Gong Nl Db
БесплатноНе проверенEnables read-only querying of the gong-nl-db Postgres database through natural language via Claude Desktop.
Описание
Enables read-only querying of the gong-nl-db Postgres database through natural language via Claude Desktop.
README
Read-only Claude Desktop access to the BairesDev gong-nl-db Cloud SQL
Postgres instance.
This is an MCP server that colleagues install on their Mac. Once set up, they can ask Claude Desktop questions like "what tables are in gong-nl-db?" or "show me last week's top 10 accounts by call volume" and Claude will query the database directly — always read-only, always audited to their personal @bairesdev.com identity.
For colleagues (one-time setup, ~3 minutes)
You need:
- Claude Desktop (download)
That's it — the installer handles everything else.
macOS
Open Terminal and paste:
curl -LsSf https://raw.githubusercontent.com/andyhorvitz/gong-nl-db-mcp/main/scripts/install.sh | bash
Windows
Open PowerShell (search "PowerShell" in the Start menu) and paste:
irm https://raw.githubusercontent.com/andyhorvitz/gong-nl-db-mcp/main/scripts/install.ps1 | iex
Both installers will:
- Install
uv(tiny Python runner) if you don't have it. - Install Google Cloud SDK if you don't have it.
- Prompt you to sign in to Google — use your
@bairesdev.comaccount. - Register the
gong-nl-dbMCP server in Claude Desktop's config.
Restart Claude Desktop and try asking it: "List the schemas in gong-nl-db."
If you get a permissions error, ping Andy — he needs to grant your Google account access to the Cloud SQL instance (see the owner setup section below).
Troubleshooting
CERTIFICATE_VERIFY_FAILED / SSL errors in Claude Desktop's logs
This is the most common failure. The installer pins the server to Python 3.12
(--python 3.12 in the Claude Desktop config), which avoids the issue entirely
on a fresh install. If you hit it anyway (e.g. you installed before this fix):
# 1. Clear the cached old package
uv cache clean gong-nl-db-mcp
# 2. Re-run the installer to update your Claude Desktop config
curl -LsSf https://raw.githubusercontent.com/andyhorvitz/gong-nl-db-mcp/main/scripts/install.sh | bash
# 3. Fully quit and reopen Claude Desktop (⌘Q, not just close the window)
serviceusage.services.use permission error / list_schemas hangs
The ADC quota project isn't set. Run:
# macOS
gcloud auth application-default set-quota-project planar-ray-494004-b8
# Windows (PowerShell)
gcloud auth application-default set-quota-project planar-ray-494004-b8
Then restart Claude Desktop. The installer now does this automatically, so a fresh install won't hit this.
"Could not determine IAM DB username"
You either aren't logged in or logged in with the wrong account. Run:
# macOS
gcloud auth application-default login
# Windows (PowerShell)
gcloud auth application-default login
Use your @bairesdev.com account when the browser opens, then restart Claude Desktop.
Failed to spawn process: No such file or directory
Claude Desktop launches with a stripped PATH that excludes ~/.local/bin
(where uv installs its tools by default). Fix: symlink uvx into a
directory Claude Desktop can see, then re-run the installer:
sudo ln -sf "$(which uvx)" /usr/local/bin/uvx
curl -LsSf https://raw.githubusercontent.com/andyhorvitz/gong-nl-db-mcp/main/scripts/install.sh | bash
The installer now writes the absolute path to uvx into the config
automatically, so a fresh install won't hit this.
MCP server not appearing in Claude Desktop
- macOS: Check
~/Library/Logs/Claude/for errors. Verify the entry exists in~/Library/Application Support/Claude/claude_desktop_config.jsonundermcpServers.gong-nl-db. - Windows: Check
%APPDATA%\Claude\logs\for errors. Verify the entry exists in%APPDATA%\Claude\claude_desktop_config.jsonundermcpServers.gong-nl-db.
Windows: PowerShell says "running scripts is disabled"
Run this once in PowerShell as Administrator, then retry the installer:
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
What you can do
Claude will have these tools available under the gong-nl-db MCP server:
| Tool | What it does |
|---|---|
list_schemas |
Show non-system schemas |
list_tables(schema) |
Show tables/views in a schema |
describe_table(table, schema) |
Show columns, types, nullability |
sample_rows(table, schema, limit) |
Return up to 50 sample rows |
run_query(sql, limit) |
Run a read-only SELECT / WITH / set-op (max 1000 rows) |
explain_query(sql) |
Return the query plan |
search_transcripts(query, ...) |
Full-text keyword search across transcript segments (FTS/GIN index) |
user_activity(host_email, ...) |
Per-rep daily call stats from the mv_user_daily materialized view |
semantic_search(query, ...) |
Meaning-based search using Vertex AI embeddings — finds conceptually related transcript chunks even without exact word matches |
What you can't do
Every query is checked against a read-only allow-list before it reaches
the database. Attempting INSERT, UPDATE, DELETE, DROP, TRUNCATE,
COPY, CALL, VACUUM, SET, etc. will be rejected. Even if that layer
somehow let a write through, the Postgres role you connect as only has
SELECT grants and the transaction is explicitly READ ONLY. Four layers
of defense — you are not going to accidentally drop prod.
For the owner (Andy): initial Cloud SQL setup
This is a one-time-per-instance setup. After this, each new colleague just needs the per-user steps below.
1. Enable IAM database authentication on the instance
gcloud sql instances patch gong-nl-db \
--database-flags=cloudsql.iam_authentication=on,cloudsql.enable_pgaudit=on,pgaudit.log=read
2. Create the read-only Postgres role
Connect as a superuser (e.g. via cloud-sql-proxy + psql):
CREATE ROLE readonly_analysts;
GRANT CONNECT ON DATABASE <db> TO readonly_analysts;
GRANT USAGE ON SCHEMA public TO readonly_analysts;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readonly_analysts;
ALTER DEFAULT PRIVILEGES IN SCHEMA public
GRANT SELECT ON TABLES TO readonly_analysts;
ALTER DATABASE <db> SET default_transaction_read_only = on;
Repeat the GRANT USAGE / GRANT SELECT / ALTER DEFAULT PRIVILEGES block
for each additional schema you want to expose.
3. For each colleague (e.g. [email protected])
# GCP IAM — lets them authenticate to the instance
gcloud projects add-iam-policy-binding <PROJECT_ID> \
--member=user:[email protected] --role=roles/cloudsql.client
gcloud projects add-iam-policy-binding <PROJECT_ID> \
--member=user:[email protected] --role=roles/cloudsql.instanceUser
# Cloud SQL — registers them as an IAM DB user on the instance
gcloud sql users create [email protected] \
--instance=gong-nl-db --type=cloud_iam_user
Then, in Postgres:
GRANT readonly_analysts TO "[email protected]";
4. Configure the installer
Edit scripts/install.sh and replace the REPLACE_ME placeholders with:
INSTANCE_CONNECTION_NAME—<project>:<region>:gong-nl-dbDB_NAME— the Postgres database name
Commit, push to main. Next colleague who re-runs the one-liner picks up the
new config.
Development
uv venv --python 3.12
uv pip install -e ".[dev]"
.venv/bin/pytest # run the safety test suite
Test the MCP server locally against a running Cloud SQL Auth Proxy or the live instance:
INSTANCE_CONNECTION_NAME=... DB_NAME=... \
.venv/bin/gong-nl-db-mcp # speaks MCP over stdio
Releasing
Tag-driven: git tag v0.2.0 && git push --tags triggers
.github/workflows/release.yml, which publishes to PyPI. Colleagues' uvx gong-nl-db-mcp@latest picks it up automatically.
The safety guarantee
src/gong_nl_db_mcp/safety.py is the statement-level allow-list. Any
change to that file must go through PR review. The file's git history is
the audit trail for the read-only guarantee. See tests/test_safety.py for
the allow/deny corpus.
Установить Gong Nl Db в Claude Desktop, Claude Code, Cursor
unyly install gong-nl-db-mcpСтавит в Claude Desktop, Claude Code, Cursor и VS Code — сам разбирается с npx, uvx и сборкой из исходников.
Впервые? Поставь CLI: curl -fsSL https://unyly.org/install | sh
Или настроить вручную
Выполни в терминале:
claude mcp add gong-nl-db-mcp -- uvx gong-nl-db-mcpFAQ
Gong Nl Db MCP бесплатный?
Да, Gong Nl Db MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Gong Nl Db?
Нет, Gong Nl Db работает без API-ключей и переменных окружения.
Gong Nl Db — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Gong Nl Db в Claude Desktop, Claude Code или Cursor?
Открой Gong Nl Db на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
wenb1n-dev/SmartDB_MCP
A universal database MCP server supporting simultaneous connections to multiple databases. It provides tools for database operations, health analysis, SQL optim
автор: wenb1n-devPostgres Server
This server enables interaction with PostgreSQL databases through the Model Context Protocol, optimized for the AWS Bedrock AgentCore Runtime. It provides tools
автор: madhurprashPostgres
Query your database in natural language
автор: AnthropicPostgreSQL
Read-only database access with schema inspection.
автор: modelcontextprotocolCompare Gong Nl Db with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории data
