In a typical multi-tier test setup, we run different test suites across several GitHub Actions jobs, each of which produces a coverage report. For example, we might start with unit tests running locally on the GitHub Actions runner and subsequently move on to integration tests running against a test deployment.
Our goal is to monitor and analyze the total test coverage on SonarCloud. The most straightforward solution would be to submit each coverage report individually once it has been generated. But SonarCloud treats each push as an independent report. So we need to send all coverage reports in one go.
Thanks to GitHub Action's artifacts it's not the most difficult thing to set up. But as always, there are some subtleties we have to get right. So here's a complete example.
The example below uses Python with pytest
and pytest-cov
to generate the coverage reports, as described in detail in my previous post on Python test coverage reporting in GitHub monorepos. But the pattern applies to other languages just the same.
Note that we'll use version 4 of GitHub Action's artifacts which uses an entirely new setup under the hood and is not backwards compatible. (With the deprecated previous version 3 it was possible to upload to the same artifact multiple times. This meant you could rename the coverage.xml
files to coverage-unit.xml
and coverage-integration.xml
and push to a single coverage
artifact, which over time accumulated all coverage reports.)
Collecting coverage reports as artifacts
We use GitHub's actions/upload-artifact
action to upload the coverage report generated from our test suite.
Here's what the relevant bits of the complete test workflow look like:
# ...
unit-test:
# ...
steps:
- name: Run unit tests
run: |
pytest -m "unit" --cov=. --cov-report=xml tests/
- name: Store coverage report
uses: actions/upload-artifact@v4
with:
name: coverage-unit
path: coverage.xml
# ...
integration-test:
# ...
steps:
- name: Run integration tests
run: |
pytest -m "integration" --cov=. --cov-report=xml tests/
- name: Store coverage report
uses: actions/upload-artifact@v4
with:
name: coverage-integration
path: coverage.xml
# ...
Combining and uploading the coverage reports
Once all our tests are completed, we can retrieve all artifacts using GitHub's actions/download-artifact
action:
report-coverage:
# ...
depends-on: [unit-test, integration-test]
steps:
- name: Download coverage reports
uses: actions/download-artifact@v4
This will download all artifacts, storing each in a directory with the name of the artifact, i.e.,
coverage-unit/
├─ coverage.xml
coverage-integration/
├─ coverage.xml
Hence, the sonar.*.coverage.reportPaths
parameter in the sonarcloud-project.properties
file has to look as follows:
...
sonar.tests=tests
sonar.python.coverage.reportPaths=coverage-unit/coverage.xml,coverage-integration/coverage.xml
Then we can push to SonarCloud using the official sonarsource/sonarcloud-github-action
action:
report-coverage:
# ...
- name: Download coverage reports
uses: actions/download-artifact@v4
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
If you need this in several workflows or repositories, you can create a reusable workflow or a composite action.