Environment variables

This page presents all of the necessary SonarQube MCP Server environment values needed for your configuration.

Depending on which Sonar product you want the MCP Server to connect to and the server type you want to deploy, you will need to provide different environment variables. The variables are broken into found main categories, dependent on your environment's needs.

Common variables

Common variables are required for all configuration typologies and must be defined before starting the server. To enable full functionality irregardless of your Transport mode, use these variables to initialize and authenticate your SonarQube MCP Server:

Environment variable
Description

SONARQUBE_TOKEN

Your SonarQube Cloud token (see Managing Personal Access Tokens) or your SonarQube Server token (see Managing your tokens)

SONARQUBE_ORG

For SonarQube Cloud only.

Your SonarQube Cloud organization key

SONARQUBE_URL

For SonarQube Server or SonarQube Community Build only.

Your SonarQube Server base URL.

User tokens are required when setting up connected mode or an MCP Server between SonarQube Server and SonarQube for IDE. Note that binding will not function properly if SonarQube Server project tokens or global tokens are used during the setup process.

Base variables

Base variables are used when building and running the MCP server locally. The server needs to know how to identify the client and where the local storage location can be found. These variables are required, or not, depending on your configuration, or if for example, you are running Docker:

Environment variable
Description

STORAGE_PATH

An absolute path to a writable directory where SonarQube MCP Server will store its files (e.g., for creation, updates, and persistence). This path is automatically provided when using Docker.

SONARQUBE_IDE_PORT

Optional port number between 64120 and 64130 used to connect SonarQube MCP Server with SonarQube for IDE. See Environment variables for details.

HTTP variables

HTTP variables are used when multiple clients are connecting to a shared MCP server. Each client provides its own user token.

Environment variable
Description
Default

SONARQUBE_TRANSPORT

Set to http to enable HTTP transport

not defined (stdio)

SONARQUBE_HTTP_HOST

Host to bind. Use 127.0.0.1 for localhost. Use 0.0.0.0 for Docker.

8080

SONARQUBE_HTTP_PORT

Port number for HTTP server: 1024-65535.

127.0.0.1

If needed, information about HTTP and HTTPS Proxy settings is available on the Configure your SonarQube MCP server page.

HTTPS variables

HTTPS variables are the same as HTTP variables but with TLS encryption. HTTPS variables require an SSL certificate however, redefining the keystore parameter default values is optional.

Environment variable
Description
Default

SONARQUBE_TRANSPORT

Set to http to enable HTTP transport

not defined (stdio)

SONARQUBE_HTTP_HOST

Host to bind. Use 127.0.0.1 for localhost. Use 0.0.0.0 for Docker.

127.0.0.1

SONARQUBE_HTTP_PORT

Typically port 8443 for HTTPS.

8080

If needed, information about HTTP and HTTPS Proxy settings is available on the Configure your SonarQube MCP server page.

SSL certificate

Environment variable
Description
Default

SONARQUBE_HTTPS_KEYSTORE_PASSWORD

Keystore password. Redefining the default value is optional.

sonarlint

SONARQUBE_HTTPS_KEYSTORE_PATH

Path to keystore file (.p12 or .jks). Redefining the default value is optional.

/etc/ssl/mcp/keystore.p12

SONARQUBE_HTTPS_KEYSTORE_TYPE

Keystore type (PKCS12 or JKS). Redefining the default value is optional.

PKCS12

See also the Custom certificates article for information about supported formats and using Docker and custom configurations of your certificate.

Tool enablement

By default, all tools are enabled. You can selectively enable specific toolsets to reduce context overhead and focus on specific functionality.

Environment variable
Description

SONARQUBE_TOOLSETS

Comma-separated list of toolsets to enable. See the list of Available toolsets below.

  • When set, only the defined toolsets will be available.

  • If not set, all tools are enabled.

Note: The projects toolset is always enabled because it's required to find project keys for other operations.

SONARQUBE_READ_ONLY

When set to true, enables read-only mode which disables all write operations; for example, changing issue status. This filter is cumulative with SONARQUBE_TOOLSETS if both are defined. Default: false.

Available toolsets
Toolset
Key
Description

Analysis

analysis

Code analysis tools (analyze code snippets and files)

Issues

issues

Search and manage SonarQube issues

Projects

projects

Browse and search SonarQube projects

Quality Gates

quality-gates

Access quality gates and their status

Rules

rules

Browse and search SonarQube rules

Sources

sources

Access source code and SCM information

Measures

measures

Retrieve metrics and measures (includes both measures and metrics tools)

Languages

languages

List supported programming languages

Portfolios

portfolios

Manage portfolios and enterprises (SonarQube Cloud and Server)

System

system

System administration tools (SonarQube Server only)

Webhooks

webhooks

Manage webhooks

Dependency Risks

dependency-risks

Analyze dependency risks and security issues (SCA)

Toolset examples

Enable analysis, issues, and quality gates toolsets (using Docker with SonarQube Cloud):

docker run -i --name sonarqube-mcp-server --rm \
  -e SONARQUBE_TOKEN="<YourSonarQubeToken>" \
  -e SONARQUBE_ORG="<YourOrganizationName>" \
  -e SONARQUBE_TOOLSETS="analysis,issues,quality-gates" \
  mcp/sonarqube

  • Note: The projects toolset is always enabled automatically, so you don't need to include it in SONARQUBE_TOOLSETS.

Enable read-only mode (using Docker with SonarQube Cloud):

docker run -i --name sonarqube-mcp-server --rm \
  -e SONARQUBE_TOKEN="<YourSonarQubeToken>" \
  -e SONARQUBE_ORG="<YourOrganizationName>" \
  -e SONARQUBE_READ_ONLY="true" \
  mcp/sonarqube

PreviousBuild your SonarQube MCP ServerNextConfigure your SonarQube MCP server

Last updated

Was this helpful?