PHP test coverage
SonarCloud supports the reporting of test coverage information as part of the analysis of your PHP project.
However, SonarCloud does not produce the coverage report itself. Instead, you must set up a third-party tool to produce the report as part of your build process. You then need to configure your analysis to tell the SonarScanner where the report is located so that it can pick it up and send it to SonarCloud, where it will be displayed on your project dashboard along with the other analysis metrics.
For PHP projects, we recommend PHPUnit for testing and coverage reporting.
Usually, when you import a new PHP project, automatic analysis starts immediately. But, since coverage is not yet supported under automatic analysis, you will need to use CI-based analysis instead. This requires disabling automatic analysis. Here are the steps you need to follow:
If you have not yet imported your PHP project, just add an empty file called
sonar-project.properties to the root of your repository, and then perform the import. SonarCloud will assume that you want to set up a CI-based analysis and display the onboarding tutorial.
If you have already imported your project, then SonarCloud has already run at least once using automatic analysis. Don’t worry, you can still convert your project to use a CI-based approach. Simply go to Administration > Analysis Method and switch SonarCloud Automatic Analysis to OFF. Then, on the same screen, under Supported analysis methods find your preferred CI and select Follow the tutorial.
At this point, you should be in the onboarding tutorial specific to your CI. Follow the tutorial and when it asks, What option best describes your build?, choose Other (for JS, TS, Go, Python, PHP, ...). When you are done with the tutorial, you should have a functioning CI-based analysis setup for your PHP project. The next step is to adjust it to get coverage working.
To enable coverage you need to:
- Adjust your build process so that the coverage tool runs before the scanner report generation step runs.
- Make sure that the coverage tool writes its report file to a defined path in the build environment.
- Configure the scanning step of your build so that the scanner picks up the report file from that defined path.
The details of setting up coverage within your build process depend on which tools you are using. In our example below we use:
- Composer, as a package manager
- PHPUnit with Xdebug, to execute the tests, and
- GitHub Actions to perform the build.
Simply add the following to your
The resulting file should look something like this:
First you install all your project dependencies using Composer as a package manager and then invoke PHPUnit with XDebug to run your tests and generate a coverage report file.
The essential requirements are that the tool produces its report in the clover.xml format and writes it to a place from which the scanner can then pick it up.
The next step is to add
sonar.php.coverage.reportPaths to your analysis parameters. This parameter must be set to the path of the report file on GitHub Actions produced by your coverage tool. In this example, that path is set to the default produced by GitHub Actions. It is set in the
sonar-project.properties file, located in the project root:
Wildcards and a comma-delimited list of paths are supported. See Test Coverage Parameters for details.
This property is usually set in the
sonar-project.properties file, located in the project root. Alternatively, you can also set it in the command line of the scanner invocation or in the SonarCloud interface under:
Your Organization > Your Project > Administration > General Settings > Languages > PHP > PHP Unit > Coverage Reports