# GitHub Copilot coding agent The [GitHub Copilot coding agent](https://docs.github.com/en/copilot/concepts/agents/about-copilot-coding-agent) is an autonomous AI agent that operates inside your GitHub repository and CI/CD environment. Use this setup when you want Sonar tools available to the coding agent during pull request workflows and automated tasks. ## Set up MCP for the GitHub Copilot coding agent ### Environment variables The coding agent uses GitHub repository secrets to supply environment variables to the MCP server. Only secrets with names prefixed with `COPILOT_MCP_` are available to your MCP configuration. To add secrets to your Copilot environment, follow the GitHub [documentation on setting up a Copilot environment for the coding agent](https://docs.github.com/en/copilot/how-tos/use-copilot-agents/coding-agent/extend-coding-agent-with-mcp#setting-up-a-copilot-environment-for-copilot-coding-agent). The following [#common-variables](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/environment-variables#common-variables "mention") are required, stored as `COPILOT_MCP_`-prefixed secrets: * `SONARQUBE_TOKEN`: Your SonarQube user token (stdio transport). * `SONARQUBE_ORG`: Your SonarQube Cloud organization key. Required for SonarQube Cloud only. * `SONARQUBE_URL`: Your SonarQube Server or Community Build URL. Also required for SonarQube Cloud in the US region (`https://sonarqube.us`). Not needed for SonarQube Cloud in the EU region. ### Transport options The SonarQube MCP Server supports three transport modes. Use [#stdio](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#stdio "mention") for local development and most use cases, [#https](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#https "mention") for production and team deployments, and [#http](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#http "mention") only on trusted internal networks. #### Stdio (recommended) Use [#stdio](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#stdio "mention") when the coding agent needs to spin up its own MCP server process within the CI/CD environment. It is also the transport used by [Agentic Analysis and Context Augmentation](#agentic-analysis-and-context-augmentation). In your GitHub repository, navigate to **Settings** > **Code & automation** > **Copilot** > **Coding agent** and add the following configuration in the MCP configuration section: {% hint style="warning" %} *User tokens* are required when setting up connected mode or an MCP Server between SonarQube (Server, Cloud) and SonarQube for IDE. Note that the binding will not function properly if *project tokens*, *global tokens*, or *scoped organization tokens* are used during the setup process. {% endhint %} {% hint style="info" %} This code sample configures the MCP server using [#stdio](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#stdio "mention") transport, where `SONARQUBE_TOKEN` is passed as an environment variable. For [#http](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#http "mention"), [#https](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#https "mention"), or the [#mcp-server-in-sonarqube-cloud](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#mcp-server-in-sonarqube-cloud "mention"), the `SONARQUBE_TOKEN` header is deprecated. Pass the token using the `"Authorization": "Bearer "` header instead. {% endhint %} **GitHub Copilot coding agent with SonarQube Cloud** ```json { "mcpServers": { "sonarqube": { "type": "local", "command": "docker", "args": [ "run", "--init", "--pull=always", "--rm", "-i", "-e", "SONARQUBE_TOKEN=$SONAR_TOKEN", "-e", "SONARQUBE_ORG=$SONAR_ORG", "mcp/sonarqube" ], "env": { "SONAR_TOKEN": "COPILOT_MCP_SONARQUBE_TOKEN", "SONAR_ORG": "COPILOT_MCP_SONARQUBE_ORG", //"SONAR_URL": "COPILOT_MCP_SONARQUBE_URL" }, "tools": ["*"] } } } ``` {% hint style="success" %} To connect to a SonarQube Cloud organization in the US region, add `https://sonarqube.us` as a [secret in your Copilot coding agent environment](https://docs.github.com/en/copilot/how-tos/use-copilot-agents/coding-agent/extend-coding-agent-with-mcp#setting-up-a-copilot-environment-for-copilot-coding-agent), and uncomment the `"SONAR_URL"` variable in the code sample above. See the [#common-variables](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/environment-variables#common-variables "mention") article which explains when to use these variables. {% endhint %} **GitHub Copilot coding agent with SonarQube Server** ```json { "mcpServers": { "sonarqube": { "type": "local", "command": "docker", "args": [ "run", "--init", "--pull=always", "--rm", "-i", "-e", "SONARQUBE_TOKEN=$SONAR_TOKEN", "-e", "SONARQUBE_URL=$SONAR_URL", "mcp/sonarqube" ], "env": { "SONAR_TOKEN": "COPILOT_MCP_SONARQUBE_TOKEN", "SONAR_URL": "COPILOT_MCP_SONARQUBE_URL" }, "tools": ["*"] } } } ``` #### HTTPS Use HTTPS when connecting the coding agent to a shared MCP server deployed for a team. This requires an [HTTPS transport server](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#https) to be running and accessible. In your GitHub repository, navigate to **Settings** > **Code & automation** > **Copilot** > **Coding agent** and add the following configuration in the MCP configuration section: ```json { "mcpServers": { "sonarqube": { "url": "https://:8443/mcp", "headers": { "Authorization": "Bearer COPILOT_MCP_SONARQUBE_TOKEN" }, "tools": ["*"] } } } ``` #### HTTP {% hint style="danger" %} The HTTP [#transport-mode](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#transport-mode "mention") is not recommended. Use [#stdio](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#stdio "mention") for local development or [#https](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#https "mention") for multi-user production deployments. {% endhint %} Use HTTP only on a trusted internal network or for local testing. This requires an [HTTP transport server](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#http) to be running. In your GitHub repository, navigate to **Settings** > **Code & automation** > **Copilot** > **Coding agent** and add the following configuration in the MCP configuration section: ```json { "mcpServers": { "sonarqube": { "url": "http://:8080/mcp", "headers": { "Authorization": "Bearer COPILOT_MCP_SONARQUBE_TOKEN" }, "tools": ["*"] } } } ``` ## Agentic Analysis and Context Augmentation When using SonarQube Cloud's Agentic Analysis and Context Augmentation services, your `SONARQUBE_TOKEN` will allow your local MCP server configured for [#stdio](https://docs.sonarsource.com/sonarqube-mcp-server/build-and-configure/configure#stdio "mention") mode to authenticate to the SonarQube Cloud API. See the SonarQube Cloud pages [Agentic Analysis](https://app.gitbook.com/s/B4UT2GNiZKjtxFtcFAL7/analyzing-source-code/agentic-analysis "mention") and [Context Augmentation](https://app.gitbook.com/s/B4UT2GNiZKjtxFtcFAL7/analyzing-source-code/context-augmentation "mention") to get the correct configuration details. ## Use Sonar tools from the coding agent Once connected, the GitHub Copilot coding agent can call SonarQube MCP tools during its automated workflows. See the [tools](https://docs.sonarsource.com/sonarqube-mcp-server/using/tools "mention") page for the full list of available tools. {% hint style="info" %} Concrete workflow examples for this agent will be added after engineering review. {% endhint %}