I don't work on the OpenStack packages, but I do maintain a reasonable number of Python packages. I always work from the released tarball. I haven't added the keys yet to verify all my packages, but am gradually doing so as I have time.
I know some people like working from the upstream git (and the team maintenance workflow allows for either), but I definitely prefer working from the upstream tarballs and appreciate the effort that goes into producing them.