'oc adm upgrade' has reasonable help text around dangerous options like --force, but there is no guarantee that users read the help text. We should warn on stderr when something dangerous happens to raise awareness to help drive users towards safer workflows.
[root@localhost ~]# oc version -o yaml clientVersion: buildDate: "2020-05-07T22:03:52Z" compiler: gc gitCommit: f415627b3a8df305c4dd0ada0b4bc1271846a777 gitTreeState: clean gitVersion: 4.5.0-202005072157-f415627 goVersion: go1.13.4 major: "" minor: "" platform: linux/amd64 [root@localhost ~]# oc adm upgrade --to=4.4.0-0.ci-2020-05-07-213751 --force warning: --force overrides cluster verification of your supplied release image and waives any update precondition failures. error: already upgrading. Reason: ImageVerificationFailed Message: Unable to apply 4.4.0-0.ci-2020-05-07-005844: the image may not be safe to use If you want to upgrade anyway, use --allow-upgrade-with-warnings.
Does not need a doc update. Folks who might see these stderr warnings will see them on stderr. We don't need to call out the change in release notes too.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2409