diff --git a/.semaphore/semaphore.yml b/.semaphore/semaphore.yml
index 00c34cf85..b6c6d0310 100644
--- a/.semaphore/semaphore.yml
+++ b/.semaphore/semaphore.yml
@@ -14,22 +14,6 @@ global_job_config:
       - checkout
       - mkdir artifacts
 blocks:
-  # - name: Test
-  #   dependencies: []
-  #   run:
-  #     # don't run the tests on non-functional changes...
-  #     when: "change_in('/', {exclude: ['.github/']})"
-  #   task:
-  #     jobs:
-  #       - name: Test
-  #         commands:
-  #           - sem-version python 3.9
-  #           - pip install tox
-  #           - tox -e cover
-  #           - mkdir test-output
-  #           - cp test-report.xml test-output
-  #           - test-results publish test-output
-  #           - artifact push workflow coverage.xml
   - name: "Wheels: OSX x64 - Python 3.6-3.12"
     run:
       when: "tag =~ '.*'"
@@ -192,7 +176,7 @@ blocks:
     task:
       agent:
         machine:
-          type: s1-prod-ubuntu20-04-amd64-2
+          type: s1-prod-ubuntu20-04-amd64-3
       env_vars:
         - name: OS_NAME
           value: linux
@@ -217,6 +201,18 @@ blocks:
             - chmod u+r+x tools/source-package-verification.sh
             - export TEST_CONSUMER_GROUP_PROTOCOL=consumer
             - tools/source-package-verification.sh
+        - name: Build, Test, and Report coverage
+          commands:
+            - sem-version python 3.9
+            # use a virtualenv
+            - python3 -m venv _venv && source _venv/bin/activate
+            - chmod u+r+x tools/source-package-verification.sh
+            - export RUN_COVERAGE=true
+            - tools/source-package-verification.sh
+            - mkdir test-output
+            - cp test-report.xml test-output
+            - test-results publish test-output
+            - artifact push workflow coverage.xml
   - name: "Source package verification with Python 3 (Linux arm64)"
     dependencies: []
     task:
@@ -302,15 +298,15 @@ blocks:
             - artifact push project artifacts/confluent-kafka-python-wheels-${SEMAPHORE_GIT_TAG_NAME}-${SEMAPHORE_WORKFLOW_ID}.tgz --destination confluent-kafka-python-wheels-${SEMAPHORE_GIT_TAG_NAME}-${SEMAPHORE_WORKFLOW_ID}.tgz
             - echo Thank you
 
-# after_pipeline:
-#   task:
-#     agent:
-#       machine:
-#         type: s1-prod-ubuntu20-04-amd64-1
-#     jobs:
-#       - name: SonarQube
-#         commands:
-#           - checkout
-#           - sem-version java 11
-#           - artifact pull workflow coverage.xml
-#           - emit-sonarqube-data --run_only_sonar_scan
+after_pipeline:
+  task:
+    agent:
+      machine:
+        type: s1-prod-ubuntu20-04-amd64-1
+    jobs:
+      - name: SonarQube
+        commands:
+          - checkout
+          - sem-version java 11
+          - artifact pull workflow coverage.xml
+          - emit-sonarqube-data --run_only_sonar_scan
diff --git a/tests/README.md b/tests/README.md
index f3d436193..7502d2f6b 100644
--- a/tests/README.md
+++ b/tests/README.md
@@ -122,11 +122,3 @@ Tox can be used to test against various supported Python versions (py27, py36, p
 3. From top-level directory run:
 
     ```$ ./tests/run.sh tox```
-
-
-### Running with test coverage
-From top-level directory:
-```
-pip install tox
-./tests/run.sh tox -e cover
-```
diff --git a/tools/source-package-verification.sh b/tools/source-package-verification.sh
index 30645632e..d0c09ce22 100755
--- a/tools/source-package-verification.sh
+++ b/tools/source-package-verification.sh
@@ -15,6 +15,18 @@ export LDFLAGS="$LDFLAGS -L${PWD}/${lib_dir}"
 export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$PWD/$lib_dir"
 export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:$PWD/$lib_dir"
 
+if [[ $RUN_COVERAGE == true ]]; then
+  echo "Running tests with coverage"
+  # Install source with editable flag (-e) so that SonarQube can parse the coverage report.
+      # Otherwise, the report shows source files located in site-packages, which SonarQube cannot find.
+      # Example: ".tox/cover/lib/python3.11/site-packages/confluent_kafka/__init__.py"
+      #   instead of "src/confluent_kafka/__init__.py"
+  python3 -m pip install -e .
+  python -m pytest --cov confluent_kafka --cov-report term --cov-report html --cov-report xml \
+      --cov-branch --junitxml=test-report.xml tests/ --timeout 1200 --ignore=dest
+  exit 0
+fi
+
 python3 -m pip install .
 
 if [[ $OS_NAME == linux && $ARCH == x64 ]]; then
diff --git a/tox.ini b/tox.ini
index 7b385b286..55c786e54 100644
--- a/tox.ini
+++ b/tox.ini
@@ -2,13 +2,13 @@
 envlist = flake8,py37,py38,py39,py310,py311,py312,py313
 
 [testenv]
-deps =
-    -r requirements/requirements-tests-install.txt
-    .
 passenv =
     #http://tox.readthedocs.io/en/latest/config.html#confval-passenv=SPACE-SEPARATED-GLOBNAMES
     *
 commands =
+    # Install main package and all sub-packages
+    pip install -r requirements/requirements-tests-install.txt
+    pip install .
     # Early verification that module is loadable
     python -c 'import confluent_kafka ; print(confluent_kafka.version())'
     # Run tests (large timeout to allow docker image downloads)
@@ -20,16 +20,6 @@ commands =
 deps = flake8
 commands = flake8
 
-[testenv:cover]
-commands =
-    # Install source with editable flag (-e) so that SonarQube can parse the coverage report.
-    # Otherwise, the report shows source files located in site-packages, which SonarQube cannot find.
-    # Example: ".tox/cover/lib/python3.11/site-packages/confluent_kafka/__init__.py"
-    #   instead of "src/confluent_kafka/__init__.py"
-    pip install -e .
-    pytest {env:PYTESTARGS:} --cov confluent_kafka --cov-report term --cov-report html --cov-report xml \
-        --cov-branch --junitxml=test-report.xml tests/ {posargs}
-
 [pytest]
 python_files = test_*
 testpaths = tests