Ros_buildfarm_config role of "keys" property

Hi, I am currently deploying a custom buildfarm, while I seem to get more and more grip of the topic I still have a hard time to understand the role of the public key in {rosdistro}/{doc|release|source}-build.yaml in https://github.com/ros-infrastructure/ros_buildfarm_config.
What it is purpose? Is something signed with it? Can you point me to some more information?

Update: So far I have the conclusion that the keys refers to the public key to verify the packages obtained internally via apt-get. Is this correct?

The keys are inside the repositories section. The repositories are the apt repositories that are needed to complete the build. The keys are the GPG public keys to add to apt’s trusted keyring. Without the public key for the repository apt cannot securely download packages from the repositories listed. This is the same as if you add a new apt source to any computer you need to both add the source url and add the gpg key as trusted. Here’s it in the installation instructions. The only difference is that it’s pulling the key from the key server by fingerprint instead of passing the whole gpg key directly.

1 Like

Ok thanks for the clarification!