community-sonarcloud-mcp-server

langtind/community-sonarcloud-mcp-server

3.1

If you are the rightful owner of community-sonarcloud-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.

The SonarCloud MCP Server is a TypeScript-based server that facilitates AI tools' access to SonarCloud data, providing a lightweight alternative to Docker-based solutions.

Tools
12
Resources
0
Prompts
0

SonarCloud MCP Server

npm version npm downloads GitHub issues

A TypeScript-based Model Context Protocol (MCP) server that provides AI assistants with seamless access to SonarCloud data. Query code quality metrics, issues, pull requests, and project information directly from your AI tools.

Why This Server?

  • No Docker Required: Unlike SonarSource's official Docker-based MCP server, this is a lightweight TypeScript solution
  • AI-Optimized: Returns JSON data structured for optimal AI consumption and analysis
  • Comprehensive API Coverage: 12 tools covering all major SonarCloud endpoints
  • Flexible Authentication: Multiple auth methods including environment variables, CLI args, and config files
  • Claude Code Integration: Perfect for use with Anthropic's Claude Code and other MCP-compatible AI tools

Installation

npm install -g community-sonarcloud-mcp-server

Or run directly with npx:

npx community-sonarcloud-mcp-server

Configuration

Method 1: Environment Variables

export SONARCLOUD_TOKEN="your_token_here"
export SONARCLOUD_ORGANIZATION="your_org_here"
export SONARCLOUD_URL="https://sonarcloud.io"  # Optional, defaults to sonarcloud.io

Method 2: Command Line Arguments

npx community-sonarcloud-mcp-server --token "your_token" --org "your_org" --url "https://sonarcloud.io"

Method 3: Config File

Create a config file and use:

npx community-sonarcloud-mcp-server --config ./sonarcloud-config.json

Config file format:

{
  "token": "your_sonarcloud_token",
  "organization": "your_organization_key", 
  "url": "https://sonarcloud.io"
}

Method 4: Interactive Prompts

If token/organization is missing and running interactively, the server will prompt for them.

Priority order: CLI args > Environment vars > Config file > Prompts

Available Tools

This server provides 12 comprehensive tools for SonarCloud integration:

Core Project & Issue Management

  • list_projects - List all projects in your organization
  • search_issues - Search and filter issues by project, severity, type, status
  • get_pull_requests - List pull requests for a specific project
  • change_issue_status - Mark issues as confirmed, false positive, won't fix, or reopen

Code Quality & Metrics

  • get_measures - Get detailed metrics (coverage, bugs, vulnerabilities, code smells, technical debt)
  • search_metrics - Discover available metrics and their descriptions
  • get_quality_gate_status - Check if projects pass quality gates
  • list_quality_gates - List all available quality gate configurations

Rules & Analysis

  • show_rule - Get detailed information about specific coding rules
  • list_rule_repositories - Browse rule repositories by language
  • list_languages - See all supported programming languages

Source Code

  • get_raw_source - Retrieve raw source code for any file in your projects

Each tool returns structured JSON data optimized for AI analysis and decision-making.

Quick Setup

VS Code

Install for VS Code

Claude Code

For Anthropic's Claude Code CLI tool, use this one-liner:

claude mcp add-json sonarcloud '{
  "command": "npx", 
  "args": ["community-sonarcloud-mcp-server"],
  "env": {
    "SONARCLOUD_TOKEN": "your-token-here",
    "SONARCLOUD_ORGANIZATION": "your-org-key"
  }
}' -s local

Verify the connection with:

claude mcp list

Manual Configuration

Add this server to your MCP configuration file (.mcp.json for Claude Code):

Option 1: Environment Variables (Recommended)

{
  "mcpServers": {
    "community-sonarcloud-mcp": {
      "command": "npx",
      "args": ["community-sonarcloud-mcp-server"],
      "env": {
        "SONARCLOUD_TOKEN": "your_token_here",
        "SONARCLOUD_ORGANIZATION": "your_org_here"
      }
    }
  }
}

Option 2: Direct Installation

npm install -g community-sonarcloud-mcp-server

Then reference the global installation:

{
  "mcpServers": {
    "community-sonarcloud-mcp": {
      "command": "sonarcloud-mcp",
      "env": {
        "SONARCLOUD_TOKEN": "your_token_here",
        "SONARCLOUD_ORGANIZATION": "your_org_here"
      }
    }
  }
}

Getting Your SonarCloud Token

  1. Go to SonarCloud Security Settings
  2. Click Generate Tokens
  3. Give your token a name (e.g., "Claude Code MCP")
  4. Set token permissions:
    • Browse: Required for viewing projects and issues
    • Execute Analysis: Optional (only needed for CI/CD integration)
  5. Generate the token and copy it immediately (you won't see it again)
  6. Add the token to your configuration

Finding Your Organization Key

Your organization key is found in the URL when viewing your SonarCloud organization:

  • URL format: https://sonarcloud.io/organizations/{your-org-key}
  • Example: For URL https://sonarcloud.io/organizations/my-company, the key is my-company

⚠️ Security Note: Never commit your SonarCloud token to version control. Store it securely as an environment variable.

Troubleshooting

"SONARCLOUD_TOKEN is required" error

  • Ensure your token is properly set in environment variables or config
  • Check that the token hasn't been revoked or expired in SonarCloud
  • Verify the token has the correct permissions (Browse is minimum required)

"Failed to connect" in Claude Code

  • Verify the organization name matches exactly (case-sensitive)
  • Check that your organization key is correct (found in SonarCloud URL)
  • Ensure the token has access to the specified organization
  • Try running the server directly: SONARCLOUD_TOKEN="your_token" SONARCLOUD_ORGANIZATION="your_org" npx community-sonarcloud-mcp-server

"No projects found" or empty responses

  • Verify your token has Browse permissions for the organization
  • Check that projects exist in the specified organization
  • Ensure your user account has access to the organization's projects

MCP Server not starting

  • Check that Node.js version is compatible (14+)
  • Verify npm/npx is working correctly
  • Try installing globally first: npm install -g community-sonarcloud-mcp-server

Usage Examples

Once configured, you can ask your AI assistant questions like:

  • "What projects do I have in SonarCloud?"
  • "Show me all bugs in my main project"
  • "What's the test coverage for my latest pull request?"
  • "List all critical security vulnerabilities"
  • "Show me the quality gate status for project X"
  • "What coding rules are failing in this project?"

The server will automatically query SonarCloud and return structured data for analysis.

Development

git clone https://github.com/langtind/community-sonarcloud-mcp-server.git
cd community-sonarcloud-mcp-server
npm install
npm run dev

Building

npm run build
npm start

Testing

# Test the server directly
SONARCLOUD_TOKEN="your_token" SONARCLOUD_ORGANIZATION="your_org" npm start

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Add tests if applicable
  5. Submit a pull request

License

MIT License - see file for details.

Related Projects