-# and finally execute the actual SonarQube analysis
-sonar-scanner -Dsonar.host.url=https://nemo.sonarqube.org -Dsonar.login=7f3a6edf2fc5fcfa22c3fb95ce13597dc4b1fb15
+# and finally execute the actual SonarQube analysis
+# (the SONAR_TOKEN is set from the travis web interface, to not expose it with an ongoing "set -x")
+# See https://docs.travis-ci.com/user/sonarqube/ for more info on tokens
+# don't show the token in the logs
+set +x
+sonar-scanner -Dsonar.host.url=https://sonarqube.com -Dsonar.login=$SONAR_TOKEN \
+ | grep -v 'INFO: Parsing /home/travis/build/simgrid/simgrid/Testing/CoverageInfo' \
+ | grep -v 'WARN: File not analysed by Sonar, so ignoring coverage: /usr/include/'