Deferred only analyzer loading

Author: nquinquenel

src/main/java/org/sonarsource/sonarqube/mcp/SonarQubeMcpServer.java

@@ -44,6 +44,7 @@
 import org.sonarsource.sonarqube.mcp.serverapi.ServerApi;
 import org.sonarsource.sonarqube.mcp.serverapi.ServerApiHelper;
 import org.sonarsource.sonarqube.mcp.serverapi.ServerApiProvider;
+import org.sonarsource.sonarqube.mcp.serverapi.features.Feature;
 import org.sonarsource.sonarqube.mcp.slcore.BackendService;
 import org.sonarsource.sonarqube.mcp.tools.Tool;
 import org.sonarsource.sonarqube.mcp.tools.ToolExecutor;
@@ -129,7 +130,9 @@ public SonarQubeMcpServer(Map<String, String> environment) {
       this.transportProvider = new StdioServerTransportProvider(new ObjectMapper());
     }
 
-    initializeBasicServices();
+    sonarQubeVersionChecker.failIfSonarQubeServerVersionIsNotSupported();
+
+    initializeBasicServicesAndTools();
   }
 
   public void start() {
@@ -138,7 +141,6 @@ public void start() {
       httpServerManager.startServer().join();
     }
 
-    // Build and start MCP server immediately with NO tools, they will be added dynamically once background initialization completes
     Function<Object, McpSyncServer> serverBuilder = provider -> {
       var builder = switch (provider) {
         case McpServerTransportProvider p -> McpServer.sync(p);
@@ -151,7 +153,7 @@ public void start() {
           "Analyze code, monitor project health, investigate issues, and understand quality gates. " +
           "Note: Tools are being loaded in the background and will be available shortly.")
         .capabilities(McpSchema.ServerCapabilities.builder().tools(true).logging().build())
-        // Start with no tools - they will be added dynamically after initialization
+        .tools(filterForEnabledTools(supportedTools).stream().map(this::toSpec).toArray(McpServerFeatures.SyncToolSpecification[]::new))
         .build();
     };
 
@@ -168,10 +170,9 @@ public void start() {
   }
 
   /**
-   * Quick initialization - only creates basic services needed for configuration validation.
-   * Heavy operations (version check, plugin download, backend init) are deferred to background.
+   * Quick operations only - heavy operations (plugin download, backend init) are deferred to background.
    */
-  private void initializeBasicServices() {
+  private void initializeBasicServicesAndTools() {
     this.backendService = new BackendService(mcpConfiguration);
     this.httpClientProvider = new HttpClientProvider(mcpConfiguration.getUserAgent());
     this.toolExecutor = new ToolExecutor(backendService, initializationFuture);
@@ -181,9 +182,11 @@ private void initializeBasicServices() {
     if (mcpConfiguration.isHttpEnabled()) {
       var initServerApi = createServerApiWithToken(mcpConfiguration.getSonarQubeToken());
       this.sonarQubeVersionChecker = new SonarQubeVersionChecker(initServerApi);
+      loadBackendIndependentTools(initServerApi);
     } else {
       this.serverApi = initializeServerApi(mcpConfiguration);
       this.sonarQubeVersionChecker = new SonarQubeVersionChecker(serverApi);
+      loadBackendIndependentTools(serverApi);
     }
   }
 
@@ -192,10 +195,6 @@ private void initializeBasicServices() {
    */
   private void initializeBackgroundServices() {
     try {
-      sonarQubeVersionChecker.failIfSonarQubeServerVersionIsNotSupported();
-
-      loadBackendIndependentTools();
-
       PluginsSynchronizer pluginsSynchronizer;
       if (mcpConfiguration.isHttpEnabled()) {
         var initServerApi = createServerApiWithToken(mcpConfiguration.getSonarQubeToken());
@@ -229,20 +228,19 @@ private void initializeBackgroundServices() {
    * These can be loaded BEFORE plugin synchronization (which is slow).
    * This makes most tools available to users within seconds instead of minutes.
    */
-  private void loadBackendIndependentTools() {
-    var independentTools = new ArrayList<Tool>();
+  private void loadBackendIndependentTools(ServerApi serverApi) {
     if (mcpConfiguration.isSonarCloud()) {
-      independentTools.add(new ListEnterprisesTool(this));
+      supportedTools.add(new ListEnterprisesTool(this));
     } else {
-      independentTools.addAll(List.of(
+      supportedTools.addAll(List.of(
         new SystemHealthTool(this),
         new SystemInfoTool(this),
         new SystemLogsTool(this),
         new SystemPingTool(this),
         new SystemStatusTool(this)));
     }
 
-    independentTools.addAll(List.of(
+    supportedTools.addAll(List.of(
       new ChangeIssueStatusTool(this),
       new SearchMyProjectsTool(this),
       new SearchIssuesTool(this),
@@ -259,7 +257,11 @@ private void loadBackendIndependentTools() {
       new ListWebhooksTool(this),
       new ListPortfoliosTool(this, mcpConfiguration.isSonarCloud())));
 
-    registerAndNotifyBatch(independentTools);
+    var scaSupportedOnSQC = serverApi.isSonarQubeCloud() && serverApi.scaApi().isScaEnabled();
+    var scaSupportedOnSQS = !serverApi.isSonarQubeCloud() && serverApi.featuresApi().listFeatures().contains(Feature.SCA);
+    if (scaSupportedOnSQC || scaSupportedOnSQS) {
+      supportedTools.add(new SearchDependencyRisksTool(this, sonarQubeVersionChecker));
+    }
   }
 
   /**
@@ -284,22 +286,24 @@ private void loadBackendDependentTools() {
       LOG.info("Standard analysis mode (no IDE bridge)");
       dependentTools.add(new AnalysisTool(backendService, this));
     }
-    dependentTools.add(new SearchDependencyRisksTool(this, sonarQubeVersionChecker));
 
     registerAndNotifyBatch(dependentTools);
     var filterReason = mcpConfiguration.isReadOnlyMode() ? "category and read-only filtering" : "category filtering";
     LOG.info("All tools loaded: " + this.supportedTools.size() + " tools after " + filterReason);
   }
 
+  private List<Tool> filterForEnabledTools(List<Tool> toolsToFilter) {
+    return toolsToFilter.stream()
+      .filter(tool -> mcpConfiguration.isToolCategoryEnabled(tool.getCategory()))
+      .filter(tool -> !mcpConfiguration.isReadOnlyMode() || tool.definition().annotations().readOnlyHint())
+      .toList();
+  }
+
   /**
    * Registers a batch of tools after filtering based on configuration.
-   * Tools are filtered by category and read-only mode before being registered.
    */
   private void registerAndNotifyBatch(List<Tool> tools) {
-    var filteredTools = tools.stream()
-      .filter(tool -> mcpConfiguration.isToolCategoryEnabled(tool.getCategory()))
-      .filter(tool -> !mcpConfiguration.isReadOnlyMode() || tool.definition().annotations().readOnlyHint())
-      .toList();
+    var filteredTools = filterForEnabledTools(tools);
 
     this.supportedTools.addAll(filteredTools);
 
@@ -438,7 +442,7 @@ public SonarQubeMcpServer(McpServerTransportProviderBase transportProvider, @Nul
     this.mcpConfiguration = new McpServerLaunchConfiguration(environment);
     this.transportProvider = transportProvider;
     this.httpServerManager = httpServerManager;
-    initializeBasicServices();
+    initializeBasicServicesAndTools();
   }
 
   // Package-private getters for testing

src/test/java/org/sonarsource/sonarqube/mcp/tools/dependencyrisks/SearchDependencyRisksToolTests.java

@@ -29,7 +29,6 @@
 
 import static com.github.tomakehurst.wiremock.client.WireMock.aResponse;
 import static com.github.tomakehurst.wiremock.client.WireMock.get;
-import static com.github.tomakehurst.wiremock.client.WireMock.okJson;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.sonarsource.sonarqube.mcp.harness.SonarQubeMcpTestClient.assertResultEquals;
 import static org.sonarsource.sonarqube.mcp.harness.SonarQubeMcpTestClient.assertSchemaEquals;
@@ -161,7 +160,7 @@ void it_should_validate_output_schema_and_annotations(SonarQubeMcpServerTestHarn
   class WithSonarCloudServer {
 
     @SonarQubeMcpServerTest
-    void it_should_find_tool_even_if_sca_is_disabled(SonarQubeMcpServerTestHarness harness) {
+    void it_should_not_find_tool_if_sca_is_disabled(SonarQubeMcpServerTestHarness harness) {
       harness.getMockSonarQubeServer().stubFor(get(ScaApi.FEATURE_ENABLED_PATH + "?organization=org").willReturn(aResponse().withResponseBody(
         Body.fromJsonBytes("""
           {
@@ -173,26 +172,11 @@ void it_should_find_tool_even_if_sca_is_disabled(SonarQubeMcpServerTestHarness h
         "SONARQUBE_ORG", "org"));
 
       assertThat(mcpClient.listTools())
+        .isNotEmpty()
         .extracting(McpSchema.Tool::name)
-        .contains(SearchDependencyRisksTool.TOOL_NAME);
+        .doesNotContain(SearchDependencyRisksTool.TOOL_NAME);
     }
 
-    @SonarQubeMcpServerTest
-    void it_should_return_an_error_if_the_sca_feature_is_disabled(SonarQubeMcpServerTestHarness harness) {
-      harness.getMockSonarQubeServer().stubFor(get(ScaApi.FEATURE_ENABLED_PATH + "?organization=org").willReturn(aResponse().withResponseBody(
-        Body.fromJsonBytes("""
-          {
-            "enabled": false
-          }
-          """.getBytes(StandardCharsets.UTF_8)))));
-      var mcpClient = harness.newClient(Map.of(
-        "SONARQUBE_CLOUD_URL", harness.getMockSonarQubeServer().baseUrl(),
-        "SONARQUBE_ORG", "org"));
-
-      var result = mcpClient.callTool(SearchDependencyRisksTool.TOOL_NAME, Map.of(SearchDependencyRisksTool.PROJECT_KEY_PROPERTY, "my-project"));
-
-      assertThat(result).isEqualTo(new McpSchema.CallToolResult("Search Dependency Risks tool is not available in your SonarQube Cloud organization because Advanced Security is not enabled.", true));
-    }
   }
 
   @Nested
@@ -208,18 +192,6 @@ void it_should_return_an_error_if_the_request_fails_due_to_token_permission(Sona
       assertThat(result).isEqualTo(new McpSchema.CallToolResult("An error occurred during the tool execution: SonarQube answered with Forbidden. Please verify your token has the required permissions for this operation.", true));
     }
 
-    @SonarQubeMcpServerTest
-    void it_should_return_an_error_if_the_sca_feature_is_disabled(SonarQubeMcpServerTestHarness harness) {
-      harness.getMockSonarQubeServer().stubFor(get(FeaturesApi.FEATURES_LIST_PATH).willReturn(okJson("""
-          [""]
-          """)));
-      var mcpClient = harness.newClient();
-
-      var result = mcpClient.callTool(SearchDependencyRisksTool.TOOL_NAME, Map.of(SearchDependencyRisksTool.PROJECT_KEY_PROPERTY, "my-project"));
-
-      assertThat(result).isEqualTo(new McpSchema.CallToolResult("Search Dependency Risks tool is not available for SonarQube Server because Advanced Security is not enabled.", true));
-    }
-
     @SonarQubeMcpServerTest
     void it_should_return_an_error_if_project_key_is_missing(SonarQubeMcpServerTestHarness harness) {
       var mcpClient = harness.newClient();
@@ -239,7 +211,7 @@ void it_should_not_find_tool_if_version_not_sufficient(SonarQubeMcpServerTestHar
     }
 
     @SonarQubeMcpServerTest
-    void it_should_find_tool_even_if_sca_is_disabled(SonarQubeMcpServerTestHarness harness) {
+    void it_should_not_find_tool_if_sca_is_disabled(SonarQubeMcpServerTestHarness harness) {
       harness.getMockSonarQubeServer().stubFor(get(FeaturesApi.FEATURES_LIST_PATH).willReturn(aResponse().withResponseBody(
         Body.fromJsonBytes("""
           ["prioritized-rules","from-sonarqube-update","multiple-alm"]
@@ -248,8 +220,9 @@ void it_should_find_tool_even_if_sca_is_disabled(SonarQubeMcpServerTestHarness h
       var mcpClient = harness.newClient();
 
       assertThat(mcpClient.listTools())
+        .isNotEmpty()
         .extracting(McpSchema.Tool::name)
-        .contains(SearchDependencyRisksTool.TOOL_NAME);
+        .doesNotContain(SearchDependencyRisksTool.TOOL_NAME);
     }
 
     @SonarQubeMcpServerTest