SonarQube MCP server

The SonarQube MCP Server integrates with SonarQube to provide AI assistants with access to code quality metrics, issues, and analysis results through the Model Context Protocol. This server enables AI assistants to retrieve code metrics, access and filter issues, check quality status, and analyze project quality over time.

Installation

There are two primary ways to set up the SonarQube MCP server:

Using Docker

{
  "mcpServers": {
    "sonarqube": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "SONARQUBE_URL",
        "-e",
        "SONARQUBE_TOKEN",
        "-e",
        "SONARQUBE_ORGANIZATION",
        "sapientpants/sonarqube-mcp-server"
      ],
      "env": {
        "SONARQUBE_URL": "https://sonarqube.example.com",
        "SONARQUBE_TOKEN": "your-sonarqube-token",
        "SONARQUBE_ORGANIZATION": "your-organization-key (optional)"
      }
    }
  }
}

Using NPX

{
  "mcpServers": {
    "sonarqube": {
      "command": "npx",
      "args": [
        "-y",
        "[email protected]"
      ],
      "env": {
        "SONARQUBE_URL": "https://sonarqube.example.com",
        "SONARQUBE_TOKEN": "your-sonarqube-token",
        "SONARQUBE_ORGANIZATION": "your-organization-key (optional)"
      }
    }
  }
}

Configuration

Environment Variables

These environment variables control the server's connection to SonarQube:

• SONARQUBE_URL - URL of your SonarQube instance (default: https://next.sonarqube.com/sonarqube)
• SONARQUBE_TOKEN - Authentication token for SonarQube API access
• SONARQUBE_ORGANIZATION - (Optional) Organization key for SonarQube Cloud

Using with Claude Desktop

1. Edit your Claude Desktop configuration:

   • Open Claude Desktop
   • Navigate to Settings -> Developer -> Edit Config
   • Add one of the configurations shown above to the mcpServers section

2. Restart Claude Desktop to apply the changes

Available Tools

The SonarQube MCP Server provides two main tools:

Projects Tool

Lists all SonarQube projects with pagination support.

Parameters:

• organization (optional) - Organization key for SonarQube Cloud
• page (optional) - Page number for results pagination
• page_size (optional) - Number of items per page

Issues Tool

Gets detailed issue information from SonarQube projects with extensive filtering options.

Required Parameters:

• project_key - The unique identifier for the SonarQube project

Optional Parameters:

• severity - Filter issues by severity (INFO, MINOR, MAJOR, CRITICAL, BLOCKER)
• organization - Organization key for SonarQube Cloud
• page - Page number for results pagination
• page_size - Number of items per page
• statuses - Filter issues by status (array of: OPEN, CONFIRMED, REOPENED, RESOLVED, CLOSED, TO_REVIEW, IN_REVIEW, REVIEWED)
• resolutions - Filter issues by resolution (array of: FALSE-POSITIVE, WONTFIX, FIXED, REMOVED)
• resolved - Whether to return only resolved issues (true) or unresolved issues (false)
• types - Filter issues by type (array of: CODE_SMELL, BUG, VULNERABILITY, SECURITY_HOTSPOT)
• rules - Array of rule keys to filter issues
• tags - Array of tags to filter issues
• created_after - Return issues created after the given date (format: YYYY-MM-DD)
• created_before - Return issues created before the given date (format: YYYY-MM-DD)
• created_at - Return issues created on the given date
• created_in_last - Return issues created during a time span before the current time (e.g., "1d" for issues created in the last day)
• assignees - Array of assignee login names to filter issues
• authors - Array of author login names to filter issues
• cwe - Array of CWE identifiers to filter vulnerability issues
• languages - Array of languages to filter issues
• owasp_top10 - Array of OWASP Top 10 categories to filter issues
• sans_top25 - Array of SANS Top 25 categories to filter issues
• sonarsource_security - Array of SonarSource security categories to filter issues
• on_component_only - Return only issues at the specified component level (true) or issues from the component's subtree (false)
• facets - Array of facets to return along with the issues
• since_leak_period - Return only issues created since the leak period
• in_new_code_period - Return only issues created in the new code period

How to add this MCP server to Cursor

There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.

If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.

Adding an MCP server to Cursor globally

To add a global MCP server go to Cursor Settings > MCP and click "Add new global MCP server".

When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:

{
    "mcpServers": {
        "cursor-rules-mcp": {
            "command": "npx",
            "args": [
                "-y",
                "cursor-rules-mcp"
            ]
        }
    }
}

Adding an MCP server to a project

To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.

How to use the MCP server

Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.

The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.

You can also explictly ask the agent to use the tool by mentioning the tool name and describing what the function does.