As part of our commitment to supporting best practices, we’re shifting from the usage of API Keys to the recommended approach - Cloud Access Polices for plugin signing.
For a deeper understanding of this transition and the advantages Cloud Access Policies bring - please read this announcement blog.
We have updated our documentation so you can follow a step-by-step guide to generate a token and sign your plugin.
This is NOT a breaking change.
Our sign-plugin tool has been updated to support both API Keys and Cloud Access Policies to give developers time to migrate. We support both GRAFANA_API_KEY and a new GRAFANA_ACCESS_POLICY_TOKEN variable. There are no current plans to remove support for API Keys, but we recommend users migrate as soon as convenient and will start to warn on usage of API Keys during plugin validation and reviews.
Please let us know if you have any questions or concerns by replying to this post.