Revert "Security: Now signing Helm chart releases"

This reverts commit 9f1d0cc.
clemlesne · Apr 2, 2023 · 7a750fd · 7a750fd
1 parent 06dfc76
commit 7a750fd
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 6 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -1,9 +1,5 @@
 # Security Policy
 
-## Chain of trust
-
-The Helm chart is signed with a GPG key. [The public key is available at the following address.](https://raw.githubusercontent.com/clemlesne/azure-pipelines-agent/main/src/helm/pubring.gpg)
-
 ## Reliability notes
 
 Systems are built every days. Each image is accompanied by a SBOM (Software Bill of Materials) which allows to verify that the installed packages are those expected. This speed has the advantage of minimizing exposure to security flaws, which will then be corrected on the build environments in 24 hours. To do this, by default, Kubernetes downloads the image at each pod deployment.

diff --git a/src/helm/cr.yaml b/src/helm/cr.yaml
diff --git a/src/helm/pubring.gpg b/src/helm/pubring.gpg