+++ This bug was initially created as a clone of Bug #1756453 +++ Users are allowed (and in pre-prod environments, encouraged) to upgrade clusters to versions that may not be in a stable channel. In addition, between minor versions of the product (4.1 and 4.2) edges may not be created in the stable channel, but we want users to try it out. To try that out today requires `oc adm upgrade --force` which bypasses signature verification and introduces a security risk. The CLI really should not force that choice on users, and in 4.3 we anticipate adding additional checks that have nothing to do with that behavior. For 4.1 and 4.2 we should split the --force flag in oc adm upgrade to only apply to server override, and use more specific flags for client side override (--allow-explicit-upgrade for using --to-image, and --allow-unsafe-upgrade for bypassing cluster version failure and upgrade in progress).
Verified with client from 4.2.0-0.nightly-2019-10-07-011045 - upgraded to image not in graph with --to-image and --allow-explicit-upgrade - upgraded with upgrade in progress with --allow-upgrade-with-warnings - upgraded to unsigned payload with --to-image and --force
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2922