Problem:
Software supply chain attacks are on the rise and companies are changing policies to prevent these sophisticated attacks. Today, Dataiku DSS doesn't allow for commits to be signed.
Potential Solutions:
1. For companies that utilize GitHub, allow for DSS to authenticate using a GitHub app on a per user basis to sign commits, push and pull to GitHub directly.
2. Provide a way to sign commits using the dssuser/service account's GPG/SSH key.