Gemini Code Assist

Connect your Google Cloud project to Software.com to analyze Gemini Code Assist adoption, usage, and its impact on your development workflow.

This integration works by securely routing Gemini usage logs from Google Cloud Logging to a private Google Cloud Storage bucket that you control. You then grant Software.com read-only access to this bucket using a secure HMAC key.

Prerequisites

Before you begin, ensure you have the following:

  • Gemini Code Assist enabled for your Google Cloud project, with licenses assigned to developers.
  • A Google Cloud account with permissions to:
    • Administer your project.
    • Create and manage Cloud Logging sinks.
    • Create and manage Cloud Storage buckets.
    • Create service accounts and generate HMAC keys.

Step 1: Configure Google Cloud Platform

A. Enable Cloud Logging for Gemini

First, you need to enable the audit logging for Gemini Code Assist activity.

  1. Navigate to the Admin portal for Gemini in your Google Cloud console.
  2. Go to Settings and enable “Logging for Gemini Code Assist metadata.”
  3. You may be prompted to enable the necessary APIs for Cloud Logging.

⚠️ Important: Do not enable “Logging for Gemini Code Assist prompts and responses.” This setting includes full code prompts and responses in the logs. If you enable it, Software.com cannot filter this sensitive data and will be unable to process your integration

B. Create a Cloud Storage Bucket

This bucket will act as the destination for your Gemini logs.

  1. Ensure the Cloud Storage API is enabled for your project.
  2. In the Google Cloud console, navigate to Cloud Storage and create a new bucket. Give it a unique and descriptive name (e.g., software-com-gemini-logs).

C. Create a Service Account

Next, create a dedicated service account that Software.com will use to access the logs.

  1. In the IAM & Admin section, navigate to Service Accounts and create a new account.
  2. Grant this service account the Storage Object Viewer role. This ensures it has read-only access to the storage bucket, following the principle of least privilege.

D. Create a Log Sink

The log sink filters Gemini-specific logs and routes them to your new storage bucket.

  1. Navigate to Logging > Log Router in the Google Cloud console.
  2. Click Create Sink.
  3. Name your sink (e.g., gemini-to-software-com   ).
  4. Set the Sink Destination to the Cloud Storage bucket you created earlier.
  5. In the “Choose logs to include in sink” section, create an Inclusion Filter. This is crucial for only sending the necessary data. Paste the following filter:
resource.type="cloudaicompanion.googleapis.com/Instance"
severity>=INFO jsonPayload.@type="type.googleapis.com/google.cloud.cloudaicompanion.logging.v1.MetadataLog"
labels.method="Export.Metrics"

Step 2: Grant Software.com Access

A. Generate an HMAC Key

An HMAC key provides secure, interoperable access to your Cloud Storage bucket.

  1. In the Google Cloud console, go to Cloud Storage > Settings.
  2. Select the Interoperability tab.
  3. Click Create a key for a service account.
  4. Select the service account you created in Step 1C.
  5. Click Create Key. A new Access Key and Secret will be generated. Copy both immediately, as the secret will not be shown again.

B. Save HMAC key to app.software.com

  1. Navigate to the Connected Apps page in your app.software.com account.
  2. Click Connect next to Gemini Code Assist.
  3. Paste the Access Key and Secret from the HMAC key you just generated.
  4. Paste your Cloud Storage Bucket Name
  5. Click Save to complete the connection.

Ongoing Data Sync

  • Google Cloud Logging writes Gemini usage data in near real-time. The log sink will route this data to your storage bucket as it arrives.
  • Software.com will ingest new data from your bucket every two hours to keep your metrics fresh and up-to-date.

Resources

Still need help? Contact Us Contact Us