Hey Guys,
I developed a private plugin and able to test it successfully in a local docker compose environment. And I haven’t signed my plugin because of the issue that none of our continuous integration tools can reach grafana.com because of firewall restrictions. Also, I am using helm deployment for my grafana and have uploaded the plugin zip file as a configmap. To use the unsigned plugin, I have set allow_loading_unsigned_plugins with the name of my plugin. My expectation is that grafana should pick up the plugin without issues. But when Grafana starts it’s trying to fetch the plugin from grafana.com/api/plugins/repo. Note : Grafana is running in production mode and the version I am using is 9.5.2. I see a grafana-sc-plugins sidecar container successfully provisioned and inside that I can see my plugin zip file
My helm changes
# Mentioned here the name of the plugin to be installed
plugins:
- sample-plugin
# Added the plugin to allow_loading_unsigned_plugins as its not signed
grafana.ini:
plugins:
allow_loading_unsigned_plugins: sample-plugin
# I have a configmap named plugin-configmap and it has a label grafana_plugin: sample-plugin and the same is mentioned in the sidecar - plugins
sidecar:
plugins:
enabled: true
label: grafana_plugin
labelValue: sample-plugin
- Why is Grafana trying to get the plugin from grafana api instead of using the local zip file
- Is it a mandate to sign a private plugin if I have to use it in Grafana production mode ?
- Is it a default behaviour for grafana to check grafana api if a plugin is unsigned ?
- Also, is there a way to self sign the plugin or sign the plugin in offline mode ?