Skip to content

feat: support signing of private plugins #177

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: support signing of private plugins #177

wants to merge 2 commits into from

Conversation

@StephenKing
Copy link

@StephenKing StephenKing commented Nov 1, 2025
edited
Loading

While it is documented, how to sign a private plugin, the GitHub actions in this repo don't support this.

In order to allow users the supply the rootUrls argument to npm run sign, this PR introduces a new parameter sign_root_urls, which has to be passed to the build-plugin action, which finally passes it to the package-plugin, which actually does the signing.

Let me know, if there is an alternative, easier way to achieve this.

Fixes: #37

@StephenKing
Allow passing rootUrls when signing plugins
03998ab 
Currently there is no way to sign a private plugin
by passing rootUrls to the sign command as adviced
in official documentation using these workflows.

Fixes: grafana#37
@StephenKing
Support passing arguments to npm run
4718e60 
In order to supply --rootUrls for
the sign action, we need to enhance
pm.sh with support for passing
arguments to 'npm run'.
@StephenKing StephenKing requested review from a team as code owners November 1, 2025 16:19
@CLAassistant
Copy link

CLAassistant commented Nov 1, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

@CLAassistant
Copy link

CLAassistant commented Nov 1, 2025

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@grafana-plugins-platform-bot grafana-plugins-platform-bot bot moved this from 📬 Triage to 🔬 In review in Plugins Platform / Grafana Community Nov 3, 2025
@StephenKing StephenKing mentioned this pull request Nov 3, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hugohaggmark hugohaggmark Awaiting requested review from hugohaggmark hugohaggmark is a code owner automatically assigned from grafana/plugins-platform-frontend

@academo academo Awaiting requested review from academo academo is a code owner automatically assigned from grafana/plugins-platform-backend

@oshirohugo oshirohugo Awaiting requested review from oshirohugo oshirohugo is a code owner automatically assigned from grafana/plugins-platform-backend

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

Plugins Platform / Grafana Community
Status: 🔬 In review

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add input rootUrls for sign step

2 participants

@StephenKing @CLAassistant