GitLab Setup Guide: Integrating Gito with Your Repository
July 12, 2026 · View on GitHub
Automate code review for all Merge Requests using AI.
This guide shows how to connect Gito to a GitLab project for continuous, automated MR reviews using the gito deploy wizard.
Prerequisites
- Maintainer or Owner access to your GitLab project.
- An API key for your preferred language model provider (e.g., OpenAI, Google Gemini, Anthropic Claude, etc).
- The
gitoCLI installed locally (pip install gito.bot). See the README for installation options.
1. Generate the CI files with gito deploy
From the root of your locally cloned repository, run:
gito deploy
Aliases:
gito init,gito connect,gito ci.
The interactive wizard will:
- Detect that the project is hosted on GitLab.
- Ask which language model provider and model to use.
- Write the CI workflow files (see below).
- Optionally commit and push them to a dedicated
gito-cibranch and open a Merge Request for you. - Print the exact CI/CD variables you still need to add.
It creates two files:
.gitlab/ci/gito-code-review.yml— the Gito review job..gitlab-ci.yml— a minimal pipeline that adds areviewstage and includes the job above. If you already have a.gitlab-ci.yml, Gito merges thereviewstage andincludeinto it instead of overwriting.
The generated .gitlab/ci/gito-code-review.yml looks like this:
# Gito AI Code Review for GitLab
gito-ai-review:
stage: review
image: python:3.13
rules:
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
- if: $CI_PIPELINE_SOURCE == "web" && $MR_NUMBER # Manual trigger via "Run pipeline"
when: manual
variables:
GIT_DEPTH: 0 # Full history needed for diff
LLM_API_TYPE: openai
LLM_API_KEY: $LLM_API_KEY
MODEL: gpt-5.2
script:
- pip install gito.bot~=4.4
- gito --verbose review --against="origin/$CI_MERGE_REQUEST_TARGET_BRANCH_NAME"
- gito gitlab-comment --token "$GITLAB_ACCESS_TOKEN" --project-id "$CI_PROJECT_ID" --merge-request-iid "$CI_MERGE_REQUEST_IID"
- gito -v0 render gitlab_code_quality > gitlab_code_quality_report.json
artifacts:
reports:
codequality: gitlab_code_quality_report.json
Prefer manual setup? You can copy the GitLab workflow templates directly instead of running
gito deploy.
2. Add CI/CD variables
Go to Settings → CI/CD → Variables and add:
| Variable | Value | Notes |
|---|---|---|
LLM_API_KEY | Your LLM provider API key | Name must match LLM_API_KEY in the generated job. |
GITLAB_ACCESS_TOKEN | A Project Access Token | Scope api, role Reporter (or higher). Create at Settings → Access Tokens. |
A dedicated GITLAB_ACCESS_TOKEN is required because the default $CI_JOB_TOKEN cannot write Merge Request comments.
For each variable:
- ☑ Mask variable
- ☐ Protect variable — leave unchecked, otherwise Merge Request pipelines won't have access.
- For public repositories, enable Require approval for fork pipelines (CI/CD settings) to prevent secret leaks. See GitLab CI/CD variables docs.
3. Open a Merge Request
Once the CI files are on your default branch and the variables are set, every Merge Request triggers a review. You'll see:
- An AI-generated overview comment on the MR.
- A GitLab Code Quality report attached to the pipeline (see below).
To re-run a review, push a new commit or trigger the pipeline manually via Run pipeline (set the MR_NUMBER variable).
Reporting modes
Gito posts review results to the MR via the gito gitlab-comment command. Two modes are available:
Overview comment (default)
A single comment summarizing the review, with all detected issues listed in the body.
Inline comments — --inline
Add the --inline flag to post each issue as a separate inline comment anchored to the affected diff lines, while the main comment keeps only the review overview:
- gito gitlab-comment --inline --token "$GITLAB_ACCESS_TOKEN" --project-id "$CI_PROJECT_ID" --merge-request-iid "$CI_MERGE_REQUEST_IID"
Inline comments are created as draft notes anchored to the MR diff and published together as a single review. Unlike the Code Quality artifact, inline comments work on all GitLab tiers. Issues that cannot be anchored to changed lines are included in the overview comment instead.
Code Quality artifacts
The generated job also renders a GitLab Code Quality report:
- gito -v0 render gitlab_code_quality > gitlab_code_quality_report.json
artifacts:
reports:
codequality: gitlab_code_quality_report.json
GitLab ingests this artifact and surfaces the detected issues directly in the Merge Request widget and the pipeline's Code Quality tab:
Note: The Code Quality MR widget is available on GitLab Premium/Ultimate. On all tiers, the report can still be downloaded as a pipeline artifact, and inline comments (
--inline) remain available.
Customize Review if Needed
- Create a
.gito/config.tomlfile at your repository root to override the default configuration. - You can adjust prompts, filtering, report templates, issue criteria, and more — see the Configuration Cookbook.
Troubleshooting
- No comment on the MR? Open the pipeline, check the
gito-ai-reviewjob logs for errors (missingLLM_API_KEY, insufficientGITLAB_ACCESS_TOKENscope/role, etc). 403/permission errors when posting? EnsureGITLAB_ACCESS_TOKENis a Project Access Token withapiscope and at least the Reporter role, and that the variable is not Protected.- Empty diff / nothing reviewed? Confirm
GIT_DEPTH: 0is set so the full history is available for the diff.
Additional Resources
- More usage documentation: README.md
- Command Line Reference
- For help or bug reports, open an issue
Enjoy fast, LLM-powered merge request reviews and safer merges! 🚀