“VMware is pleased to join the Docker Verified Publisher’s program. This provides developers unrestricted access to our artifacts and allows them to safely adopt the popular open-source technologies we’ve made available. We are excited that VMware Tanzu customers, in particular, will benefit from a wider range of complementary services they can leverage as they quickly get apps to market.” - Ashok Aletty, VP Engineering, VMware
In May 2021, Docker, Inc™ announced the launch of its Docker Verified Publisher Program which helps developers recognize trusted publisher software. For development teams, this is huge, since this program simplifies the consumption of secure and verified components for them, as they build their applications.
When building container-based applications or deployment templates such as Helm charts, it is a frequent practice to grab pre-built building blocks to quickly create application images. A common concern among developers is to make sure that the pieces being used to build their applications are secure, reliable, maintained and up to date. Nobody wants to spend time fixing security issues or exposing their software supply chain to malicious content.
To make it easier to select robust, trusted, and reliable software when navigating through Docker Hub, Docker has launched the Docker Verified Publisher Program. With more than 200 ISVs and thousands of individual contributors delivering software through Docker Hub, the creation of a “Verified Publisher” badge enables development teams to quickly recognize trustworthy containerized images. Docker’s differentiated and trusted content can be used as reliable building blocks for quickly building, sharing, and running applications with complete confidence.
In addition, developers will benefit from being exempt from rates limiting. This means that regardless of the Docker Hub subscription they opted for, they will have unlimited container image requests for Bitnami, Tanzu, and Spring cloud repositories.
VMware with its Bitnami, Tanzu, and Spring Cloud products has joined the Docker Verified Publisher program to enable developers to find trusted content for use in their application delivery pipeline.
This will allow developers to have unlimited access to VMware’s robust and secure components.
From now on, all users, especially VMware Tanzu customers, will be able to accelerate time to market for their applications by accessing an extended offering of complementary services.
As a part of VMware’s open-source offerings, Bitnami delivers more than 250 images labeled as “Verified Publisher” in Docker Hub. To discover them, navigate to Docker Hub and enable the “Verified Publisher” filter. You will see the “Verified Publisher” badge in the upper right corner of each image.
Both the Tanzu Developer Center and the Bitnami Documentation Tutorials site are full of handy resources that will enable you to benefit from using VMware’s Docker Verified Publisher images when building your applications.
Also, check out the VMware and Bitnami GitHub official repositories to contribute to these projects and to solve the problems you may have by opening an issue. Our support teams will be happy to help you there!