diff --git a/vars/runNodeInstall.groovy b/vars/runNodeInstall.groovy
new file mode 100644
index 0000000..93d0f19
--- /dev/null
+++ b/vars/runNodeInstall.groovy
@@ -0,0 +1,13 @@
+/**
+ * Runs npm install inside current container.
+ * Must be called inside container('node') block.
+ *
+ * config keys (all optional):
+ *   workDir - directory to run in, default: '.'
+ */
+def call(Map config = [:]) {
+    def workDir = config.workDir ?: '.'
+    dir(workDir) {
+        sh 'npm install'
+    }
+}
diff --git a/vars/runNodeTest.groovy b/vars/runNodeTest.groovy
index 6cc8133..79505f8 100644
--- a/vars/runNodeTest.groovy
+++ b/vars/runNodeTest.groovy
@@ -1,5 +1,5 @@
 /**
- * Runs npm install + npm test inside current container.
+ * Runs npm test inside current container. Expects npm install already done.
  * Must be called inside container('node') block.
  *
  * config keys (all optional):
@@ -11,7 +11,6 @@ def call(Map config = [:]) {
     def testCmd = config.testCmd ?: 'test'
 
     dir(workDir) {
-        sh 'npm install'
         sh "npm ${testCmd}"
     }
 }
diff --git a/vars/scanCodeQuality.groovy b/vars/scanCodeQuality.groovy
index 7e21eec..eef94ab 100644
--- a/vars/scanCodeQuality.groovy
+++ b/vars/scanCodeQuality.groovy
@@ -8,7 +8,8 @@
  *   sonarUrl   (optional) - SonarQube server URL, default: http://sonarqube-sonarqube.sonarqube.svc.cluster.local:9000
  *   credId     (optional) - Jenkins secret-text credential id, default: sonarqube-token
  *   sources    (optional) - sources to scan, default: .
- *   exclusions (optional) - comma-separated paths to exclude
+ *   exclusions  (optional) - comma-separated paths to exclude
+ *   lcovReport  (optional) - path to lcov.info for coverage, default: coverage/lcov.info
  */
 def call(Map config) {
     def projectKey = config.projectKey
@@ -18,6 +19,7 @@ def call(Map config) {
     def credId     = config.credId     ?: 'sonarqube-token'
     def sources    = config.sources    ?: '.'
     def exclusions = config.exclusions ?: ''
+    def lcovReport = config.lcovReport ?: 'coverage/lcov.info'
 
     def exclusionsArg = exclusions ? "-Dsonar.exclusions=${exclusions}" : ''
 
@@ -28,6 +30,7 @@ def call(Map config) {
               -Dsonar.sources=${sources} \
               -Dsonar.host.url=${sonarUrl} \
               -Dsonar.token=\${SONAR_TOKEN} \
+              -Dsonar.javascript.lcov.reportPaths=${lcovReport} \
               ${exclusionsArg}
         """
     }