Loading...
Provides tools to interact with SonarQube via FastMCP, enabling programmatic access to metrics, project management, and issue retrieval for analysis and reporting.
Boost this tool
Subscribe to listing upgrades or segmented pushes.
Provides tools to interact with SonarQube via FastMCP, enabling programmatic access to metrics, project management, and issue retrieval for analysis and reporting.
This server provides both read and write access to SonarQube data. While the use of API tokens and privilege separation improves security, the project deletion tool and potential for information disclosure require careful management and monitoring. It's safe to use for read-only operations and project creation with proper access controls, but risky when deleting projects or handling sensitive data without adequate precautions.
Performance depends on the size of the SonarQube project and the number of components being analyzed. Retrieving large component trees can be slow.
Cost is primarily related to SonarQube API usage. Consider rate limits and optimize queries to minimize API calls.
pip install fastmcp{
"mcpServers": {
"fastmcp-sonarqube-metrics": {
"command": "uv",
"args": [
"--directory",
"/ABSOLUTE/PATH/TO/PARENT/FOLDER/fastmcp-sonarqube-metrics",
"run",
"server.py"
]
}
}
}AZURE_OPENAI_API_KEYAZURE_OPENAI_ENDPOINTget_statusPerforms a health check on the configured SonarQube instance.
Read-only operation, no side effects.
create_sonarqube_projectCreates a new SonarQube project.
Requires administrator privileges, but creates a new resource.
delete_sonarqube_projectDeletes a SonarQube project.
Destructive operation, irreversible data loss.
list_projectsLists all accessible SonarQube projects, optionally filtered by name or key.
Read-only operation, no side effects.
get_sonarqube_metricsRetrieves specified metrics for a given SonarQube project key.
Read-only operation, no side effects.
get_sonarqube_metrics_historyRetrieves historical metrics for a given SonarQube project.
Read-only operation, no side effects.
get_sonarqube_component_tree_metricsRetrieves metric values for all components in a project.
Read-only operation, no side effects.
get_project_issuesFetch SonarQube issues for a given project, optionally filtered by type, severity, and resolution status.
Read-only operation, no side effects.
API Key
hybrid
This server provides both read and write access to SonarQube data. While the use of API tokens and privilege separation improves security, the project deletion tool and potential for information disclosure require careful management and monitoring. It's safe to use for read-only operations and project creation with proper access controls, but risky when deleting projects or handling sensitive data without adequate precautions.
Autonomy should be carefully configured, especially when using tools that modify or delete SonarQube projects. Consider limiting access to destructive tools.
Production Tip
Monitor the server logs for any errors or unexpected behavior, and implement robust error handling in client applications.
The API token requires permissions to access project metrics, component trees, and issues. Administrator privileges are required for creating and deleting projects.
Set the `SONARQUBE_URL` and `SONARQUBE_TOKEN` environment variables in the `.env` file.
Yes, you can filter by issue type, severity, and resolution status.
The tool returns up to a specified limit, defaulting to 10 issues.
The tool automatically handles pagination to retrieve all results, but performance may be slow for very large projects.
Use with extreme caution, as it permanently deletes the project and its associated data. Ensure you have proper backups before using this tool.
The server supports stdio and SSE transport types. Configure the `TRANSPORT` environment variable to select the desired transport.