Skip to main content
Glama
jmrplens

Gitlab MCP Server

by jmrplens
OverviewSchemaRelated ServersScoreDiscussions
Go
Hybrid

Admin

gitlab_admin
Destructive

Administer self-managed GitLab instance: manage settings, license, broadcast messages, system hooks, Sidekiq monitoring, and bulk imports from GitLab or external sources like GitHub/Bitbucket.

Instructions

Use {"action":"alert_metric_image_delete","params":{...}}; only top-level keys are action and params. Action params schema: gitlab://schema/meta/gitlab_admin/.

GitLab self-managed instance administration: settings, license, broadcast messages, system hooks, Sidekiq monitoring, plan limits, OAuth applications, secure files, Terraform states, cluster agents, dependency proxy cache, plus bulk imports (GitLab→GitLab migrations) and external imports (GitHub/Bitbucket). Most actions require admin privileges. Delete/purge/revoke actions are destructive. When to use: instance-level admin tasks on a self-managed GitLab (settings, license, features, system hooks, Sidekiq monitoring, bulk imports between GitLab instances, external imports from GitHub/Bitbucket). NOT for: user CRUD (use gitlab_user), group/project administration (use gitlab_group / gitlab_project), MCP server itself (use gitlab_server), runtime feature flags per project (use gitlab_feature_flags), CI variables (use gitlab_ci_variable).

Behavior:

  • Idempotent reads: settings_get / appearance_get / *_list / get / sidekiq / app_statistics_get / metadata_get / usage_data_service_ping / usage_data_non_sql_metrics / usage_data_queries / usage_data_metric_definitions / plan_limits_get / feature_list / feature_list_definitions.

  • settings_update / appearance_update / feature_set / plan_limits_change / custom_attr_set / error_tracking_update_settings are idempotent (same input → same state). license_add / system_hook_add / system_hook_test / broadcast_message_create / application_create / bulk_import_start / import_github / import_bitbucket / import_bitbucket_server / import_gists are NON-idempotent (re-invocation creates duplicates or new background jobs).

  • Side effects: license_add / system_hook_add / broadcast_message_create / settings_update / feature_set apply instance-wide IMMEDIATELY (all sessions affected); bulk_import_* and import_* queue long-running async migrations — poll bulk_import_get / bulk_import_entity_* until status='finished'; usage_data_track_event posts to Snowplow when send_to_snowplow=true; application_create returns the OAuth secret only ONCE.

  • Destructive: *_delete, license_delete, system_hook_delete, feature_delete, application_delete, broadcast_message_delete, custom_attr_delete, cluster_agent_delete, dependency_proxy_delete, secure_file_delete, terraform_state_delete / terraform_state_unlock, db_migration_mark, bulk_import_cancel and import_cancel_github are irreversible. db_migration_mark may corrupt the schema if used incorrectly.

Returns: resource object for _get/_create/_update/_set/_add; metrics object for Sidekiq/usage_data/app_statistics/metadata; paginated array for _list / feature_list_definitions; {success, message} for _delete/_revoke/_purge/_unlock. Errors: 401/403 forbidden (hint: most actions require admin token), 404 not found, 400 invalid params (hint: license must be base64-encoded; system hook url must be https).

Param conventions: * = required. List actions accept page, per_page.

Topics:

  • topic_list: search

  • topic_get / topic_delete: topic_id*

  • topic_create: name*, title, description

  • topic_update: topic_id*, name, title, description

Settings & appearance:

  • settings_get / appearance_get: (no params). If the task says "read current instance settings" or "get instance settings", call settings_get, not broadcast_message_list.

  • settings_update: settings (map of setting_name to value)

  • appearance_update: title, description, header_message, footer_message, message_background_color, message_font_color, email_header_and_footer_enabled, pwa_name, pwa_short_name, pwa_description, member_guidelines, new_project_guidelines, profile_image_guidelines

Broadcast messages:

  • broadcast_message_list: (no params) lists existing broadcast messages only; it does not read instance settings.

  • broadcast_message_get / broadcast_message_delete: id*

  • broadcast_message_create: message*, starts_at, ends_at, broadcast_type, theme, dismissable (bool), target_path, target_access_levels

  • broadcast_message_update: id*, message, starts_at, ends_at, broadcast_type, theme, dismissable

Instance feature flags:

  • feature_list / feature_list_definitions: (no params)

  • feature_set: name*, value*, key, feature_group, user, group, namespace, project, repository, force (bool)

  • feature_delete: name*

License:

  • license_get: (no params)

  • license_add: license* (Base64-encoded)

  • license_delete: id*

System hooks:

  • system_hook_list: (no params)

  • system_hook_get / system_hook_test / system_hook_delete: id*

  • system_hook_add: url*, token, push_events, tag_push_events, merge_requests_events, repository_update_events, enable_ssl_verification

Sidekiq metrics: sidekiq_queue_metrics / sidekiq_process_metrics / sidekiq_job_stats / sidekiq_compound_metrics (no params).

Plan limits:

  • plan_limits_get: plan_name

  • plan_limits_change: plan_name*, conan_max_file_size, generic_packages_max_file_size, helm_max_file_size, maven_max_file_size, npm_max_file_size, nuget_max_file_size, pypi_max_file_size, terraform_module_max_file_size

Usage data:

  • usage_data_service_ping / usage_data_non_sql_metrics / usage_data_queries / usage_data_metric_definitions: (no params)

  • usage_data_track_event: event*, send_to_snowplow (bool), namespace_id, project_id

  • usage_data_track_events: events* (array)

OAuth applications:

  • application_list: (no params)

  • application_create: name*, redirect_uri*, scopes*, confidential (bool)

  • application_delete: id*

Misc:

  • db_migration_mark: version*, database

  • app_statistics_get / metadata_get: (no params)

Custom attributes:

  • custom_attr_list: resource_type* (user/group/project), resource_id*

  • custom_attr_get / custom_attr_delete: resource_type*, resource_id*, key*

  • custom_attr_set: resource_type*, resource_id*, key*, value*

Bulk import:

  • bulk_import_start: url*, access_token*, entities* (array of {source_type, source_full_path, destination_slug, destination_namespace, migrate_projects (bool), migrate_memberships (bool)})

  • bulk_import_list: status, page, per_page

  • bulk_import_get: id*

  • bulk_import_cancel: id*

  • bulk_import_entity_list: bulk_import_id, status, page, per_page

  • bulk_import_entity_get: bulk_import_id*, entity_id*

  • bulk_import_entity_failures: bulk_import_id*, entity_id*

Error tracking:

  • error_tracking_list: project_id*

  • error_tracking_create: project_id*

  • error_tracking_delete: project_id*, key_id*

  • error_tracking_get_settings: project_id*

  • error_tracking_update_settings: project_id*, active (bool), integrated (bool)

Alert metric images:

  • alert_metric_image_list: project_id*, alert_iid*

  • alert_metric_image_upload: project_id*, alert_iid*, url*, url_text

  • alert_metric_image_update: project_id*, alert_iid*, image_id*, url, url_text

  • alert_metric_image_delete: project_id*, alert_iid*, image_id*

Secure files:

  • secure_file_list: project_id*

  • secure_file_get / secure_file_delete: project_id*, file_id*

  • secure_file_create: project_id*, name*, content* (base64-encoded)

Terraform states:

  • terraform_state_list: project_path*

  • terraform_state_get: project_path*, name*

  • terraform_state_delete / terraform_state_lock / terraform_state_unlock: project_id*, name*

  • terraform_version_delete: project_id*, name*, serial*

Cluster agents:

  • cluster_agent_list: project_id*

  • cluster_agent_get / cluster_agent_delete: project_id*, agent_id*

  • cluster_agent_register: project_id*, name*

  • cluster_agent_token_list: project_id*, agent_id*

  • cluster_agent_token_get / cluster_agent_token_revoke: project_id*, agent_id*, token_id*

  • cluster_agent_token_create: project_id*, agent_id*, name*

Imports:

  • import_github: personal_access_token*, repo_id*, target_namespace*, new_name

  • import_bitbucket: bitbucket_username*, bitbucket_app_password*, repo_path*, target_namespace*, new_name

  • import_bitbucket_server: bitbucket_server_url*, bitbucket_server_username*, personal_access_token*, bitbucket_server_project*, bitbucket_server_repo*, new_namespace, new_name

  • import_cancel_github: project_id*

  • import_gists: personal_access_token*

  • dependency_proxy_delete: group_id* — purges the group's dependency proxy cache

Parameter constraints (beyond schema):

  • broadcast_message_create.broadcast_type ∈ {banner, notification}; theme is a CSS hex color (e.g. '#E75E40'); target_access_levels uses GitLab numeric levels [10=Guest, 20=Reporter, 30=Developer, 40=Maintainer, 50=Owner]; starts_at/ends_at are ISO 8601 timestamps and ends_at MUST be > starts_at.

  • feature_set.value accepts 'true' / 'false' / a 0–100 integer (percentage of time/actors) / 'actor:'; the optional key disambiguates 'percentage_of_time' vs 'percentage_of_actors'; user/group/namespace/project/repository scope the gate and are mutually-exclusive with each other.

  • plan_limits_change.*_max_file_size are sizes in BYTES; 0 disables the limit. Omitted fields keep their current value (partial update).

  • license_add.license is the Base64 of the raw .gitlab-license file (not the file path).

  • system_hook_add.url MUST be https when enable_ssl_verification=true; token is sent as X-Gitlab-Token on every delivery.

  • application_create.scopes is a SPACE-separated string of OAuth scopes (e.g. 'api read_user'); confidential=false enables PKCE for public clients. The client_secret is returned ONCE on creation and cannot be retrieved later.

  • cluster_agent_token_create returns the token ONCE; revoke + re-create to rotate.

  • secure_file_create.content is Base64-encoded; max size 5 MiB.

  • custom_attr_set.resource_type ∈ {user, group, project} and (resource_type, resource_id, key) is a unique upsert key.

  • bulk_import_start.entities[].source_type ∈ {group_entity, project_entity}; migrate_projects and migrate_memberships apply only to group_entity. destination_namespace must already exist on the target instance.

  • import_bitbucket_server.bitbucket_server_project is the project KEY (usually uppercase, from the Bitbucket URL), not the display name.

  • usage_data_track_event: namespace_id and project_id are mutually-exclusive context refs (provide at most one); send_to_snowplow=false keeps the event internal to GitLab.

  • db_migration_mark.database ∈ {main, ci}; defaults to 'main'. Marking a non-applied migration corrupts schema_migrations — verify first via metadata_get.

  • terraform_state_lock fails if the state is already locked; unlock breaks any active client session holding the lock.

  • topic_create.name must be globally unique (slug); title is the display name shown in the UI.

  • List actions: page defaults to 1, per_page defaults to 20 (GitLab cap is 100).

See also: gitlab_user (user CRUD), gitlab_server (MCP server health and updates), gitlab_group / gitlab_project (group/project admin), gitlab_access (tokens, deploy keys, access requests).

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
actionYesAction to perform. Pick exactly one of the values in `enum`. Each action expects its own `params` object — see the tool description for the per-action parameter list.
paramsNoAction-specific parameters as a JSON object. Required and optional fields differ per action. This envelope schema stays broad; runtime validation applies the chosen action's schema after reserved meta keys like `confirm` are stripped. For the JSON Schema of a specific action's `params`, read the MCP resource `gitlab://schema/meta/{tool}/{action}` (replace placeholders with the tool name and the chosen action).

Output Schema

TableJSON Schema
NameRequiredDescriptionDefault
next_stepsNoOptional. Suggested follow-up actions or tool calls for the LLM, contextual to the result.
paginationNoPresent on list actions. Use `has_more` and `next_page` to paginate through results.

Tool Definition Quality

A4.8/5.0
Behavior5/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

Beyond annotations (destructiveHint, openWorldHint), the description categorizes actions by idempotency, side effects (immediate instance-wide changes, async migrations), and destructive irreversible actions. It also covers error conditions and provides hints for common issues.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is long but well-organized into sections (When to use, Behavior, Returns, Errors, parameter conventions). It front-loads key usage guidance and uses clear structure, though some repetition exists.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness5/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (70+ actions), the description is remarkably complete, covering all actions, their parameters, constraints, return types, error hints, and even cross-references to sibling tools. Output schema exists, so return value details are not needed.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100%, so baseline is 3. The description adds substantial per-action parameter details, constraints (e.g., broadcast_type values, license base64, scopes space-separated), which goes beyond the schema's generic descriptions.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly defines the tool as administering a self-managed GitLab instance, listing many specific actions like settings, license, broadcast messages, etc. It explicitly distinguishes from sibling tools (e.g., NOT for user CRUD, group/project admin, etc.).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines5/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description states when to use (instance-level admin tasks) and what not to use (e.g., gitlab_user for user CRUD). It provides explicit guidance like 'If the task says read current instance settings, call settings_get, not broadcast_message_list.'

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jmrplens/gitlab-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server