The SonarQube MCP Server enables AI assistants to interact with SonarQube's code quality analysis capabilities through the Model Context Protocol. This integration allows AI tools like Claude to access code metrics, issues, security hotspots, and more from your SonarQube or SonarCloud instance.
The simplest way to use the SonarQube MCP Server is with Claude Desktop:
{
"mcpServers": {
"sonarqube": {
"command": "npx",
"args": ["-y", "sonarqube-mcp-server@latest"],
"env": {
"SONARQUBE_URL": "https://sonarcloud.io",
"SONARQUBE_TOKEN": "your-token-here",
"SONARQUBE_ORGANIZATION": "your-org (for SonarCloud)"
}
}
}
}
Docker provides a more reliable deployment method for production environments:
{
"mcpServers": {
"sonarqube": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"-e", "SONARQUBE_URL",
"-e", "SONARQUBE_TOKEN",
"-e", "SONARQUBE_ORGANIZATION",
"sapientpants/sonarqube-mcp-server:latest"
],
"env": {
"SONARQUBE_URL": "https://sonarqube.example.com",
"SONARQUBE_TOKEN": "your-sonarqube-token",
"SONARQUBE_ORGANIZATION": "your-organization-key"
}
}
}
}
For web applications using SSE transport:
docker run -d \
--name sonarqube-mcp \
-p 3000:3000 \
-e SONARQUBE_URL="https://sonarqube.example.com" \
-e SONARQUBE_TOKEN="your-token" \
-e SONARQUBE_ORGANIZATION="your-org" \
-e TRANSPORT="sse" \
sapientpants/sonarqube-mcp-server:latest
The server supports three authentication methods:
{
"env": {
"SONARQUBE_TOKEN": "your-token-here"
}
}
{
"env": {
"SONARQUBE_USERNAME": "your-username",
"SONARQUBE_PASSWORD": "your-password"
}
}
{
"env": {
"SONARQUBE_PASSCODE": "your-system-passcode"
}
}
SONARQUBE_URL
: URL of your SonarQube instance (default: https://sonarcloud.io
)SONARQUBE_ORGANIZATION
: Organization key (required for SonarCloud)LOG_FILE
: Path to write log filesLOG_LEVEL
: Minimum log level (DEBUG, INFO, WARN, ERROR)MCP_TRANSPORT
: Transport type (stdio, http)MCP_HTTP_PORT
: Port for HTTP transport (default: 3000)MCP_HTTP_HOST
: Host for HTTP transport (default: localhost)projects
: List all SonarQube projects with pagination supportcomponents
: Search and navigate SonarQube components (projects, directories, files)issues
: Search and filter SonarQube issuesmarkIssueFalsePositive
: Mark an issue as false positivemarkIssueWontFix
: Mark an issue as won't fixmarkIssuesFalsePositive
: Mark multiple issues as false positivemarkIssuesWontFix
: Mark multiple issues as won't fixaddCommentToIssue
: Add a comment to an issueassignIssue
: Assign or unassign an issuemetrics
: Get available metricsmeasures_component
: Get measures for a specific componentmeasures_components
: Get measures for multiple componentsmeasures_history
: Get measures history for a componenthotspots
: Search for security hotspotshotspot
: Get detailed information about a specific hotspotupdate_hotspot_status
: Update the status of a security hotspotquality_gates
: List available quality gatesquality_gate
: Get quality gate conditionsquality_gate_status
: Get project quality gate statussource_code
: View source code with issues highlightedscm_blame
: Get SCM blame informationsystem_health
: Get the health status of the SonarQube instancesystem_status
: Get the status of the SonarQube instancesystem_ping
: Ping the SonarQube instance"List all my SonarQube projects"
"Show me the code coverage for project xyz"
"What metrics are available for analysis?"
"Show me all critical bugs in project abc"
"Find security vulnerabilities in the main branch"
"List all code smells created in the last week"
"Show unresolved issues assigned to john.doe"
"Find all security hotspots that need review in project xyz"
"Show me hotspots in the authentication module"
"Get details for hotspot HSP-12345"
"Assign issue PROJECT-123 to john.doe"
"Mark issue ABC-789 as false positive with comment: 'Test code only'"
"Add comment to issue XYZ-111: 'Fixed in commit abc123'"
SONARQUBE_ORGANIZATION
when using SonarCloudSONARQUBE_URL
and network connectivityEnable debug logging to identify issues:
{
"env": {
"LOG_FILE": "/tmp/sonarqube-mcp.log",
"LOG_LEVEL": "DEBUG"
}
}
To add this MCP server to Claude Code, run this command in your terminal:
claude mcp add-json "sonarqube" '{"command":"npx","args":["-y","sonarqube-mcp-server@latest"],"env":{"SONARQUBE_URL":"https://sonarcloud.io","SONARQUBE_TOKEN":"your-token-here","SONARQUBE_ORGANIZATION":"your-org (for SonarCloud)"}}'
See the official Claude Code MCP documentation for more details.
There are two ways to add an MCP server to Cursor. The most common way is to add the server globally in the ~/.cursor/mcp.json
file so that it is available in all of your projects.
If you only need the server in a single project, you can add it to the project instead by creating or adding it to the .cursor/mcp.json
file.
To add a global MCP server go to Cursor Settings > Tools & Integrations and click "New MCP Server".
When you click that button the ~/.cursor/mcp.json
file will be opened and you can add your server like this:
{
"mcpServers": {
"sonarqube": {
"command": "npx",
"args": [
"-y",
"sonarqube-mcp-server@latest"
],
"env": {
"SONARQUBE_URL": "https://sonarcloud.io",
"SONARQUBE_TOKEN": "your-token-here",
"SONARQUBE_ORGANIZATION": "your-org (for SonarCloud)"
}
}
}
}
To add an MCP server to a project you can create a new .cursor/mcp.json
file or add it to the existing one. This will look exactly the same as the global MCP server example above.
Once the server is installed, you might need to head back to Settings > MCP and click the refresh button.
The Cursor agent will then be able to see the available tools the added MCP server has available and will call them when it needs to.
You can also explicitly ask the agent to use the tool by mentioning the tool name and describing what the function does.
To add this MCP server to Claude Desktop:
1. Find your configuration file:
~/Library/Application Support/Claude/claude_desktop_config.json
%APPDATA%\Claude\claude_desktop_config.json
~/.config/Claude/claude_desktop_config.json
2. Add this to your configuration file:
{
"mcpServers": {
"sonarqube": {
"command": "npx",
"args": [
"-y",
"sonarqube-mcp-server@latest"
],
"env": {
"SONARQUBE_URL": "https://sonarcloud.io",
"SONARQUBE_TOKEN": "your-token-here",
"SONARQUBE_ORGANIZATION": "your-org (for SonarCloud)"
}
}
}
}
3. Restart Claude Desktop for the changes to take effect