Python MCP server for SonarQube — query projects, issues, quality gates, coverage, and hotspots
Project description
sonarqube-mcp-py
A Python MCP server for SonarQube — query projects, issues, quality gates, coverage, and security hotspots directly from any MCP-compatible AI agent.
Inspired by the official SonarQube MCP Server (Java/Kotlin), reimplemented in Python for lightweight deployment without JVM dependency.
Install
uvx sonarqube-mcp-py
# or
pip install sonarqube-mcp-py
Configuration
Set environment variables:
export SONARQUBE_URL=https://your-sonarqube-instance
export SONARQUBE_TOKEN=squ_your_token_here
export SONARQUBE_VERIFY_SSL=false # optional, for self-signed certs
Transport
- stdio (default): for
mcp.jsonintegration with Claude Desktop, Cursor, Kiro CLI, etc. - HTTP: set
MCP_TRANSPORT=streamable-httpand optionallyMCP_PORT=8959
Available Tools
| Tool | Description |
|---|---|
search_sonarqube_projects |
Search for projects |
get_project_quality_gate_status |
Get quality gate status (OK/ERROR) |
get_component_measures |
Get metrics (bugs, coverage, code smells, etc.) |
list_quality_gates |
List all quality gate definitions |
search_sonar_issues |
Search issues by severity and status |
search_security_hotspots |
Find security hotspots to review |
show_security_hotspot |
Get hotspot details |
show_rule |
Get rule description and examples |
search_metrics |
List all available metrics |
list_pull_requests |
List analyzed pull requests |
get_file_coverage_details |
Get per-file coverage data |
search_files_by_coverage |
Find files with lowest coverage |
get_duplications |
Get code duplication details |
MCP Client Configuration
stdio (mcp.json)
{
"sonarqube": {
"command": "sonarqube-mcp-py",
"env": {
"SONARQUBE_URL": "https://your-instance",
"SONARQUBE_TOKEN": "squ_xxx"
}
}
}
HTTP (standalone service)
{
"sonarqube": {
"url": "http://localhost:8959/mcp"
}
}
Start in HTTP mode:
MCP_TRANSPORT=streamable-http MCP_PORT=8959 sonarqube-mcp-py
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sonarqube_mcp_py-0.1.1.tar.gz.
File metadata
- Download URL: sonarqube_mcp_py-0.1.1.tar.gz
- Upload date:
- Size: 101.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f8ef9b744683ea298f6b8e589c1bbced884dd62ee883beb22262137eef557c29
|
|
| MD5 |
7e032800e95c7f5c6469fcec2942b514
|
|
| BLAKE2b-256 |
89bee903fe58018dbc043db547fbc0902ba450ae9c6fa099a10d6bd0afdb0731
|
Provenance
The following attestation bundles were made for sonarqube_mcp_py-0.1.1.tar.gz:
Publisher:
ci.yml on filhocf/sonarqube-mcp-py
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
sonarqube_mcp_py-0.1.1.tar.gz -
Subject digest:
f8ef9b744683ea298f6b8e589c1bbced884dd62ee883beb22262137eef557c29 - Sigstore transparency entry: 1602254997
- Sigstore integration time:
-
Permalink:
filhocf/sonarqube-mcp-py@595cf1e07560ac8889ce30d2740858fd0caabebb -
Branch / Tag:
refs/tags/v0.1.1 - Owner: https://github.com/filhocf
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
ci.yml@595cf1e07560ac8889ce30d2740858fd0caabebb -
Trigger Event:
push
-
Statement type:
File details
Details for the file sonarqube_mcp_py-0.1.1-py3-none-any.whl.
File metadata
- Download URL: sonarqube_mcp_py-0.1.1-py3-none-any.whl
- Upload date:
- Size: 6.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e0e0646f1992f82702c2c6eff7ea30dfd74a3fcc39b7833113c97b8c3c468521
|
|
| MD5 |
8322002c5ab4a21b87257c962abd2cdf
|
|
| BLAKE2b-256 |
8eb3a7e0fd8fe48b546f354cb44d66034b447b58861a18c10d8aba7fc6e7f3ad
|
Provenance
The following attestation bundles were made for sonarqube_mcp_py-0.1.1-py3-none-any.whl:
Publisher:
ci.yml on filhocf/sonarqube-mcp-py
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
sonarqube_mcp_py-0.1.1-py3-none-any.whl -
Subject digest:
e0e0646f1992f82702c2c6eff7ea30dfd74a3fcc39b7833113c97b8c3c468521 - Sigstore transparency entry: 1602255022
- Sigstore integration time:
-
Permalink:
filhocf/sonarqube-mcp-py@595cf1e07560ac8889ce30d2740858fd0caabebb -
Branch / Tag:
refs/tags/v0.1.1 - Owner: https://github.com/filhocf
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
ci.yml@595cf1e07560ac8889ce30d2740858fd0caabebb -
Trigger Event:
push
-
Statement type: