Encrypted GPG Keyrings Cause Issues With corporate proxy

[d80tb7]

We develop in Go from behind a corporate proxy which blocks encrypted files as they cannot be scanned for malware.

Unfortunately this results in the AthenZ go client being blocked as go get -u github.com/AthenZ/athenz includes screwdriver/pubring.gpg.enc and screwdriver/secring.gpg.enc which are both encrypted. This is a bit unfortunate as I'm guessing that they are not needed for the Go client to work and are there purely for signing releases.

I understand that this is not a problem with AthenZ as such, but is more an unfortunate incompatibility between how go modules work and our corporate proxy rules. I do, however wonder if there is anything that can be done, such that screwdriver/pubring.gpg.enc and screwdriver/secring.gpg.enc aren't brought in by the go package install.

[havetisyan]

I've tried a couple of things to see if I can those into Screwdriver itself for CI/CD publishing artifacts but didn't work (SD has some limitations was far as what chars the secrets can include even if try to base64 encode it). I'll see what else can be done.