Keep Old Minor Releases in the Ubuntu 20.04 Archive Directory of the Repo

[TheSushiChef]

Is your feature request related to a problem? Please describe.
Ubuntu's archive repo for 20.04 doesn't contain old minor releases (e.g. it only contains the latest release). This causes us to scramble to update ~100 masters every time a new minor release is done since newer versions of salt-minion shouldn't run against older masters and there's no way to get the older package version from the official repo.

Describe the solution you'd like
We'd like the old minor releases to be stored alongside the latest releases in https://repo.saltproject.io/py3/ubuntu/20.04/amd64/archive/. If possible, we'd like the older versions of 3002, 3003, and 3004 into the archive for Ubuntu 20.04 so that we can pin properly.

Describe alternatives you've considered
We could download the current version to an internal repo and then use that for updates but seems silly that other releases such as yum have all minor releases but Ubuntu only has the latest minor release available.

Please Note
If this feature request would be considered a substantial change or addition, this should go through a SEP process here https://github.com/saltstack/salt-enhancement-proposals, instead of a feature request.

[welcome]

Hi there! Welcome to the Salt Community! Thank you for making your first contribution. We have a lengthy process for issues and PRs. Someone from the Core Team will follow up as soon as possible. In the meantime, here’s some information that may help as you continue your Salt journey.
Please be sure to review our Code of Conduct. Also, check out some of our community resources including:

• Community Wiki
• Salt’s Contributor Guide
• Join our Community Slack
• IRC on LiberaChat
• Salt Project YouTube channel
• Salt Project Twitch channel

There are lots of ways to get involved in our community. Every month, there are around a dozen opportunities to meet with other contributors and the Salt Core team and collaborate in real time. The best way to keep track is by subscribing to the Salt Community Events Calendar.
If you have additional questions, email us at saltproject@vmware.com. We’re glad you’ve joined our community and look forward to doing awesome things with you!

[OrangeDog]

That's because all previous releases had a CVE, and were moved to archive.repo.saltproject.io.
See also #61900.

Going forward, they should be retained as they were before, unless another CVE appears.

[TheSushiChef]

Ah I had tried to find a ticket that had the discussion so thank you for the link! I didn't know about that archive repo which we could have used to pin ourselves back to an old version.

I'm with what the others said in that ticket with moving versions simply because it has a CVE is a practice that I don't know any other repo follows (maybe they do but I'm not familiar with any). We're likely going to follow the procedures to make our own copy of the repo since this is breaking production systems every time repos are shuffled and makes the repo an unreliable source of truth.