Ctrlk

GitHub Copilot CLI

Set up the SonarQube MCP Server with GitHub Copilot CLI and start using Sonar tools with your agent.

GitHub Copilot CLI is GitHub's terminal-based AI assistant. Use this MCP server setup when you want Sonar tools available within a Copilot CLI interactive session.

If you prefer using the SonarQube-hosted MCP server instead, see below.

Use the configuration generator

Use the official SonarQube MCP Server configuration generator to get a configuration code snippet for your setup:

  1. Identify the target MCP Client.

  2. Find your #common-variables.

  3. Choose a hosting method.

  4. Enter the information into the configuration generator.

  5. Paste the generated configuration into your configuration file.

Manual setup

Environment variables

The following common variables are required. SONARQUBE_TOKEN applies to stdio transport only. For HTTP, HTTPS, or the embedded SonarQube Cloud MCP server, use the Authorization: Bearer <YourSonarQubeUserToken> header instead.

  • SONARQUBE_TOKEN: Your SonarQube user token (stdio transport).

  • SONARQUBE_ORG: Your SonarQube Cloud organization key. Required for SonarQube Cloud only.

  • SONARQUBE_URL: Your SonarQube Server or Community Build URL. Also required for SonarQube Cloud in the US region (https://sonarqube.us). Not needed for SonarQube Cloud in the EU region.

Important: Your SonarQube token is a sensitive credential. Use environment variables to pass tokens rather than hardcoding them in configuration files. Never commit tokens to version control.

Transport options

The SonarQube MCP Server supports three transport modes. Use Stdio for local development and most use cases, HTTPS for production and team deployments, and HTTP only on trusted internal networks.

Stdio (recommended)

Use Stdio for local development or when you're the only user. It's also the transport mode used in your Agentic Analysis and Context Augmentation workflows.

After starting Copilot CLI, run the following command to add the SonarQube MCP server:

Provide the required information about your MCP server; use Tab to navigate between fields.

Warning: User tokens are required when setting up connected mode or an MCP server between SonarQube Server and SonarQube for IDE. Your binding won't function properly if you use project tokens, global tokens, or scoped organization tokens during setup.

Note: This code sample configures the MCP server using Stdio transport, where SONARQUBE_TOKEN is passed as an environment variable.

For HTTPS, HTTP, or the SonarQube-hosted MCP server, the SONARQUBE_TOKEN header is deprecated. Pass the token using the "Authorization": "Bearer <YourSonarQubeUserToken>" header instead.

Tip: SONARQUBE_URL should be defined as https://sonarqube.us each time you use a SonarQube Cloud configuration (SONARQUBE_TOKEN + SONARQUBE_ORG) and want to connect to a US-region instance. See the Connecting to SonarQube Cloud in the US region section for details.

GitHub Copilot CLI with SonarQube Cloud

GitHub Copilot CLI with SonarQube Server

The configuration file is located at ~/.copilot/mcp-config.json.

Tip: To verify the connection, ask your AI agent to call the SonarQube MCP ping_system tool. For example: "Ping the SonarQube MCP server."

Tip: Restart your AI agent for good measure, although it might not be required.

HTTPS

Use HTTPS when connecting GitHub Copilot CLI to a shared MCP server deployed for a team. This requires an HTTPS transport server to be running and accessible.

After starting Copilot CLI, run /mcp add and select the remote server type, then enter your server URL and token when prompted.

Alternatively, add the following directly to your ~/.copilot/mcp-config.json file:

Tip: To verify the connection, ask your AI agent to call the SonarQube MCP ping_system tool. For example: "Ping the SonarQube MCP server."

Tip: Restart your AI agent for good measure, although it might not be required.

HTTP

Important: The HTTP transport mode is not recommended. Use Stdio for local development or HTTPS for multi-user production deployments.

Use HTTP only on a trusted internal network or for local testing. This requires an HTTP transport server to be running.

Add the following to your ~/.copilot/mcp-config.json file:

Tip: To verify the connection, ask your AI agent to call the SonarQube MCP ping_system tool. For example: "Ping the SonarQube MCP server."

Tip: Restart your AI agent for good measure, although it might not be required.

Agentic analysis and context augmentation

To set up Agentic Analysis and Context Augmentation, the recommended methods are the SonarQube plugin or SonarQube CLI. See the Make your agent verify its code and Add context to generate better code pages.

When using these services, your SONARQUBE_TOKEN lets your local MCP server configured for Stdio mode authenticate to the SonarQube Cloud API. See the Agentic Analysis and Context Augmentation pages for more information.

SonarQube-hosted MCP server

To avoid running and maintaining your own MCP infrastructure while always using the current server version, connect to a SonarQube-hosted MCP server:

  • SonarQube Cloud-hosted: the MCP server embedded in SonarQube Cloud. It exposes a smaller, fixed subset of tools. See the SonarQube Cloud-hosted page.

  • SonarQube Server-hosted: the MCP server installed as an extension on SonarQube Server (Developer, Enterprise, and Data Center editions), available on SonarQube Server 2026.3 and later. See the SonarQube Server-hosted page.

Use Sonar tools from GitHub Copilot CLI

Once connected, GitHub Copilot CLI can call SonarQube MCP tools on your behalf. See the tools page for the full list of available tools.

PreviousVS Code with GitHub CopilotNextGitHub Copilot cloud agent

Last updated

Was this helpful?