KodeKloud Notes

In this lesson, Alice and her team address GitHub Actions’ artifact retention limits by implementing a long-term storage solution. By adding a dedicated workflow that collects test and coverage reports and syncs them to an Amazon S3 bucket, they ensure indefinite access to CI artifacts.

Background

Our existing CI pipeline uses two primary jobs:

Job Name	Artifact Name	Description
unit-test	test-reports	Runs unit tests and exports JUnit XML
code-coverage	coverage-report	Generates coverage data (`lcov`)

GitHub Actions Limits

Artifacts are retained for up to 90 days and can be no larger than 5 GB each. Syncing reports to S3 immediately after CI avoids expiration and size caps.

Solution Overview

Extend (or create) a workflow that triggers when the primary CI run completes.
Download the test-reports and coverage-report artifacts.
Use an S3 sync action to upload all reports to your S3 bucket.

Workflow Configuration

Add a new file at .github/workflows/report-storage.yml:

name: Store Reports to S3

on:
  workflow_run:
    workflows: ["CI"]
    types: [completed]

jobs:
  upload-reports:
    name: Upload Test & Coverage Reports
    runs-on: ubuntu-latest

    steps:
      - name: Checkout Repository
        uses: actions/checkout@v3

      - name: Download Test Reports
        uses: actions/download-artifact@v3
        with:
          name: test-reports
          path: reports/tests

      - name: Download Coverage Reports
        uses: actions/download-artifact@v3
        with:
          name: coverage-report
          path: reports/coverage

      - name: Sync Reports to S3
        uses: jakejarvis/[email protected]
        with:
          args: --acl private --delete
        env:
          AWS_S3_BUCKET: ${{ secrets.S3_BUCKET }}
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_REGION: us-east-1
          SOURCE_DIR: reports/

Repository Secrets Required

Make sure you’ve defined the following secrets under Settings > Secrets and variables > Actions:

S3_BUCKET
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY

How `workflow_run` Works

The workflow_run trigger ensures the upload job only runs after the CI workflow has completed successfully.

Next Steps

Commit and push report-storage.yml to your repository.
Confirm that unit-test and code-coverage jobs publish artifacts named test-reports and coverage-report.
Trigger your CI workflow and verify the reports/ directory appears in your S3 bucket.

With this setup, Alice’s team will maintain reliable, long-term access to both test results and coverage metrics.

Links and References

Watch Video

Watch video content