL=https://gitlab.com \
--env GITLAB_PROJECT_ID=my-group/my-project \
-- bun run startOr to share with your team, add a .mcp.json file to the project root (use --scope project):
claude mcp add gitlab-mr-review --transport stdio --scope project \
--env GITLAB_PAT=glpat-xxxxxxxxxxxxxxxxxxxx \
--env GITLAB_BASE_URL=https://gitlab.com \
--env GITLAB_PROJECT_ID=my-group/my-project \
-- bun run startThis creates a .mcp.json that can be committed to version control:
{
"mcpServers": {
"gitlab-mr-review": {
"command": "bun",
"args": ["run", "start"],
"env": {
"GITLAB_PAT": "${GITLAB_PAT}",
"GITLAB_BASE_URL": "${GITLAB_BASE_URL:-https://gitlab.com}",
"GITLAB_PROJECT_ID": "${GITLAB_PROJECT_ID}"
}
}
}
}Tip: Claude Code supports
${VAR}and${VAR:-default}syntax in.mcp.json, so you can reference environment variables instead of hardcoding secrets.
OpenCode
Add the server to your opencode.json (or opencode.jsonc):
{
"$schema": "https://opencode.ai/config.json",
"mcp": {
"gitlab-mr-review": {
"type": "local",
"command": ["bun", "run", "start"],
"enabled": true,
"environment": {
"GITLAB_PAT": "{env:GITLAB_PAT}",
"GITLAB_BASE_URL": "{env:GITLAB_BASE_URL}",
"GITLAB_PROJECT_ID": "{env:GITLAB_PROJECT_ID}"
}
}
}
}Tip: OpenCode uses
{env:VAR}syntax to reference environment variables. SetGITLAB_PAT,GITLAB_BASE_URL, andGITLAB_PROJECT_IDin your shell environment or.envfile.
Environment Variables
Both clients need these environment variables to be available:
Variable | Required | Description |
| Yes* | GitLab Personal Access Token ( |
| Yes* | OAuth token (alternative to PAT) |
| No | GitLab instance URL (defaults to |
| No | Default project ID or path (e.g., |
| No | Minimum log level: |
* One of GITLAB_PAT or GITLAB_OAUTH_TOKEN is required.
Important: When the server is launched as an MCP subprocess (by Claude Code, OpenCode, etc.), the
.envfile is not loaded automatically. Configure environment variables through your MCP client's config (see the Claude Code and OpenCode examples above). The.envfile is only used when running the server directly viabun run startorbun run dev.
Creating Tokens
Personal Access Token (PAT) — Recommended
Go to your GitLab instance → click your Avatar (top-right) → Edit profile
In the left sidebar, select Access → Personal access tokens
Select Add new token
Fill in:
Token name: e.g.,
mcp-code-reviewExpiration date: set an appropriate date (max 365 days)
Scopes: select
api(required for full read/write access to MRs, discussions, labels, approvals)
Select Create personal access token
Copy the token immediately — it won't be shown again
Set it as
GITLAB_PATin your environment or MCP client config
The token will look like glpat-xxxxxxxxxxxxxxxxxxxx.
For full details, see the GitLab PAT documentation.
OAuth 2.0 Token (Alternative)
If you have an OAuth 2.0 access token obtained through an OAuth2 authorization flow, set it as GITLAB_OAUTH_TOKEN. The server sends it via the Authorization: Bearer header.
Note: OAuth tokens expire after 2 hours and require external refresh. For MCP server use, PATs are recommended as they have longer lifetimes and don't require a refresh flow.
Default Project ID
Most tools require a project_id parameter. You can skip passing it explicitly by configuring a default:
Environment variable: Set
GITLAB_PROJECT_IDin your.envRuntime setting: Call
set_setting(key: "default_project_id", value: "group/project")Explicit parameter: Always wins when provided
Priority: explicit param > runtime setting > env var.
Available Tools
Merge Request Tools (13)
Tool | Description |
| Fetch enriched MR details (approvals, commits, deployments) |
| Get MR diff with file filtering and generated-file exclusion |
| List all discussion threads on an MR |
| List commits in an MR |
| Read a file from the MR branch (base64 decoded) |
| Get CI/CD pipeline status for an MR |
| Diff changes since a previous review SHA |
| List MRs with filtering (state, labels, scope, search) |
| Post a comment on an MR |
| Reply to an existing discussion thread |
| Resolve or unresolve a discussion thread |
| Approve an MR (with optional SHA safety check) |
| Remove approval from an MR |
Label Tools (4)
Tool | Description |
| List all labels in a project |
| Add a label to an MR |
| Remove a label from an MR |
| Replace all labels on an MR |
Review Session Tools (4)
Tool | Description |
| Start or resume an active review session; starts a fresh session with prior context after completed reviews |
| Add a comment or suggestion to the review (posts to GitLab inline) |
| Get review progress with item details and resolution status |
| Finalize review: update status, post summary, set labels, approve, or request changes |
Settings Tools (2)
Tool | Description |
| Read a configuration value |
| Store a configuration value |
Usage with AI Code Reviewer
The typical review workflow:
1. start_review -- Start a session, detect re-reviews
2. get_merge_request -- Fetch MR details, approvals, CI status
3. get_mr_diff -- Read the diff (auto-filters generated files)
4. get_mr_file_content -- Read full files for context
5. add_review_comment -- Post inline comments and suggestions
6. complete_review -- Post summary, set labels, approve, or request changesOn re-review, start_review automatically detects review history and provides:
Resolution status of prior comments
Whether new commits have been pushed since last review
A diff of changes since the last review via
get_mr_changes_since
Completed sessions (approved, requested_changes, or closed) are treated as
historical context, not writable sessions. If no active session exists,
start_review creates a fresh in_progress session and includes the latest
completed session under previous_session / previous_review.
Architecture
MCP Client (AI Agent)
|
| stdio (JSON-RPC)
|
MCP Server (Bun)
/ \
GitLab API SQLite
(REST) (bun:sqlite)Transport: stdio (stdin/stdout for JSON-RPC, stderr for logs)
GitLab Client: HTTP with retry/backoff, pagination, structured errors
Database: SQLite for review sessions, review items, and settings
Logging: Dual-mode -- JSON to stderr + MCP logging messages to client
Development
bun run dev # Start with hot reload
bun run start # Start server (stdio transport)
bun run typecheck # TypeScript type checking
bun test # Run all tests
bun run lint # Lint with Biome
bun run format # Format with Biome
bun run check # Lint + format with Biome
bun run build # Build to dist/Project Structure
src/
index.ts Entry point
server.ts MCP server setup, environment validation
logger.ts Structured logging (stderr JSON + MCP)
tools/
index.ts Tool registry with auto-logging wrapper
merge-requests.ts 13 MR tools
labels.ts 4 label tools
reviews.ts 4 review session tools
settings.ts 2 settings tools
gitlab/
client.ts REST client (22 methods, retry, pagination)
auth.ts PAT/OAuth token handling
errors.ts GitLabApiError with classification
types.ts GitLab API response types
db/
index.ts SQLite init, migrations, singleton
schema.ts Table DDL + TypeScript interfaces
queries.ts Typed query helpers
schemas/
index.ts Zod schemas for all tool inputs
tests/
16 test files, 351 tests, 698 expect() callsAdding a New Tool
Add Zod schema to
src/schemas/index.tsAdd tool registration in the appropriate
src/tools/*.tsfileIf new file, export register function and add to
src/tools/index.tsAdd tests
Run
bun run typecheck && bun test && bun run check
License
ISC
This server cannot be installed
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/dragomirweb/gitlab-review-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server