playbooks
Learn Cursor Rules Windsurf Rules CLAUDE.md AGENTS.md
Rules Builder MCPs Modes
Log in

SonarQube MCP server

Integrates with SonarQube to provide code quality metrics, issue tracking, and quality gate status information for software development projects
Back to servers
Setup instructions
Provider
Marc Tremblay
Release date
Mar 20, 2025
Language
Rust
Stats
99 stars
View Markdown
View on GitHub

The SonarQube MCP Server is a bridge that connects AI assistants to SonarQube's code quality analysis capabilities through the Model Context Protocol. It enables you to access metrics, issues, security hotspots, and more directly from your AI assistant.

Installation

Using NPX (Recommended)

The simplest way to use the SonarQube MCP Server is through npx by adding it to your Claude Desktop configuration:

{
  "mcpServers": {
    "sonarqube": {
      "command": "npx",
      "args": ["-y", "sonarqube-mcp-server@latest"],
      "env": {
        "SONARQUBE_URL": "https://sonarcloud.io",
        "SONARQUBE_TOKEN": "your-sonarqube-token",
        "SONARQUBE_ORGANIZATION": "your-organization-key"
      }
    }
  }
}

Using Docker

For production deployments, Docker provides a more reliable method:

{
  "mcpServers": {
    "sonarqube": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "SONARQUBE_URL",
        "-e",
        "SONARQUBE_TOKEN",
        "-e",
        "SONARQUBE_ORGANIZATION",
        "sapientpants/sonarqube-mcp-server:latest"
      ],
      "env": {
        "SONARQUBE_URL": "https://sonarcloud.io",
        "SONARQUBE_TOKEN": "your-sonarqube-token",
        "SONARQUBE_ORGANIZATION": "your-organization-key"
      }
    }
  }
}

Configuration

Environment Variables

Authentication (choose one method)

Variable Description Required
SONARQUBE_TOKEN Authentication token for API access Yes*
SONARQUBE_USERNAME Username for Basic authentication Yes*
SONARQUBE_PASSWORD Password for Basic authentication Yes*
SONARQUBE_PASSCODE System passcode for authentication Yes*

*One authentication method is required. Token authentication is recommended.

Connection Settings

Variable Description Required Default
SONARQUBE_URL URL of your SonarQube instance No https://sonarcloud.io
SONARQUBE_ORGANIZATION Organization key (required for SonarCloud) No** -
LOG_FILE Path to write log files No -
LOG_LEVEL Minimum log level (DEBUG, INFO, WARN, ERROR) No DEBUG

**Required when using SonarCloud

Authentication Methods

Token Authentication (Recommended)

{
  "env": {
    "SONARQUBE_TOKEN": "your-token-here"
  }
}

Basic Authentication

{
  "env": {
    "SONARQUBE_USERNAME": "your-username",
    "SONARQUBE_PASSWORD": "your-password"
  }
}

System Passcode

{
  "env": {
    "SONARQUBE_PASSCODE": "your-system-passcode"
  }
}

Usage Examples

Basic Project Analysis

"List all my SonarQube projects"
"Show me the code coverage for project xyz"
"What metrics are available for analysis?"

Issue Investigation

"Show me all critical bugs in project abc"
"Find security vulnerabilities in the main branch"
"List all code smells created in the last week"
"Show unresolved issues assigned to john.doe"

Component Navigation

"Find all files containing 'UserService' in their name"
"List all test files in my project"
"Show me the directory structure of src/main"

Issue Management

"Assign issue PROJECT-123 to john.doe"
"Mark issue ABC-789 as false positive with comment: 'Test code only'"
"Add comment to issue XYZ-111: 'Fixed in commit abc123'"

Quality Monitoring

"Check the quality gate status for my main project"
"Show me the code coverage history for the last month"

Security Hotspot Review

"Find all security hotspots that need review in project xyz"
"Show me hotspots in the authentication module"
"Mark hotspot HSP-12345 as safe with explanation"

Troubleshooting

Common Error Messages and Solutions

Authentication Errors

  • "Authentication failed": Check that your SONARQUBE_TOKEN is valid and not expired.
  • "No SonarQube authentication configured": Set one of the authentication methods.

Authorization Errors

  • "Access denied": Ensure your token has the required permissions for the operation.

Resource Not Found Errors

  • "Resource not found": Verify that the project key/component exists and you have access to it.

Network and Connection Errors

  • "Connection refused": Check that the SonarQube server is running and the URL is correct.

Debugging Tips

  1. Enable debug logging:

    export LOG_FILE="/tmp/sonarqube-mcp.log"
export LOG_LEVEL=DEBUG

  2. Test connection with the ping tool:

    # Ask your AI assistant
sonarqube.ping

How to install this MCP server

For Claude Code

To add this MCP server to Claude Code, run this command in your terminal:

claude mcp add-json "sonarqube" '{"command":"npx","args":["-y","sonarqube-mcp-server@latest"],"env":{"SONARQUBE_URL":"https://sonarcloud.io","SONARQUBE_TOKEN":"your-token-here","SONARQUBE_ORGANIZATION":"your-org (for SonarCloud)"}}'

See the official Claude Code MCP documentation for more details.

For Cursor

There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json file so that it is available in all of your projects.

If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json file.

Adding an MCP server to Cursor globally

To add a global MCP server go to Cursor Settings > Tools & Integrations and click "New MCP Server".

When you click that button the ~/.cursor/mcp.json file will be opened and you can add your server like this:

{
    "mcpServers": {
        "sonarqube": {
            "command": "npx",
            "args": [
                "-y",
                "sonarqube-mcp-server@latest"
            ],
            "env": {
                "SONARQUBE_URL": "https://sonarcloud.io",
                "SONARQUBE_TOKEN": "your-token-here",
                "SONARQUBE_ORGANIZATION": "your-org (for SonarCloud)"
            }
        }
    }
}

Adding an MCP server to a project

To add an MCP server to a project you can create a new .cursor/mcp.json file or add it to the existing one. This will look exactly the same as the global MCP server example above.

How to use the MCP server

Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.

The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.

You can also explicitly ask the agent to use the tool by mentioning the tool name and describing what the function does.

For Claude Desktop

To add this MCP server to Claude Desktop:

1. Find your configuration file:

  • macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
  • Windows: %APPDATA%\Claude\claude_desktop_config.json
  • Linux: ~/.config/Claude/claude_desktop_config.json

2. Add this to your configuration file:

{
    "mcpServers": {
        "sonarqube": {
            "command": "npx",
            "args": [
                "-y",
                "sonarqube-mcp-server@latest"
            ],
            "env": {
                "SONARQUBE_URL": "https://sonarcloud.io",
                "SONARQUBE_TOKEN": "your-token-here",
                "SONARQUBE_ORGANIZATION": "your-org (for SonarCloud)"
            }
        }
    }
}

3. Restart Claude Desktop for the changes to take effect

Want to 10x your AI skills?

Get a free account and learn to code + market your apps using AI (with or without vibes!).

Nah, maybe later