There are two ways (that I know of) to add these credentials to the Travis configuration without including them as plain text. I take it that you've already generated a token from the sonar cloud interface. For both approaches, you'll need to add this to the .travis.yml file:
addons: sonarcloud: organization: (I think this would be "apache") One option is to create an encrypted version of the token. Documentation is here: https://docs.travis-ci.com/user/environment-variables/#defining-encrypted-variables-in-travisyml For this, there is a ruby gem called `travis`. Once installed ($ gem install travis), you can run $ travis encrypt <the-sonar-token> The output of that command is the secure token, which would go here: addons: sonarcloud: token: secure: <token-goes-here> The second approach involves adjusting the settings in the Travis-CI web interface: https://travis-ci.org/apache/incubator-tamaya/settings Under the "Environment Variables" section, you'd need to add an entry with the Name set to SONAR_TOKEN and the Value set to the value of the token from Sonarcloud. Make sure that "Display value in build log" is set to "false". I tend to like the second option because it means you can rotate tokens without having to adjust the code. Also, as a side note, the `travis encrypt` command makes use of the repository's name to generate the secure token, so after Tamaya graduates and the repository changes from `incubator-tamaya` to just `tamaya`, that secure token (if that's the path you choose) would need to be regenerated. Best, Aaron On Sun, Apr 21, 2019 at 8:19 PM Anatole Tresch <atsti...@gmail.com> wrote: > sounds great! > > P. Ottlinger <pottlin...@apache.org> schrieb am So., 21. Apr. 2019, 23:13: > > > Hi guys, > > > > I'm working on a Sonarcloud-integration of Tamaya > > via TAMAYA-277. > > > > Any new code smells result in red builds. > > > > At the moment only manual uploads are possible as I'm waiting for a hint > > from INFRA on how to configure credentials properly (don't want to put > > them in .travis.yml and am unsure if they are correct in ASF-Jenkins). > > > > Sorry for all the mailspam ;) - > > happy easter, > > > > Phil > > > > >