<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=362356) </details> <!--IssueSummary end--> My organization uses the `gitlab-ee` omnibus packages for Ubuntu. We have automatic updates enabled for apt to stay current with security and other bug fixes. However, every time GitLab rotates the package signing key, our updates fail until someone manually intervenes. I believe the solution to this is to ship the current _and next_ package signing key in the omnibus package itself (install them in `/etc/apt/trusted.gpg.d/`). That way, systems running a recent build will be able to seamlessly upgrade to the next build even when the key is rotated. Please consider doing this!