GitHub Action to configure the LPM package registry for npm install. Supports OIDC (no secrets needed) and token-based authentication.
No secrets to manage. Just link your GitHub account at lpm.dev/dashboard/settings/security.
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
- uses: lpm-dev/setup-lpm@v1
- run: npm ciFor CI platforms without OIDC, or when you prefer static tokens:
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
- uses: lpm-dev/setup-lpm@v1
with:
oidc: "false"
token: ${{ secrets.LPM_TOKEN }}
- run: npm ci| Input | Description | Default |
|---|---|---|
oidc |
Use OIDC for secret-free auth (requires id-token: write) |
"true" |
token |
LPM auth token (fallback when OIDC is unavailable) | "" |
cli-version |
LPM CLI version to install | "latest" |
- GitHub Actions generates a signed identity token (JWT)
- The action exchanges this token with LPM for a 30-minute read-only install token
- The token is written to
.npmrc—npm installworks immediately - No secrets are stored anywhere
If OIDC exchange fails, the action falls back to ${LPM_TOKEN} environment variable.
Prerequisite: Your GitHub account must be linked to your LPM account at Settings > Security.
name: CI + Publish
on:
push:
branches: [main]
tags: ["v*"]
pull_request:
branches: [main]
permissions:
id-token: write
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
- uses: lpm-dev/setup-lpm@v1
- run: npm ci
- run: npm test
publish:
needs: build
if: startsWith(github.ref, 'refs/tags/v')
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
- uses: lpm-dev/setup-lpm@v1
- run: npm ci
- run: npx lpm publishMIT