This document describes the full lifecycle of OntoKit Web from local development through release and deployment.
Version is managed in package.json:
"version": "0.3.0-dev"- The
devbranch carries the-devsuffix (e.g.0.3.0-dev) during development. - At release time the suffix is stripped (e.g.
0.3.0) and merged tomain.
cd ontokit-web
npm installnpm run dev # Start development server at http://localhost:3000npm run lint # ESLint
npm run type-check # TypeScript type checking
npm run test -- --run # Run tests (single run)
npm run build # Production buildThe GitHub Actions workflow (.github/workflows/release.yml) runs on every push and on pull requests.
| Job | What it does |
|---|---|
| quality | npm run lint, npm run type-check, npm run test, npm run build |
This job runs on all pushes (except renovate/** branches) and on PRs. The publish jobs described in the next section only run when a release tag is pushed.
OntoKit Web uses a two-branch model:
| Branch | Purpose |
|---|---|
dev |
Default branch. All feature PRs target this branch. Carries the -dev version suffix. |
main |
Stable release branch. Always reflects the latest tagged release. |
Releases follow a Weblate-inspired workflow. All commands below are run from the ontokit-web/ directory.
Before preparing the release, add an entry for the new version to the in-app changelog at app/docs/changelog/page.tsx. Summarize the release highlights (new features, improvements, bug fixes) so users can see what changed at /docs/changelog.
git checkout dev
node scripts/prepare-release.mjsThis script:
- Reads the current version from
package.json(e.g.0.3.0-dev). - Strips the
-devsuffix to produce the release version (0.3.0). - Updates
package.json. - Creates a git commit:
chore: releasing 0.3.0.
git push origin dev
gh pr create --base main --head dev \
--title "Release ontokit-web 0.3.0" \
--body "Release ontokit-web 0.3.0"CI will run the quality checks on the PR. Once they pass, approve and merge the PR.
Note:
mainis protected — direct pushes are not allowed. All changes tomainmust go through a pull request with passing status checks and an approving review.
After the PR is merged, pull main and tag it:
git checkout main
git pull origin main
git tag -s ontokit-web-0.3.0Tags must match the pattern ontokit-web-* to trigger the publish pipeline.
git push origin ontokit-web-0.3.0When the tag reaches GitHub, the CI workflow runs the quality jobs and then two publish jobs in parallel:
- publish_github — Creates a GitHub Release with auto-generated release notes.
- publish_docker — Builds the production Docker image and pushes it to the GitHub Container Registry. The image is tagged with the release version, the major.minor version, and
latest. For example, the tagontokit-web-0.3.0produces:ghcr.io/<owner>/ontokit-web:0.3.0ghcr.io/<owner>/ontokit-web:0.3ghcr.io/<owner>/ontokit-web:latest
git checkout dev
node scripts/set-version.mjs 0.4.0
git push origin devThis script:
- Updates
package.jsonto0.4.0-dev. - Creates a git commit:
chore: setting version to 0.4.0-dev.
dev branch:
0.3.0-dev ──prepare-release.mjs──▸ 0.3.0 ──push──▸ PR to main
│
main branch: merge & tag
│ ┌─ GitHub Release
▼─push─▸ CI─┤
└─ GHCR (Docker image)
dev branch:
set-version.mjs 0.4.0
│
0.4.0-dev (next cycle)
Patch releases are for backporting critical bug fixes to an older release line after dev has already moved to the next development version. New features always ship in the next minor or major release on dev.
For example, if dev is at 0.4.0-dev but a bug is found in 0.3.0:
git checkout -b release/0.3.x ontokit-web-0.3.0git cherry-pick <commit-sha> # the fix from dev or mainnpm pkg set version=0.3.1
git add package.json
git commit -m "chore: releasing 0.3.1"git tag -s ontokit-web-0.3.1
git push -u origin release/0.3.x && git push --tagsCI will run the quality checks and publish the GitHub Release and Docker image as usual. The release/0.3.x branch can be kept for future patches on the same line.
After publishing, open a PR from the release branch to main so it reflects the latest release:
gh pr create --base main --head release/0.3.x \
--title "Merge patch release 0.3.1 into main" \
--body "Fast-forward main to patch release 0.3.1"Note: The
latestDocker tag will point to the patch release. If the latest minor/major release should remainlatest, manually retag after publishing.
Pull the pre-built production image published by CI:
# latest release
docker pull ghcr.io/<owner>/ontokit-web:latest
# specific version
docker pull ghcr.io/<owner>/ontokit-web:0.3.0Run it directly:
docker run -d \
--name ontokit-web \
-p 3000:3000 \
-e NEXT_PUBLIC_API_URL=https://api.example.com \
-e NEXT_PUBLIC_WS_URL=wss://api.example.com \
ghcr.io/<owner>/ontokit-web:0.3.0Or reference it in a compose file:
services:
web:
image: ghcr.io/<owner>/ontokit-web:0.3.0
ports:
- "3000:3000"
environment:
- NEXT_PUBLIC_API_URL=https://api.example.com
- NEXT_PUBLIC_WS_URL=wss://api.example.comdocker build \
--build-arg NEXT_PUBLIC_API_URL=http://localhost:8000 \
--build-arg NEXT_PUBLIC_WS_URL=ws://localhost:8000 \
-t ontokit-web .
docker run -p 3000:3000 ontokit-web| Variable | Purpose |
|---|---|
NEXT_PUBLIC_API_URL |
Backend API URL (baked at build time) |
NEXT_PUBLIC_WS_URL |
WebSocket URL (baked at build time) |
ZITADEL_ISSUER, ZITADEL_CLIENT_ID, ZITADEL_CLIENT_SECRET |
OIDC auth provider |
NEXTAUTH_URL, NEXTAUTH_SECRET |
NextAuth.js configuration |