Checked it without my before_install. Still got stuck. It appears the yarn installation (and pgp verification) occurs anyway, because my repo contains a yarn.lock.
The repo is setup using yarn workspaces, so I have no proper matching alternative in npm land yet. 
EDIT:
tried setting env variable YARN_GPG=no (via travis’s configuration) to force no gpg validation, but the container appears to be stuck on: Worker information