SonarQube MCP Server

The SonarQube MCP Server is a Model Context Protocol (MCP) server that enables seamless integration with SonarQube Server or Cloud for code quality and security. It also supports the analysis of code snippet directly within the agent context.

Quick setup

🔒 Important: Your SonarQube token is a sensitive credential. Follow these security practices:

When using CLI commands:

• Avoid hardcoding tokens in command-line arguments – they get saved in shell history
• Use environment variables – set tokens in environment variables before running commands

When using configuration files:

• Never commit tokens to version control
• Use environment variable substitution in config files when possible

🚀 Generate your configuration

The fastest way to get started is the SonarQube MCP Server Configuration Generator – an interactive tool that produces a ready-to-use configuration for your preferred AI agent client.

Manual setup

If you prefer to configure things yourself, the simplest method is to use our container image hosted at mcp/sonarqube. Read below if you want to build it locally.

Note: While the examples below use docker, any OCI-compatible container runtime works (e.g., Podman, nerdctl). Simply replace docker with your preferred tool.

SonarQube MCP Server is available in the Antigravity MCP Store. Follow these instructions:

1. Open the Agent Side Panel
2. Click the three dots (...) at the top right and select MCP Servers
3. Search for SonarQube and select Install
4. Provide the required SonarQube User token. You can also provide your organization key for SonarQube Cloud or the SonarQube URL if connecting to SonarQube Server.

For SonarQube Cloud US, set the URL to https://sonarqube.us.

Alternatively, you can manually configure the server via mcp_config.json:

• To connect with SonarQube Cloud:

In the Agent Side Panel, click the three dots (...) -> MCP Store -> Manage MCP Servers -> View raw config, and add the following:

{
  "mcpServers": {
    "sonarqube": {
      "command": "docker",
      "args": ["run", "--init", "--pull=always", "-i", "--rm", "-e", "SONARQUBE_TOKEN", "-e", "SONARQUBE_ORG", "mcp/sonarqube"],
      "env": {
        "SONARQUBE_TOKEN": "<YOUR_TOKEN>",
        "SONARQUBE_ORG": "<YOUR_ORG>"
      }
    }
  }
}

For SonarQube Cloud US, manually add "SONARQUBE_URL": "https://sonarqube.us" to the env section and "-e", "SONARQUBE_URL" to the args array.

• To connect with SonarQube Server:

{
  "mcpServers": {
    "sonarqube": {
      "command": "docker",
      "args": ["run", "--init", "--pull=always", "-i", "--rm", "-e", "SONARQUBE_TOKEN", "-e", "SONARQUBE_URL", "mcp/sonarqube"],
      "env": {
        "SONARQUBE_TOKEN": "<YOUR_USER_TOKEN>",
        "SONARQUBE_URL": "<YOUR_SERVER_URL>"
      }
    }
  }
}

• To connect with SonarQube Cloud:

claude mcp add sonarqube \
  --env SONARQUBE_TOKEN=$SONAR_TOKEN \
  --env SONARQUBE_ORG=$SONAR_ORG \
  -- docker run --init --pull=always -i --rm -e SONARQUBE_TOKEN -e SONARQUBE_ORG mcp/sonarqube

For SonarQube Cloud US, add --env SONARQUBE_URL=https://sonarqube.us to the command.

• To connect with SonarQube Server:

claude mcp add sonarqube \
  --env SONARQUBE_TOKEN=$SONAR_USER_TOKEN \
  --env SONARQUBE_URL=$SONAR_URL \
  -- docker run --init --pull=always -i --rm -e SONARQUBE_TOKEN -e SONARQUBE_URL mcp/sonarqube

Manually edit the configuration file at ~/.codex/config.toml and add the following configuration:

• To connect with SonarQube Cloud:

[mcp_servers.sonarqube]
command = "docker"
args = ["run", "--init", "--pull=always", "--rm", "-i", "-e", "SONARQUBE_TOKEN", "-e", "SONARQUBE_ORG", "mcp/sonarqube"]
env = { "SONARQUBE_TOKEN" = "<YOUR_USER_TOKEN>", "SONARQUBE_ORG" = "<YOUR_ORG>" }

For SonarQube Cloud US, add "SONARQUBE_URL" = "https://sonarqube.us" to the env section and "-e", "SONARQUBE_URL" to the args array.

• To connect with SonarQube Server:

[mcp_servers.sonarqube]
command = "docker"
args = ["run", "--init", "--pull=always", "--rm", "-i", "-e", "SONARQUBE_TOKEN", "-e", "SONARQUBE_URL", "mcp/sonarqube"]
env = { "SONARQUBE_TOKEN" = "<YOUR_TOKEN>", "SONARQUBE_URL" = "<YOUR_SERVER_URL>" }

• To connect with SonarQube Cloud:

For SonarQube Cloud US, manually add "SONARQUBE_URL": "https://sonarqube.us" to the env section in your MCP configuration after installation.

• To connect with SonarQube Server:

Note: The Gemini CLI extension has moved to the sonarqube-agent-plugins repository. Please install it from there going forward.

You can install our MCP server extension by using the following command:

gemini extensions install https://github.com/SonarSource/sonarqube-agent-plugins

You will need to set the required environment variables before starting Gemini:

Environment Variables Required:

• For SonarQube Cloud:

  • SONARQUBE_TOKEN - Your SonarQube Cloud token
  • SONARQUBE_ORG - Your organization key
  • SONARQUBE_URL - (Optional) Set to https://sonarqube.us for SonarQube Cloud US

• For SonarQube Server:

  • SONARQUBE_TOKEN - Your SonarQube Server USER token
  • SONARQUBE_URL - Your SonarQube Server URL

Once installed, the extension will be installed under <home>/.gemini/extensions/sonarqube/gemini-extension.json.

After starting Copilot CLI, run the following command to add the SonarQube MCP server:

/mcp add

You will have to provide different information about the MCP server, you can use tab to navigate between fields.

• To connect with SonarQube Cloud:

Server Name: sonarqube
Server Type: Local (Press 1)
Command: docker
Arguments: run, --init, --pull=always, --rm, -i, -e, SONARQUBE_TOKEN, -e, SONARQUBE_ORG, mcp/sonarqube
Environment Variables: SONARQUBE_TOKEN=<YOUR_TOKEN>,SONARQUBE_ORG=<YOUR_ORG>
Tools: *

For SonarQube Cloud US, add -e, SONARQUBE_URL to Arguments and SONARQUBE_URL=https://sonarqube.us to Environment Variables.

• To connect with SonarQube Server:

Server Name: sonarqube
Server Type: Local (Press 1)
Command: docker
Arguments: run, --init, --pull=always, --rm, -i, -e, SONARQUBE_TOKEN, -e, SONARQUBE_URL, mcp/sonarqube
Environment Variables: SONARQUBE_TOKEN=<YOUR_USER_TOKEN>,SONARQUBE_URL=<YOUR_SERVER_URL>
Tools: *

The configuration file is located at ~/.copilot/mcp-config.json.

GitHub Copilot coding agent can leverage the SonarQube MCP server directly in your CI/CD.

To add the secrets to your Copilot environment, follow the Copilot documentation. Only secrets with names prefixed with COPILOT_MCP_ will be available to your MCP configuration.

In your GitHub repository, navigate under Settings -> Copilot -> Coding agent, and add the following configuration in the MCP configuration section:

• To connect with SonarQube Cloud:

{
  "mcpServers": {
    "sonarqube": {
      "type": "local",
      "command": "docker",
      "args": [
        "run",
        "--init",
        "--pull=always",
        "--rm",
        "-i",
        "-e",
        "SONARQUBE_TOKEN=$SONAR_TOKEN",
        "-e",
        "SONARQUBE_ORG=$SONAR_ORG",
        "mcp/sonarqube"
      ],
      "env": {
        "SONAR_TOKEN": "COPILOT_MCP_SONARQUBE_TOKEN",
        "SONAR_ORG": "COPILOT_MCP_SONARQUBE_ORG"
      },
      "tools": ["*"]
    }
  }
}

For SonarQube Cloud US, add "-e", "SONARQUBE_URL=$SONAR_URL" to the args array and "SONAR_URL": "COPILOT_MCP_SONARQUBE_URL" to the env section, then set the secret COPILOT_MCP_SONARQUBE_URL=https://sonarqube.us.

• To connect with SonarQube Server:

{
  "mcpServers": {
    "sonarqube": {
      "type": "local",
      "command": "docker",
      "args": [
        "run",
        "--init",
        "--pull=always",
        "--rm",
        "-i",
        "-e",
        "SONARQUBE_TOKEN=$SONAR_TOKEN",
        "-e",