Docs update for 0.7.0 (#1391)

* updating documentation for 0.7 release

* add interface definition

* add search bar and engine

* update front page and readme to clarify the idea behind DataSQRL.

---------

Co-authored-by: Ferenc Csaky <[email protected]>

Author: mbroecheler

README.md

@@ -0,0 +1,89 @@
+---
+slug: datasqrl-0.7-release
+title: "DataSQRL 0.7 Release: The Data Delivery Interface"
+authors: [matthias]
+tags: [release]
+---
+
+<head>
+  <meta property="og:image" content="/img/blog/release_0.7.0.png" />
+  <meta name="twitter:image" content="/img/blog/release_0.7.0.png" />
+</head>
+
+# DataSQRL 0.7 Release: The Data Delivery Interface
+
+<img src="/img/blog/release_0.7.0.png" alt="DataSQRL 0.7.0 Release >|" width="40%"/>
+
+DataSQRL 0.7 marks a major milestone in our journey to automate data pipelines, thanks to significant improvements to the serving layer:
+
+* Support for the Model Context Protocol (MCP) for tooling and resource access
+* REST API support
+* JWT-based authentication and authorization
+
+These features enable developers to build a wide range of production-ready data interfaces.
+This release also includes performance and configuration improvements to the serving layer of DataSQRL-generated pipelines.
+
+You can find the full release notes and source code on our [GitHub release page](https://github.com/DataSQRL/sqrl/releases/tag/0.7.0). 
+To update your local installation of DataSQRL, simply pull the latest Docker image:
+```bash
+docker pull datasqrl/cmd:0.7.0
+```
+
+## The Last Mile: Data Delivery
+
+Data delivery is the final and most visible stage of any data pipeline. It's how users, applications, and AI agents actually access and consume data. Most enterprise data interactions happen through APIs, making the delivery interface a critical component. At DataSQRL, we've invested heavily in automating the upstream parts of the pipeline: from Flink-powered data processing to Postgres-backed storage. With version 0.7, we turn our focus to the serving layer: introducing support for the Model Context Protocol (MCP) and REST APIs, as well as JWT-based authentication and authorization. These additions ensure seamless integration with most authentication providers and enable secure, token-based data access, with fine-grained authorization logic enforced directly in the SQRL script. This completes our vision of end-to-end pipeline automation, where consumption patterns inform data storage and processing—closing the loop between data production and usage.
+
+Check out the [interface documentation](../docs/interface) for more information.
+
+<!--truncate-->
+
+## Major Contributions
+
+In addition to the flagship features—MCP, REST, and JWT support—which we’ll discuss in more detail in future blog posts, the 0.7.0 release contains a number of additional features and improvements.
+
+### Configuration & CLI Improvements
+- Refactored CLI and Flink configuration logic.
+- Improved error messages during package config validation.
+- Enforced predictable ordering and sorting of config keys.
+- Migrated deprecated config key naming (`-dir` → `-folder`), now with compile-time warnings.
+- Standardized configuration schema and structured logging to `/build/logs`.
+
+### Testing Infrastructure Enhancements
+- Added new `sqrl-container-testing` module.
+- Converted tests to use AssertJ.
+- Increased test coverage for `SqrlConfig` and dependency mapping.
+- Fixed test runner error reporting and exit code handling.
+- Reworked dependent service startup to trigger post-compilation.
+
+### Flink-SQL Runner Integration
+- Integrated `flink-sql-runner` into `DatasqrlRun`.
+- Temporarily merged `sqrl-test` module into `sqrl-run`.
+- Simplified Docker image setup (public `ghcr.io` images).
+- Updated submodule paths and version to `0.7.0`.
+
+### Authentication & API Enhancements
+- Added initial JWT-based authentication support.
+- Published documentation for JWT and Swagger-based OpenAPI specs for REST endpoints.
+- Added batch GraphQL mutation support with transactional semantics.
+- Replaced `GraphQLBigInteger` with native `Long` handling.
+
+### Kafka & Runtime Improvements
+- Kafka topic names now support templating.
+- Added an async OpenAI test use case and resolved snapshot issues.
+- Fixed intermittent WebSocket failures in `SubscriptionClient`.
+
+### Project Structure and CI Pipeline
+- Simplified project structure and removed outdated dependency declarations.
+- Refactored CI pipeline and added automated GitHub package cleanup workflow.
+
+### Updated Dependencies
+
+Upgraded versions for the following dependencies and patched critical vulnerabilities:
+
+- Apache Flink and Flink connectors (e.g., Postgres CDC)
+- Vert.x and related plugins
+- Apache Iceberg, DuckDB, PostgreSQL JDBC
+- AWS SDK BOM
+- JSON Schema Validator, Netty, OpenCSV
+- Micrometer, Log4j, Reactor, Immutables, Testcontainers
+- Maven plugins: Enforcer, GPG, Build-helper

documentation/blog/2025-07-27-datasqrl-0.7.md

@@ -85,7 +85,7 @@ In terms of security, we support JWT auth, that can be specified under the `conf
 |--------------|------------|-----------|---------------------------|
 | `config`     | **object** | see below | Vert.x JWT configuration. |
 
-```json
+```json5
 {
   "engines": {
     "vertx" : {
@@ -95,7 +95,7 @@ In terms of security, we support JWT auth, that can be specified under the `conf
           "pubSecKeys": [
             {
               "algorithm": "HS256",
-              "buffer": "<auth-secret>"
+              "buffer": "<signer-secret>"   // Base64 encoded signer secret string
             }
           ],
           "jwtOptions": {
@@ -166,6 +166,17 @@ Used as a *table-format* engine together with a query engine such as Flink or Sn
       "physical": false,
       "sorted":   true,            // deterministic ordering (mostly for tests)
       "visual":   true
+    },
+
+    "api": {
+      "protocols": [               // protocols that are being exposed by the server
+        "GRAPHQL",
+        "REST",
+        "MCP"
+      ],
+      "endpoints": "FULL",         // endpoint generation strategy (FULL, GRAPHQL, OPS_ONLY)
+      "add-prefix": true,          // add an operation-type prefix before function names
+      "max-result-depth": 3        // maximum depth of graph traversal when generating operations from a schema
     }
   }
 }
@@ -307,6 +318,12 @@ The built-in fallback (excerpt - full version [here](https://raw.githubuserconte
       "physical": false,
       "sorted": true,
       "visual": true
+    },
+    "api": {
+      "protocols": ["GRAPHQL", "REST", "MCP"],
+      "endpoints": "FULL",
+      "add-prefix": true,
+      "max-result-depth": 3
     }
   },
   "connectors": {

documentation/docs/configuration.md

@@ -0,0 +1,70 @@
+# Designing the Interface
+
+Based on the SQRL script, DataSQRL generates the interface for the compiled data pipeline. DataSQRL supports the following interfaces:
+
+* GraphQL (Mutations, Queries, and Subscriptions)
+* MCP (Tooling and Resources)
+* REST (GET and POST)
+* Data Product (Data Lake and Database Views)
+
+The first three are APIs that can be invoked programmatically. These generated API interfaces are configured by the `protocols` [compiler configuration](configuration.md#compiler-compiler).
+
+For data products, DataSQRL generates view definitions as deployment assets in `build/deploy/plan` which can be queried directly.
+
+## Data Products
+
+For data products, each visible table defined in the SQRL script is exposed as a view or physical table depending on the pipeline optimization. The mapping between visible tables in the SQRL script and exposed tables in the interface is 1-to-1.
+
+We recommend generating unique table names for the physical tables by configuring a table-name suffix in the [connector configuration](configuration#connectors-connectors), e.g. by configuring the `table-name` for `postgres` or the `catalog-name` for `iceberg` to `${sqrl:table-name}_MY_SUFFIX` . This separates views from physical tables to provide modularity and support updates without impacting downstream consumers. 
+
+## APIs
+
+### GraphQL
+
+DataSQRL uses the GraphQL data model as the base model for all API access to data. The [SQRL language specification](sqrl-language.md#api-mapping) defines how the tables and relationships in the SQRL script map to GraphQL types and fields, as well as how tables map to queries, mutations, and subscriptions.
+
+To generate the GraphQL schema from a SQRL script, add the `--api graphql` option to the [compile command](compiler.md#compile-command).
+
+You can customize the GraphQL schema by:
+* Changing field cardinalities (e.g. `[Person]!` to `Person!`)
+* Changing scalar types (e.g. `Long` to `Int`)
+* Changing the argument name for mutations (e.g. `event` to `payload`)
+* Changing the type of fields to compatible types (e.g. `Person` to `SpecificPerson`)
+* Adding enums
+* Adding interfaces and structuring types with interfaces
+
+:::warning
+Changes must be compatible with the underlying data as defined in the SQRL script and the [API mapping](sqrl-language.md#api-mapping).
+:::
+
+To use a customized GraphQL schema, configure the schema explicitly in the [script configuration](configuration.md#script-script) or by providing it as a [command argument](compiler.md).
+
+### MCP and REST
+
+DataSQRL generates a list of operations from the GraphQL schema: one for each query and mutation endpoint. 
+Queries are mapped to MCP tools with a `Get` prefix and REST endpoints under `rest/queries`. If the arguments are simple scalars, the REST endpoint is GET with URL parameters, otherwise POST with the arguments as payload.
+Mutations are mapped to MCP tools with an `Add` prefix and REST POST endpoints under `rest/mutations`.
+For the result set, DataSQRL follows relationship fields up to a configured depth (and without loops).
+
+You can control the default operation generation with the [compiler configuration](configuration.md#compiler-compiler).
+
+For complete control over the exposed MCP tools and resources as well as REST endpoints, you can define the operations explicitly in a separate GraphQL file (or multiple files).
+
+The GraphQL file defining the operations contains one or multiple query or mutation queries.
+The name of the operation is the name of the MCP tool and REST endpoint.
+
+The `@api` directive controls how the operation is exposed:
+* `rest`: `NONE`, `GET`, or `POST` to configure the HTTP method or not expose as REST endpoint.
+* `mcp`: `NONE`, `TOOL`, or `RESOURCE` to configure how the query is exposed in MCP.
+* `uri`: AN RFC 6570 template to configure the REST path and MCP resource path. Any operation arguments that are not defined in the uri template are considered part of the payload for REST (and the method must be POST).
+
+```graphql
+query GetPersonByAge($age: Int!) @api(rest: GET, mcp: TOOL, uri: "/queries/personByAge/{age}") {
+    Person(age: $age, limit: 10, offset: 0) {
+        name
+        email
+    }
+}
+```
+
+This defines an operation `GetPersonByAge` which is the name of the MCP tool and REST endpoint with the path `/queries/personByAge/{age}` using GET method.

documentation/docs/interface.md

@@ -76,6 +76,22 @@ const config: Config = {
     ],
   ],
 
+  themes: [
+    [
+      "@easyops-cn/docusaurus-search-local",
+      /** @type {import("@easyops-cn/docusaurus-search-local").PluginOptions} */
+      ({
+        hashed: true,
+        language: ["en"],
+        highlightSearchTermsOnTargetPage: true,
+        explicitSearchResultPath: true,
+        indexPages: true,
+        searchResultLimits: 10,
+        searchResultContextMaxLength: 50
+      }),
+    ],
+  ],
+
   themeConfig: {
     // Replace with your project's social card
     image: 'img/datasqrl-social-card.jpg',