Comment by andix
1 day ago
I was once involved in a purchase for SonarQube for a bigger company (around 50-200 developers using it). It was just a horrible experience. My task was just to evaluate the software in a smaller team, get some evaluation licenses and write a report what our experience was.
It was a crazy ride, I got a sales person assigned, and this person kept asking me questions I couldn't answer. I kept telling them what my job was, and if my report would be positive they might be able to sell 50-200 developer licenses. But they kept pushing me to answer business questions I couldn't answer. It's not my job to know that stuff, and I wasn't allowed to share information about company internals to a third party.
In the end our team never completed that report, and I just put this sales person into all my block lists. Never heard from them again ;)
I was never really sure if they were scared we would abuse an evaluation license, but it was a reputable company (nothing shady at all, no US sanctions, nothing). Even if they had no idea about the market we were in, just reading the Wikipedia article about the company would've shown them, that this is someone they would probably like to be in business with.
Sonar cloud is free of cost for open source projects. Perhaps it would be better to use that as an evaluation tool? If you tried it, what did you find lacking about it?
Disclaimer: I am not employed by or affiliated with sonar qube.
We needed to test the integration into the company CI pipeline. One of the requirements was to fully run it in a private cloud environment, maybe even without internet access (this was required for some projects for security reasons).
PS: but that's not the point. We needed an evaluation license, but the sales person just kept bugging us with questions. Like how our environments were set up, what products we want to integrate it with, how our teams are build, how much team growth was planned, and so on.
A lot of internal things that you don't want to share, especially if you are not part of the purchasing department. They probably have some guidelines what they are willing to share and what not. Even when putting aside the security risks by sharing internal information, it could also hurt the purchasing departments negotiation strategies, if the sales person already knows more than they shared with them.
PPS: We didn't want to have SonarQube at all, we didn't like the reports at all, mostly false positives in our case to work through (but I can see that some teams could benefit from it). The requirement came from some check boxes to be ticked for an audit.
It depends on the evaluation needed. Maybe they wanted to verify that SonarQube would be able to handle their code structure, but they also had requirements that it has to work locally only and they couldn’t send proprietary code to a SaaS. You can’t evaluate that using SonarCloud, but a couple days with an evaluation license are exactly what you need.
I had a similar buying experience recently, where a SaaS had a cloud option and a local option, which varied slightly. The cloud option kind of told us what we needed to know, but a trial license of the local option let us actually verify that it would work with our use case.