SonarQube MCP
Use SonarQube/SonarCloud MCP tools to check code quality, find issues, and analyze code before pushing.
Quick Actions
Check Quality Gate
code
get_project_quality_gate_status projectKey: "org_project" pullRequest: "123" # or branch: "feature-branch"
- •
status: "OK"= passes - •
status: "ERROR"= fails - •Check
conditionsarray for specific metrics
Find Issues
code
search_sonar_issues_in_projects projects: ["org_project"] pullRequestId: "123" severities: ["BLOCKER", "CRITICAL"] # optional filter
Analyze Code Before Push
code
analyze_code_snippet code: "your code here" language: "typescript" # or go, python, java, etc.
This runs analysis WITHOUT triggering CI - great for catching issues early.
Understand a Rule
code
show_rule key: "typescript:S1082" # or go:S3776, etc.
Mark False Positive
code
change_sonar_issue_status key: "issue-key-from-search" status: ["falsepositive"] # or ["accept"], ["reopen"]
Tool Reference
See TOOLS.md for complete tool documentation.
Severity Levels
| Level | Meaning |
|---|---|
| BLOCKER | Must fix immediately |
| CRITICAL | High impact |
| MAJOR | Significant problems |
| MINOR | Code smells |
| INFO | Informational |
Common Metrics
| Key | Description |
|---|---|
coverage | Test coverage % |
duplicated_lines_density | Duplication % |
reliability_rating | Bug rating (A-E) |
security_rating | Vulnerability rating |
sqale_rating | Maintainability rating |
ncloc | Lines of code |
complexity | Cyclomatic complexity |
Tips
- •Pre-commit check: Use
analyze_code_snippetbefore pushing - •PR status: Always check
get_project_quality_gate_statuswithpullRequestparam - •Understand failures: Use
show_ruleto learn why code was flagged - •Triage efficiently: Filter by
severities: ["BLOCKER", "CRITICAL"]first