Grafana Community Call 2010-11

[Marcus Olsson]

Hey,

Are you developing plugins for Grafana? Then you've probably noticed the badge next to your plugin saying "Unsigned". Up until recently, signing plugins was only available for Grafana Enterprise plugins. 

In the latest version of Grafana (7.3) we introduced a new command to Grafana Toolkit to sign your plugin. With that, all plugins can now be signed. Going forward, we'll require all plugin versions to be signed before we can publish them.

In the next Grafana community call (Nov 19), we'll walk you through the process of signing your plugins. We'll do a live demo of the steps needed to sign your plugin, with plenty of time for questions.

We're currently finishing up the documentation for plugin signing. I'll update this thread as soon as we publish it.

Zoom link is available in the agenda.

I'll see you there!

-- 

Marcus Olsson

Developer Advocate

Grafana Labs

[Marcus Olsson]

We've published the docs on plugin signing. You can find them here:

Developer docs:

https://grafana.com/docs/grafana/latest/developers/plugins/sign-a-plugin/

https://grafana.com/docs/grafana/latest/developers/plugins/package-a-plugin/

Product docs:

https://grafana.com/docs/grafana/latest/plugins/plugin-signatures/

/Marcus

[Arnaud GENTY]

Hi Marcus,

i read doc and i see i need PluginPublisher role, How ?

BR

Arnaud

[Marcus Olsson]

You need to create a Grafana account. When logged in, go to Security -> API Keys and click Add API Key. You can select the role when creating the API key.

[Arnaud GENTY]

Little question, where to store the key ? not in github repo, i deduce

what is the best practice ?

Br

Arnaud

[Marcus Olsson]

If you're using a GitHub Action to sign and package your plugin, you can add the API key as a Secret in the GitHub repository. It's available under Settings -> Secrets on your repository.

If you sign your plugin on your local machine, I suggest that you store the API key securely in a password store such as 1Password, LastPass, or a similar tool.