Revert "Update storage policy on decrypt"

Barbican is being enabled, as such the metadata field should not be
modified by Pegleg.  If it says encrypted, then Barbican will
encrypt.
If it says cleartext, Barbican won't.  All pegleg needs to do is
decrypt the document prior to bundling it which exists already
without this change.

This reverts commit 2d88f48989031442f8bdae5221f7359948ebd10d.

Change-Id: I8900f910f9816508a8ec5c23932252bb9d1fde09

pegleg/engine/util/pegleg_managed_document.py

@@ -174,7 +174,6 @@ class PeglegManagedSecretsDocument(object):
     def set_decrypted(self):
         """Mark the pegleg managed document as un-encrypted."""
         self.data.pop(ENCRYPTED)
-        self._embedded_document[METADATA][STORAGE_POLICY] = 'cleartext'
 
     def set_secret(self, secret):
         self._embedded_document['data'] = secret

tests/unit/engine/test_secrets.py

@@ -177,8 +177,8 @@ data: {0}-password
             "site/cicd/secrets/passphrases/"
             "cicd-passphrase-encrypted.yaml"))
     decrypted = secrets.decrypt(encrypted_path)
-    assert yaml.safe_load(decrypted[encrypted_path])['data'] == yaml.safe_load(
+    assert yaml.safe_load(
-        passphrase_doc)['data']
+        decrypted[encrypted_path]) == yaml.safe_load(passphrase_doc)
 
 
 @mock.patch.dict(
@@ -297,6 +297,8 @@ def test_encrypt_decrypt_using_docs(tmpdir):
     assert test_data[0]['schema'] == decrypted_data[0]['schema']
     assert test_data[0]['metadata']['name'] == decrypted_data[0]['metadata'][
         'name']
+    assert test_data[0]['metadata']['storagePolicy'] == decrypted_data[0][
+        'metadata']['storagePolicy']
 
 
 @pytest.mark.skipif(