Grafana Updates

dpell352 · January 27, 2023, 1:26pm

I have an existing Grafana system. Is it safe to apply updates? When installing Fedora updates, I get this prompt, but I’m not sure that its safe to answer yes. Please advise.

dnf check-update
grafana 2.3 kB/s | 629 B 00:00
grafana 30 kB/s | 2.4 kB 00:00
Importing GPG key 0x2CF3C0C6:
Userid : “Grafana Labs engineering@grafana.com”
Fingerprint: 0E22 EB88 E39E 1227 7A77 60AE 9E43 9B10 2CF3 C0C6
From : https://packages.grafana.com/gpg.key
Is this ok [y/N]:

What Grafana version and what operating system are you using?
What are you trying to achieve?
How are you trying to achieve it?
What happened?
What did you expect to happen?
Can you copy/paste the configuration(s) that you are having problems with?
Did you receive any errors in the Grafana UI or in related logs? If so, please tell us exactly what they were.
Did you follow any online instructions? If so, what is the URL?

emiltullstedt · January 27, 2023, 1:55pm

Yes, that should be safe. As a precaution after CircleCI’s incident on 2023-01-04 the keys used to sign Grafana packages was rotated, you can read more about that on:

The fingerprint you’re being asked to accept looks like the correct new GPG key based on the post above, so you should be good to go , but as the post recommends you should also make sure to remove the old key from your truststore.

dpell352 · January 27, 2023, 2:13pm

Thanks

Topic		Replies	Views
Current GPG key import issues Installation linux , raspberry-pi , gpg-key	1	3119	January 18, 2023
APT-related question about GPG key rotation Site Feedback	1	636	January 14, 2023
Grafana repository GPG signature error Grafana	3	2081	July 23, 2022
Problem with debian repository key Installation	6	11828	June 8, 2023
K6 rpm package GPG key is no longer valid OSS Support	3	170	May 8, 2023

Grafana Updates

Related topics