Let's say, for instance the third party-repository is RepoForge:
- As a user, you can do what you want. Just follow RepoForge instructions (install "rpmforge-release" RPM)
- As a NS developer you should not upload rpmforge-release to NS repositories because it's not an "upstream repository". We currently enable only CentOS upstream repositories. We consider EPEL "upstream" because the CentOS project itself ships "epel-release" RPM from its repositories.
I'd say NO, for the reason above.
Our policy to do this (as long as the software license allows it) is to upload the specific software and its dependencies to NS repository (nethforge, or updates), where it is automatically signed by NS GPG key.
Some real case "third-party" examples:
- software from Stephane's repository require installing the "sdl" repo before using it
- software from Nethesis repositories, providing the "NethServer Enterprise" version, requires registration and installing Nethesis repositories