Project · gcp-mcp-standalone

GitLab Connector

A **Native** mcp-broker connector (in-process tools, `auth_mode=none` — no browser OAuth, no broker token store) added 2026-07-09. It gives every broker client (claude.ai desktop + mobile, Claude Code, the Telegram bot) least-privilege,

type componentstatus activemcp · gitlab · connector · security

read-only visibility into GitLab projects, issues, merge requests, and CI pipelines. Built to mirror the gcp/tailscale native connectors.

Key points

  • GitLab (/proxy/gitlab) — 5 read-only tools: list_projects, get_project, list_issues, list_merge_requests, list_pipelines (CI status).
  • Credential: a Personal Access Token scoped to read_api only, supplied via the broker env (GITLAB_TOKEN); secret in Secret Manager gitlab-token, restored on rebuild by Ansible (same pattern as github-oauth-client-secret / tailscale-oauth-client-secret). Instance pinned by GITLAB_URL (default https://gitlab.com; set for self-hosted), never a tool parameter.
  • No write tools — deliberate, matching the gcp/tailscale read-first stance. Even if a prompt-injected chat asked, a read_api token cannot mutate anything.
  • Hardening in the adapter: project ids/paths are validated against a strict regex and URL-encoded before hitting the API (blocks path/query injection); per_page is clamped (1–100); upstream errors map to sanitized messages that never leak the URL or token.
  • Security model (two independent layers): the credential is read-only at the GitLab scope level, and the connector implements only read verbs. Worst realistic abuse (prompt injection in a chat with broker tools): disclosure of project / issue / MR / pipeline metadata the token can already see. Nothing can be created, deleted, or reconfigured.

Add it as a client connector

Each broker connector is its own MCP endpoint — add GitLab in a Claude client at https://bobsmcp.uk/proxy/gitlab/mcp (the trailing /mcp matters — see gcp-mcp-standalone/adr/0007-per-connector-mcp-endpoint-urls). Connectors are account-level, so adding it on desktop mirrors to the mobile app automatically.

Details

Code: BobMck/mcp-broker branch connectors, src/connectors/gitlab/ (10 unit tests; full suite 902 green, ruff clean; merged via PR #1). Infra (gcp-mcp-standalone): ansible/install.yml (fetch gitlab-token from Secret Manager → .env, no_log), ansible/templates/settings.yaml.j2 (connector + allowed_connectors registration). Go-live needs a read_api PAT stored as Secret Manager gitlab-token, then a deploy.

Sources

Compiled from wiki/projects/gcp-mcp-standalone/connectors-gitlab.md · git is the source of truth