Comment 3 for bug 1605861

apt-key was changed in Debian Stretch to warn when you attempt to do something like

    apt-key add <file >/dev/null

or the equivalent pipeline. The manual page says

COMMANDS
       add filename
(...)
           Note: Instead of using this command a keyring should be placed
directly in the /etc/apt/trusted.gpg.d/ directory with a descriptive name
and either "gpg" or "asc" as file extension.

So, the right thing to do is to copy the file to the right path instead of
calling apt-key add with it.

^ I got the above snippet from the very tangentially related https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851774