Assuming you are using a Network Security group the rules are.processed in priority order to allow/block traffic. The first matching rule is the one applied. That means if you setup an allow rule for Gitlab with higher priority than the one blocking all outbound web traffic, than only Gitlab requests will go through.
As far as Gitlab IP addresses, it depends on what part of the service you are using. They have that information published in their documentation: https://docs.gitlab.com/ee/user/gitlab_com/#ip-range.