Gitlab MCP Server
by jmrplens
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| LOG_LEVEL | No | Logging verbosity. Use 'debug' to diagnose tool dispatch or GitLab API issues; use 'warn' or 'error' for low-noise production runs. | info |
| GITLAB_URL | No | GitLab instance URL, e.g. https://gitlab.com or https://gitlab.example.com. Must include http:// or https://. Defaults to GitLab.com. | https://gitlab.com |
| AUTO_UPDATE | No | Self-update mode. 'true' downloads and applies the newest release on start; 'check' only logs availability; 'false' disables it. Keep 'false' in containers because the filesystem is ephemeral. | false |
| GITLAB_TOKEN | Yes | GitLab Personal Access Token with the scopes required by the operations you intend to call. Use 'api' for full functionality; narrower read-only setups can use scopes such as read_api, read_user, read_repository, or read_registry depending on the tools you need. Format: glpat-XXXXXXXXXXXXXXXXXXXX. | |
| TOOL_SURFACE | No | Canonical tool catalog selector. 'dynamic' is recommended for Glama and exposes the low-token gitlab_find_action + gitlab_execute_tool workflow. 'meta' exposes domain meta-tools. 'individual' exposes the full individual tool catalog and can be very large. | dynamic |
| EXCLUDE_TOOLS | No | Comma-separated list of MCP tool names to exclude from registration, e.g. gitlab_admin,gitlab_runner. Useful for hiding high-risk or irrelevant domains. | |
| RATE_LIMIT_RPS | No | Per-server tools/call rate limit in requests per second. '0' disables rate limiting. Use a positive number to protect shared or constrained GitLab instances. | 0 |
| AUTO_UPDATE_REPO | No | GitHub repository slug used for release assets when AUTO_UPDATE is enabled. Keep the default for official releases. | jmrplens/gitlab-mcp-server |
| GITLAB_READ_ONLY | No | When 'true', disables every mutating tool at startup. Only read-only list/get/search-style operations remain. Recommended for exploratory, public, or untrusted-LLM scenarios. | false |
| GITLAB_SAFE_MODE | No | Dry-run mode. Mutating tools stay visible but return a structured JSON preview instead of executing. Read-only tools run normally. If GITLAB_READ_ONLY=true, read-only mode takes precedence. | false |
| RATE_LIMIT_BURST | No | Token-bucket burst size used when RATE_LIMIT_RPS is greater than 0. Must be at least 1 when rate limiting is enabled. | 40 |
| GITLAB_ENTERPRISE | No | Enable GitLab Premium/Ultimate tools. Set to 'true' only when the target instance supports Premium/Ultimate features, or when using GitLab.com with those capabilities. | false |
| META_PARAM_SCHEMA | No | Meta-tool input schema strategy for TOOL_SURFACE=meta. 'opaque' keeps tools/list compact; 'compact' includes action parameter names and simple types; 'full' includes full per-action JSON Schemas and costs significantly more tokens. Has little practical effect in dynamic mode. | opaque |
| CAPABILITY_SURFACE | No | Resource and prompt catalog selector. 'full' registers all resources, prompts, workflow guides, and schema resources. 'minimal' keeps the smallest capability surface; dynamic mode still returns action schemas inline. | full |
| EMBEDDED_RESOURCES | No | When 'true', get-style tool results include EmbeddedResource content blocks with canonical gitlab:// resource URIs. Set to 'false' for clients that do not tolerate duplicate or embedded content blocks. | true |
| AUTO_UPDATE_TIMEOUT | No | Pre-start auto-update download timeout. Valid range is 5s to 10m. Mostly irrelevant when AUTO_UPDATE=false. | 60s |
| AUTO_UPDATE_INTERVAL | No | Periodic update check interval for HTTP-mode background checks. Mostly irrelevant when AUTO_UPDATE=false. | 1h |
| GITLAB_IGNORE_SCOPES | No | Skip Personal Access Token scope detection and register all tools regardless of token permissions. API calls may still fail with 403 if the token lacks the required GitLab scopes. | false |
| UPLOAD_MAX_FILE_SIZE | No | Maximum file size for upload tools. Accepts bytes or human-friendly suffixes such as KB, MB, or GB. Upper bound is 1TB. | 2GB |
| GITLAB_SKIP_TLS_VERIFY | No | Skip TLS certificate verification for self-signed certificates or internal CAs. Use only when you trust the network path to GITLAB_URL. | false |
| GITLAB_MCP_ALLOWED_IMPORT_DIRS | No | Additional OS path-list-separated directories allowed for project/group import archives passed by file path. Current working directory and OS temp directory are always allowed. Archives must resolve inside an allowed directory and use .tar.gz. |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {
"listChanged": true
} |
| logging | {} |
| prompts | {
"listChanged": true
} |
| resources | {
"listChanged": true
} |
| completions | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| gitlab_execute_toolA | Execute one GitLab catalog action by canonical ID or alias. Always pass params as an object; destructive actions require top-level confirm=true. Use find first only when action or params are unclear. |
| gitlab_find_actionA | Search the local GitLab action catalog; read-only and no GitLab API call. Use when the action ID or params are unclear; returns schemas, hints, destructive flags, and execute examples. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
| audit_commit_hygiene | Audit commit message quality between two refs. Scores Conventional Commit usage, merge commits, breaking-change markers, body/detail quality, and linked work references for release and contribution readiness. |
| audit_project_full | Run a comprehensive audit of a GitLab project covering settings, branch protection, access management, labels, milestones, and templates in a single report. Use this for a complete project health assessment with actionable recommendations. |
| audit_project_workflow | Audit workflow configuration for a GitLab project: labels (names, colors, descriptions), milestones (open/closed, due dates), and issue/MR templates. Identifies gaps like labels without descriptions, milestones without due dates, or missing templates. |
| branch_mr_summary | List all MRs targeting a specific branch in a project. Shows readiness summary with conflict/draft/approval counts. Ideal for release branch reviews. |
| compare_branches | Compare commit and file differences between two Git refs. Use for release branch preparation, feature branch divergence analysis, or deciding whether a merge/backport needs deeper review. |
| daily_standup | Generate a daily standup summary based on the user's GitLab activity in the last 24 hours: contribution events, authored MRs, assigned MRs, MRs under review, assigned issues, and created issues. Produces a comprehensive report with done/planned/blockers sections. |
| generate_release_notes | Generate comprehensive release notes from commits, merge requests, and file changes between two Git refs (tags, branches, or SHAs). Produces a structured document with commits, merged MRs with labels, contributors, and statistics for organizing into user-friendly release notes. |
| group_milestone_progress | Track milestone progress across all projects in a group. Shows issue/MR completion per milestone with progress bars. |
| group_mr_dashboard | List merge requests across a GitLab group with optional state and target branch filters. Shows MRs grouped by project with blocker and readiness summary statistics. |
| label_distribution | Analyze label usage distribution in a project. Shows open/closed issue counts and open MR counts per label. Zero additional API calls beyond label list. |
| merge_velocity | Analyze MR throughput metrics for a project. Shows merge rate, average time-to-merge, and daily merged count chart. Ideal for tracking team delivery pace. |
| milestone_progress | Track milestone progress for a project. Shows issue/MR completion, progress bar, and due date risk. Omit milestone argument to see all active milestones. |
| mr_description_quality | Score a merge request description for reviewer readiness. Checks context, linked work, test evidence, rollout/risk notes, checklists, and whether changed files suggest missing screenshots or migration notes. |
| mr_discussion_health | Analyze unresolved discussion threads across open MRs in a project. Use this for review follow-up and merge-readiness cleanup, not approval-rule status. |
| mr_risk_assessment | Assess the risk level (LOW/MEDIUM/HIGH/CRITICAL) of a merge request based on size (lines added/removed), number of changed files, new/deleted files, sensitive file patterns (env, auth, migration, CI, security), and conflict status. |
| my_activity_summary | Generate a personal activity summary for a configurable time period. Includes contribution events breakdown, MRs created/merged/reviewed, issues created/closed, and a daily activity chart. Aggregates across all projects. |
| my_issues | Show all issues assigned to you across all projects. Includes overdue detection and project grouping. Use this to see your full issue backlog without specifying a project. |
| my_open_mrs | Show all open merge requests across all projects where you are author or assignee. Results are grouped by project for easy scanning. Use this to get a personal MR dashboard without specifying a project. |
| my_pending_reviews | Show all open merge requests where you are assigned as reviewer across all projects. Helps track which MRs are waiting for your review. Results grouped by project. |
| project_activity_report | Generate a project activity report including recent events, merged MRs, and open issues. Shows daily activity chart and contributor breakdown. |
| project_contributors | Rank project contributors by commits, additions, and deletions. Uses the repository contributors API for accurate stats. |
| project_health_check | Comprehensive project health assessment combining latest pipeline status, open merge requests, and branch hygiene (merged/stale branch counts). Provides actionable recommendations for project maintenance. |
| release_cadence | Analyze release frequency for a project. Shows time between releases, average cadence, and release history chart. |
| release_readiness | Check readiness of a release branch by analyzing open MRs targeting it, draft/conflict counts, and unresolved discussion threads. |
| review_mr | Generate a structured code review for a merge request. Files are categorized by risk (high-risk, business logic, tests, documentation) with per-file metrics, branch context, and a review plan. Full diffs are included without truncation. |
| reviewer_workload | Analyze review distribution across group members. Shows how many open MRs each member is reviewing and identifies imbalances. Useful for managers to ensure fair review distribution. |
| stale_items_report | Find MRs and issues in a project that haven't been updated for a configurable number of days. Helps identify forgotten or blocked items. |
| suggest_mr_reviewers | Suggest suitable merge request reviewers based on the files changed and the list of active project members. Excludes the MR author and asks the model to consider ownership, approval-rule fit, and workload balance. |
| summarize_mr_changes | Summarize the changed files and key modifications in a merge request. Lists each file with its change type (new/modified/deleted/renamed). Use this to quickly understand the scope of a merge request. |
| summarize_open_mrs | Summarize all open merge requests in a project including title, author, branches, age in days, and merge status. Highlights stale MRs (>7 days) and blockers. For one target branch, use branch_mr_summary. |
| summarize_pipeline_status | Summarize the latest CI/CD pipeline status for a project. Groups jobs by outcome (failed/passed/other) and includes failure reasons for debugging. |
| team_member_workload | Generate a comprehensive workload summary for a specific team member over a configurable time period. Includes contribution events, authored and assigned merge requests, MRs under review, authored and assigned issues. Use this for team management and capacity planning. |
| team_overview | Generate a team dashboard showing all group members with their open MR counts and recently merged MRs. Includes a workload distribution pie chart. Requires a GitLab group ID. |
| unassigned_items | Find open MRs and issues in a project that have no assignee. Helps identify ownership gaps and items needing attention. |
| user_activity_report | Generate a detailed activity report for a specific user: contribution events, merged MRs, reviewed MRs, daily activity chart. Designed for managers to review team member productivity. |
| user_stats | Generate comprehensive user statistics from GitLab: contribution events breakdown, merge request stats (authored/assigned/reviewed by state), issue stats (authored/assigned by state), daily activity trends, and a Mermaid activity chart. Use this for performance reviews, productivity tracking, or personal dashboards. |
| weekly_team_recap | Generate a comprehensive weekly recap for a team. Combines merged MRs, open MRs, issues activity, and events into a single summary with Mermaid charts. |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
| groups | List all GitLab groups accessible to the authenticated user. Returns each group's ID, name, full path, description, visibility level, and web URL. |
| code_review | Code review checklist and best practices for GitLab merge request reviews. |
| conventional_commits | Conventional commit message format and examples for consistent Git history. |
| git_workflow | Best practices for Git branching strategies with GitLab (feature branches, trunk-based, GitLab Flow). |
| merge_request_hygiene | Guidelines for creating and reviewing high-quality merge requests. |
| pipeline_troubleshooting | Common GitLab CI/CD pipeline issues and how to diagnose and fix them. |
| tool_manifest | Surface-aware manifest of the tools and executable actions available in this server instance. Use gitlab://tools/{id} to fetch one entry's accepted call shape and input schema. |
| current_user | Get the currently authenticated GitLab user profile. Returns username, display name, email, state (active/blocked), admin status, and web URL. |
| workspace_roots | List workspace root directories provided by the MCP client. Use these paths to locate .git/config files and extract git remote URLs for project discovery via gitlab_discover_project. |
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/jmrplens/gitlab-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server