Monday, March 18, 2024

Bitnami-packaged containers and Helm charts in DockerHub are now signed by Notation

Bitnami-packaged open source software container images and Helm charts available in DockerHub are now signed by Notation, a Cloud Native Computing Foundation (CNCF) incubating project.

In December 2023, we announced that Tanzu Application Catalog, the enterprise edition of Bitnami Application Catalog, started making use of Notation as a tool for signing and verifying the open container initiative (OCI) artifacts (e.g. container images, Helm charts, and metadata bundles) that we deliver. Now, we’re happy to announce the extension of this capability to the community edition of Bitnami-packaged container images in DockerHub as well.

Read on to discover more about Notation, how you stand to benefit from this integration, and how you can verify the Notation signatures in Bitnami packages.

What is Notation?

Docker developed the Docker Content Trust (DCT), a.k.a. Notary V1, in 2015 and subsequently donated it to the CNCF. Notary V1 allows users to sign and verify container images while ensuring the integrity and authenticity of specific image tags through client-side or runtime verification. Notary v1 functions by adding the user's public key to the registry and signing the image with the key's private counterpart before uploading it. Users can then verify the image by comparing the public key against the registry command group's pulled data.

The updated and enhanced Notation seeks to improve upon the shortcomings of DCT or Notary v1. Now users can create and incorporate their own implementations of the specifications into workflows for signing and verifying multiple OCI artifacts (such as software bill of materials, scan results, and container images) using Notation. It’s intended to serve as a cross-registry, cross-industry standard for signing and validating any registry artifact or OCI image. Notation is an implementation of the Notary Project specifications and is a CNCF incubating project

Benefits of signing Bitnami images with Notation

There are several benefits of signing Bignami images with Notation, including the ability to: 

  • Ensure content integrity—By signing our container images with Notation we can guarantee the integrity of the software we deliver. The signatures generated by Notation are based on the content, creating a unique fingerprint for each version of the artifact. Any tampering with the container will result in a failed verification, alerting users to potential security threats.

  • Verify authenticity—Knowing the source of the open source software you use is critical for security and compliance. Notary Project signatures provide a way to verify the authenticity of the artifacts by confirming the identity of the signer. This ensures that your applications are built from trusted sources—Bitnami—reducing the risk of deploying compromised or malicious software.

  • Support interoperability across tools and platforms—Notation plays a vital role in standardizing the representation of signatures. This standardization enables interoperability across different tools and platforms that support the OCI image format without being tied to a specific ecosystem.

Signature verification

To locally verify the signature of a Bitnami-packaged container image, follow the steps below:

  1. Download the “rootCA.cert” file from

  2. Download and install the Notation CLI for your platform from the official releases at

  3. Add the Tanzu Application Catalog Root CA certificate:

$ ./notation cert add --type ca --store VMware notationCA.crt

  1. Import the trust policy:

$ ./notation policy import trustpolicy.json

This is an example of the trustpolicy.json file:

$ cat trustpolicy.json


 "version": "1.0",

 "trustPolicies": [


     "name": "Tanzu Application Catalog",

      "registryScopes": [ "*" ],

      "signatureVerification": {

       "level" : "strict"


      "trustStores": [ "ca:VMware" ],

      "trustedIdentities": [






  1. Verify the signature of a container image of the Helm chart and check the latest available version or tag from DockerHub.

$ ./notation verify

Warning: Always verify the artifact using digest(@sha256:...) rather than a tag(:6.4.3-debian-12-r20) because resolved digest may not point to the same signed artifact, as tags are mutable.

Successfully verified signature for

  1. Use the digest directly.

$ ./notation verify

Successfully verified signature for

Check out our enterprise version - Tanzu Application Catalog!

If you’re interested in learning more about the enterprise edition of Bitnami Application Catalog - Tanzu Application Catalog, check out our product webpage, solution brief, and additional resources.

Are you going to be at  KubeCon + CloudNativeCon Europe 2024? If so, you can learn how to reinforce your software supply chain security by joining our session, VEXintating your Container Images: The European Way, on March 21, 2024 (Thursday) at 15:25 - 16:00 CET.