Sign inSign up

mcp/sonarqube

Verified Publisher

By mcp

Updated 7 days ago

Interact with SonarQube Cloud, Server and Community build over the web API. Analyze code to ident...

Image
Machine learning & AI
18

50K+

View on MCP:Hub
OverviewTags

mcp/sonarqube repository overview

SonarQube MCP Server

Interact with SonarQube Cloud, Server and Community build over the web API. Analyze code to identify quality and security issues.

What is an MCP Server?

MCP Info

AttributeDetails
Docker Imagemcp/sonarqube
AuthorSonarSource
Repositoryhttps://github.com/SonarSource/sonarqube-mcp-server

Image Building Info

AttributeDetails
Dockerfilehttps://github.com/SonarSource/sonarqube-mcp-server/blob/6624a7c047c45d6710b1ad28d069ae7ef2451020/Dockerfile
Commit6624a7c047c45d6710b1ad28d069ae7ef2451020
Docker Image built byDocker Inc.
Docker Scout Health ScoreDocker Scout Health Score
Verify SignatureCOSIGN_REPOSITORY=mcp/signatures cosign verify mcp/sonarqube --key https://raw.githubusercontent.com/docker/keyring/refs/heads/main/public/mcp/latest.pub
LicenceOther

Available Tools (25)

Tools provided by this ServerShort Description
analyze_code_snippetAnalyze a file or code snippet with SonarQube analyzers to identify code quality and security issues
analyze_file_listAnalyze files in the current working directory using SonarQube for IDE
toggle_automatic_analysisEnable or disable SonarQube for IDE automatic analysis
search_sonar_issues_in_projectsSearch for SonarQube issues in my organization's projects
change_sonar_issue_statusChange the status of a SonarQube issue
search_my_sonarqube_projectsFind SonarQube projects.
list_quality_gatesList all quality gates in my SonarQube
get_project_quality_gate_statusGet the quality gate status for a project
show_ruleShows detailed information about a SonarQube rule
list_rule_repositoriesList rule repositories available in SonarQube
list_languagesList all programming languages supported in this SonarQube instance
get_component_measuresGet SonarQube measures for a project, such as ncloc, complexity, violations, coverage, etc
search_metricsSearch for SonarQube metrics
get_raw_sourceGet source code as raw text from SonarQube.
get_scm_infoGet SCM information of SonarQube source files.
get_system_healthGet the health status of SonarQube Server instance.
get_system_statusGet state information about SonarQube Server.
get_system_logsGet SonarQube Server system logs in plain-text format.
ping_systemPing the SonarQube Server system to check if it's alive.
get_system_infoGet detailed information about SonarQube Server system configuration including JVM state, database, search indexes, and settings.
create_webhookCreate a new webhook for the SonarQube organization or project.
list_webhooksList all webhooks for the SonarQube organization or project.
list_portfoliosList portfolios available in SonarQube with filtering and pagination options
list_enterprisesList the enterprises available in SonarQube Cloud that you have access to
search_dependency_risksSearch for software composition analysis issues (dependency risks) of a SonarQube project

Tools Details

Tool: analyze_code_snippet

Analyze a file or code snippet with SonarQube analyzers to identify code quality and security issues

ParametersTypeDescription
languagestringLanguage of the code snippet
code_snippetstringCode snippet to analyze
Tool: analyze_file_list

Analyze files in the current working directory using SonarQube for IDE

ParametersTypeDescription
file_absolute_pathsarrayList of absolute file paths to analyze
Tool: toggle_automatic_analysis

Enable or disable SonarQube for IDE automatic analysis

ParametersTypeDescription
enabledbooleanEnable or disable the automatic analysis
Tool: search_sonar_issues_in_projects

Search for SonarQube issues in my organization's projects

ParametersTypeDescription
projectsarrayAn optional list of Sonar projects to look in
pullRequestIdstringThe identifier of the Pull Request to look in
severitiesstringAn optional list of severities to filter by, separated by a comma. Possible values: INFO, LOW, MEDIUM, HIGH, BLOCKER
pagenumberAn optional page number. Defaults to 1
pageSizenumberAn optional page size. Must be greater than 0 and less than or equal to 500. Defaults to 100
Tool: change_sonar_issue_status

Change the status of a SonarQube issue

ParametersTypeDescription
issue_keystringKey of the issue to modify
transitionstringTransition to apply to the issue
Tool: search_my_sonarqube_projects

Find SonarQube projects. The response is paginated

ParametersTypeDescription
pagestringAn optional page number. Defaults to 1
Tool: list_quality_gates

List all quality gates in my SonarQube

Tool: get_project_quality_gate_status

Get the quality gate status for a project

ParametersTypeDescription
analysisIdstringThe optional analysis ID to get the status for
branchstringThe optional branch key to get the status for
projectIdstringThe optional project ID
projectKeystringThe optional project key to get the status for
pullRequeststringThe optional pull request ID to get the status for
Tool: show_rule

Shows detailed information about a SonarQube rule

ParametersTypeDescription
keystringRule key
Tool: list_rule_repositories

List rule repositories available in SonarQube

ParametersTypeDescription
languagestringOptional language key to filter repositories
qstringOptional search query to filter repositories by name or key
Tool: list_languages

List all programming languages supported in this SonarQube instance

ParametersTypeDescription
qstringOptional pattern to match language keys/names against
Tool: get_component_measures

Get SonarQube measures for a project, such as ncloc, complexity, violations, coverage, etc

ParametersTypeDescription
projectKeystringThe project key
branchstringThe branch to analyze for measures
metricKeysarrayThe metric keys to retrieve
pullRequeststringThe pull request identifier to analyze for measures
Tool: search_metrics

Search for SonarQube metrics

ParametersTypeDescription
pagenumber1-based page number (default: 1)
pageSizenumberPage size. Must be greater than 0 and less than or equal to 500 (default: 100)
Tool: get_raw_source

Get source code as raw text from SonarQube. Require 'See Source Code' permission on file

ParametersTypeDescription
keystringFile key
branchstringBranch key
pullRequeststringPull request id
Tool: get_scm_info

Get SCM information of SonarQube source files. Require See Source Code permission on file's project

ParametersTypeDescription
keystringFile key
commitsByLinebooleanGroup lines by SCM commit if value is false, else display commits for each line
fromnumberFirst line to return. Starts at 1
tonumberLast line to return (inclusive)
Tool: get_system_health

Get the health status of SonarQube Server instance. Returns GREEN, YELLOW, or RED

Tool: get_system_status

Get state information about SonarQube Server. Returns status, version, and id

Tool: get_system_logs

Get SonarQube Server system logs in plain-text format. Requires system administration permission

ParametersTypeDescription
namestringName of the logs to get. Possible values: access, app, ce, deprecation, es, web. Default: app
Tool: ping_system

Ping the SonarQube Server system to check if it's alive. Returns 'pong' as plain text

Tool: get_system_info

Get detailed information about SonarQube Server system configuration including JVM state, database, search indexes, and settings. Requires 'Administer' permissions

Tool: create_webhook

Create a new webhook for the SonarQube organization or project. Requires 'Administer' permission

ParametersTypeDescription
namestringName of the webhook
urlstringServer endpoint that will receive the webhook payload
projectstringThe key of the project that will own the webhook
secretstringIf provided, secret will be used as the key to generate the HMAC hex digest value
Tool: list_webhooks

List all webhooks for the SonarQube organization or project. Requires 'Administer' permission

ParametersTypeDescription
projectstringOptional project key to list project-specific webhooks
Tool: list_portfolios

List portfolios available in SonarQube with filtering and pagination options

ParametersTypeDescription
enterpriseIdstringEnterprise uuid (SonarQube Cloud only)
qstringSearch query to filter portfolios by name
favoritebooleanIf true, only returns favorite portfolios
draftbooleanIf true, only returns drafts created by the logged-in user (SonarQube Cloud only)
pageIndexnumberIndex of the page to fetch (default: 1)
pageSizenumberSize of the page to fetch
Tool: list_enterprises

List the enterprises available in SonarQube Cloud that you have access to

ParametersTypeDescription
enterpriseKeystringOptional enterprise key to filter results
Tool: search_dependency_risks

Search for software composition analysis issues (dependency risks) of a SonarQube project

ParametersTypeDescription
projectKeystringProject key
branchKeystringThe branch key
pullRequestKeystringThe pull request key

Use this MCP Server

{
  "mcpServers": {
    "sonarqube": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "SONARQUBE_URL",
        "-e",
        "SONARQUBE_ORG",
        "-e",
        "SONARQUBE_TOKEN",
        "mcp/sonarqube"
      ],
      "env": {
        "SONARQUBE_URL": "https://my-sonarqube.com",
        "SONARQUBE_ORG": "my-org",
        "SONARQUBE_TOKEN": "YOUR_SONARQUBE_USER_TOKEN"
      }
    }
  }
}

Why is it safer to run MCP Servers with Docker?

Install from MCP:Hub

SonarQube

SonarQube

View and Install from MCP:Hub

Tag summary

Content type

Image

Digest

sha256:d87e90cd2…

Size

111.9 MB

Last updated

7 days ago

Run in Docker Desktop

Requires Docker Desktop 4.37.1 or later.

This week's pulls

Pulls:

5,064

Last week

Learn more