Today, while deploying a patch to production, I saw the following error:
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131 Reading package lists... W: GPG error: http://mirrors.wikimedia.org/debian buster-backports InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131 E: The repository 'http://mirrors.wikimedia.org/debian buster-backports InRelease' is not signed.
full k8s build transcript is at P50592.
I finished the deployment, as scap said non-k8s deployment will proceed normally, but this has very likely caused a code difference between k8s and non-k8s deployed versions.