New type of version bumping error

contentctl/actions/inspect.py

@@ -16,6 +16,7 @@
     DetectionMissingError,
     MetadataValidationError,
     VersionBumpingError,
+    VersionBumpingTooFarError,
     VersionDecrementedError,
 )
 from contentctl.objects.savedsearches_conf import SavedsearchesConf
@@ -101,7 +102,7 @@ def inspectAppAPI(self, config: inspect) -> str:
             -F "app_package=@<PATH/APP-PACKAGE>" \
             -F "included_tags=cloud" \
             --url "https://appinspect.splunk.com/v1/app/validate"
-        
+
         This is confirmed by the great resource:
         https://curlconverter.com/
         """
@@ -429,6 +430,19 @@ def check_detection_metadata(self, config: inspect) -> None:
                     )
                 )
 
+            # Versions should never increase more than one version between releases
+            if (
+                current_stanza.metadata.detection_version
+                > previous_stanza.metadata.detection_version + 1
+            ):
+                validation_errors[rule_name].append(
+                    VersionBumpingTooFarError(
+                        rule_name=rule_name,
+                        current_version=current_stanza.metadata.detection_version,
+                        previous_version=previous_stanza.metadata.detection_version,
+                    )
+                )
+
         # Convert our dict mapping to a flat list of errors for use in reporting
         validation_error_list = [
             x for inner_list in validation_errors.values() for x in inner_list

contentctl/objects/errors.py

@@ -185,7 +185,7 @@ def long_message(self) -> str:
         return (
             f"Rule '{self.rule_name}' has changed in current build compared to previous "
             "build (stanza hashes differ); the detection version should be bumped "
-            f"to at least {self.previous_version + 1}."
+            f"to {self.previous_version + 1}."
         )
 
     @property
@@ -194,4 +194,30 @@ def short_message(self) -> str:
         A short-form error message
         :returns: a str, the message
         """
-        return f"Detection version in current build should be bumped to at least {self.previous_version + 1}."
+        return f"Detection version in current build should be bumped to {self.previous_version + 1}."
+
+
+class VersionBumpingTooFarError(VersioningError):
+    """
+    An error indicating the detection changed but its version was bumped too far
+    """
+
+    @property
+    def long_message(self) -> str:
+        """
+        A long-form error message
+        :returns: a str, the message
+        """
+        return (
+            f"Rule '{self.rule_name}' has changed in current build compared to previous "
+            "build (stanza hashes differ); however the detection version increased too much"
+            f"The version should be reduced to {self.previous_version + 1}."
+        )
+
+    @property
+    def short_message(self) -> str:
+        """
+        A short-form error message
+        :returns: a str, the message
+        """
+        return f"Detection version in current build should be reduced to {self.previous_version + 1}."

pyproject.toml

@@ -1,7 +1,7 @@
 [tool.poetry]
 name = "contentctl"
 
-version = "5.3.1"
+version = "5.3.2"
 
 description = "Splunk Content Control Tool"
 authors = ["STRT <research@splunk.com>"]