Merge pull request #18 from hyperledger/release-1.4

Release 1.4.4 update from upstream
FigureTechnologies · Dec 26, 2019 · 23993b2 · 23993b2
2 parents 251ec9c + 3bae50c
commit 23993b2
Show file tree

Hide file tree

Showing 196 changed files with 4,803 additions and 1,845 deletions.
diff --git a/.github/workflows/trigger.yml b/.github/workflows/trigger.yml
@@ -0,0 +1,48 @@
+# Copyright the Hyperledger Fabric contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+on:
+  issue_comment:
+    types: [created]
+name: Automatically Trigger Azure Pipeline
+jobs:
+  trigger:
+    name: TriggerAZP
+    if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '/ci-run')
+    runs-on: ubuntu-latest
+    steps:
+    - name: Trigger Build
+      run: |
+        author=$(jq -r ".issue.user.login" "${GITHUB_EVENT_PATH}")
+        commenter=$(jq -r ".comment.user.login" "${GITHUB_EVENT_PATH}")
+        org=$(jq -r ".repository.owner.login" "${GITHUB_EVENT_PATH}")
+        pr_number=$(jq -r ".issue.number" "${GITHUB_EVENT_PATH}")
+        project=$(jq -r ".repository.name" "${GITHUB_EVENT_PATH}")
+        repo=$(jq -r ".repository.full_name" "${GITHUB_EVENT_PATH}")
+
+        comment_url="https://api.github.com/repos/${repo}/issues/${pr_number}/comments"
+        pr_url="https://api.github.com/repos/${repo}/pulls/${pr_number}"
+
+        pr_resp=$(curl "${pr_url}")
+        isReviewer=$(echo "${pr_resp}" | jq -r .requested_reviewers | jq -c ".[] | select(.login | contains(\"${commenter}\"))" | wc -l)
+
+        if [[ "${commenter}" = "${author}" ]] || [[ "${isReviewer}" -ne 0 ]]; then
+          sha=$(echo "${pr_resp}" | jq -r ".head.sha")
+
+          az extension add --name azure-devops
+          echo ${AZP_TOKEN} | az devops login --organization "https://dev.azure.com/${org}"
+
+          runs=$(az pipelines build list --project ${project} | jq -c ".[] | select(.sourceVersion | contains(\"${sha}\"))" | jq -r .status | grep -v completed | wc -l)
+          if [[ $runs -eq 0 ]]; then
+            az pipelines build queue --commit-id ${sha} --project ${project} --definition-name Pull-Request
+            curl -s -H "Authorization: token ${GITHUB_TOKEN}" -X POST -d '{"body": "AZP build triggered!"}' "${comment_url}"
+          else
+            curl -s -H "Authorization: token ${GITHUB_TOKEN}" -X POST -d '{"body": "AZP build already running!"}' "${comment_url}"
+          fi
+        else
+          curl -s -H "Authorization: token ${GITHUB_TOKEN}" -X POST -d '{"body": "You are not authorized to trigger builds for this pull request!"}' "${comment_url}"
+        fi
+      env:
+        AZP_TOKEN: ${{ secrets.AZP_TOKEN }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,66 @@
+## v1.4.4
+Thu Nov 14 14:20:45 EST 2019
+
+* [b8bd253](https://github.com/hyperledger/fabric/commit/b8bd253) Add release notes for v1.4.4
+* [95ffcdc](https://github.com/hyperledger/fabric/commit/95ffcdc) [FAB-15814](https://jira.hyperledger.org/browse/FAB-15814) Add endpoint for versioning metadata
+* [06f4ad8](https://github.com/hyperledger/fabric/commit/06f4ad8) [FAB-17060](https://jira.hyperledger.org/browse/FAB-17060) Remove s390x from multiarch script
+* [707f763](https://github.com/hyperledger/fabric/commit/707f763) [FAB-16544](https://jira.hyperledger.org/browse/FAB-16544) Homogenize orderer endpoint overrides
+* [07db0a8](https://github.com/hyperledger/fabric/commit/07db0a8) Do not require reboot when re-adding consenter
+* [96028fd](https://github.com/hyperledger/fabric/commit/96028fd) [FAB-15389](https://jira.hyperledger.org/browse/FAB-15389) Fix private data dissemination
+* [1989eee](https://github.com/hyperledger/fabric/commit/1989eee) [FAB-17000](https://jira.hyperledger.org/browse/FAB-17000) Warn when cert expiration is nigh
+* [c77496c](https://github.com/hyperledger/fabric/commit/c77496c) Complete chaincode execution on stream termination
+* [5416aef](https://github.com/hyperledger/fabric/commit/5416aef) [FAB-16544](https://jira.hyperledger.org/browse/FAB-16544) IT for orderer endpoint overrides
+* [83e3cb4](https://github.com/hyperledger/fabric/commit/83e3cb4) [FAB-16852](https://jira.hyperledger.org/browse/FAB-16852) Update doc to Go v1.12.12
+* [4b0e995](https://github.com/hyperledger/fabric/commit/4b0e995) Add Info message for delivery client
+* [d7f8962](https://github.com/hyperledger/fabric/commit/d7f8962) [FAB-16852](https://jira.hyperledger.org/browse/FAB-16852) Update Go to v1.12.12
+* [1a1c71a](https://github.com/hyperledger/fabric/commit/1a1c71a) [FAB-16544](https://jira.hyperledger.org/browse/FAB-16544) Backport orderer TLS cert overrides
+* [63e1563](https://github.com/hyperledger/fabric/commit/63e1563) [FAB-16544](https://jira.hyperledger.org/browse/FAB-16544) Fix IT UpdateChannel to match doc
+* [5879cd3](https://github.com/hyperledger/fabric/commit/5879cd3) [FAB-16980](https://jira.hyperledger.org/browse/FAB-16980) add lock to UpdateEndpoints
+* [31f85f6](https://github.com/hyperledger/fabric/commit/31f85f6) [FAB-14819](https://jira.hyperledger.org/browse/FAB-14819) Remove duplicate call to GetTxReadWriteSet
+* [3b7b8f0](https://github.com/hyperledger/fabric/commit/3b7b8f0) [FAB-16948](https://jira.hyperledger.org/browse/FAB-16948) To make same with github
+* [8196d66](https://github.com/hyperledger/fabric/commit/8196d66) [FAB-16948](https://jira.hyperledger.org/browse/FAB-16948) Fabric go cid interface enhancement
+* [0c221f4](https://github.com/hyperledger/fabric/commit/0c221f4) [FAB-16932](https://jira.hyperledger.org/browse/FAB-16932) Typo in Chaincode Command
+* [1485c3d](https://github.com/hyperledger/fabric/commit/1485c3d) Clarify configtx.yaml capability settings
+* [dc14773](https://github.com/hyperledger/fabric/commit/dc14773) [FAB-16922](https://jira.hyperledger.org/browse/FAB-16922) Symbol encoding format error in doc
+* [d0eecba](https://github.com/hyperledger/fabric/commit/d0eecba) [FAB-16885](https://jira.hyperledger.org/browse/FAB-16885) Doc usage of salt for private data
+* [3d49575](https://github.com/hyperledger/fabric/commit/3d49575) Fix Raft UT flake by prolong eventual timeout
+* [76383ac](https://github.com/hyperledger/fabric/commit/76383ac) [FAB-16883](https://jira.hyperledger.org/browse/FAB-16883) fix kafka.rst doc formatting
+* [d6669bf](https://github.com/hyperledger/fabric/commit/d6669bf) [FAB-16873](https://jira.hyperledger.org/browse/FAB-16873) fix cryptogen server TLS to admins
+* [a2bdb34](https://github.com/hyperledger/fabric/commit/a2bdb34) [FAB-16868](https://jira.hyperledger.org/browse/FAB-16868): fix `txn` typo error in documents
+* [76efd6d](https://github.com/hyperledger/fabric/commit/76efd6d) [FAB-16881](https://jira.hyperledger.org/browse/FAB-16881) sample configtx.yaml comment fix
+* [5cbfc4f](https://github.com/hyperledger/fabric/commit/5cbfc4f) Set DOCKER_DYNAMIC_LINK to true
+* [59d4adc](https://github.com/hyperledger/fabric/commit/59d4adc) [FAB-16756](https://jira.hyperledger.org/browse/FAB-16756) kafka migration guide fix
+* [cea596a](https://github.com/hyperledger/fabric/commit/cea596a) [FAB-16783](https://jira.hyperledger.org/browse/FAB-16783) the cryptogen gen admin cert ou error
+* [81953e5](https://github.com/hyperledger/fabric/commit/81953e5) [FAB-16652](https://jira.hyperledger.org/browse/FAB-16652) check for empty acl api ref
+* [b0de151](https://github.com/hyperledger/fabric/commit/b0de151) [FAB-16241](https://jira.hyperledger.org/browse/FAB-16241) update documentation
+* [0c9848a](https://github.com/hyperledger/fabric/commit/0c9848a) [FAB-16052](https://jira.hyperledger.org/browse/FAB-16052) Fix peerchaincode doc
+* [0acd6e9](https://github.com/hyperledger/fabric/commit/0acd6e9) [FAB-16643](https://jira.hyperledger.org/browse/FAB-16643) - Fix a bug in pvt data reconciliation
+* [6197789](https://github.com/hyperledger/fabric/commit/6197789) [FAB-16651](https://jira.hyperledger.org/browse/FAB-16651) Fix conn leak if certs renewed
+* [54f027d](https://github.com/hyperledger/fabric/commit/54f027d) Fabric update to baseimage 0.4.16
+* [456e9ad](https://github.com/hyperledger/fabric/commit/456e9ad) [FAB-16715](https://jira.hyperledger.org/browse/FAB-16715) Wire orderer endpoint overrides via config
+* [3345371](https://github.com/hyperledger/fabric/commit/3345371) [FAB-16695](https://jira.hyperledger.org/browse/FAB-16695) Enable split admin, cluster ports in IT
+* [0554664](https://github.com/hyperledger/fabric/commit/0554664) [FAB-16729](https://jira.hyperledger.org/browse/FAB-16729) Remove extra "now" typo
+* [a78be91](https://github.com/hyperledger/fabric/commit/a78be91) [IN-68] Add default GitHub SECURITY policy
+* [bbb3616](https://github.com/hyperledger/fabric/commit/bbb3616) [FAB-16728](https://jira.hyperledger.org/browse/FAB-16728) Remove extra unneeded "be"
+* [23de844](https://github.com/hyperledger/fabric/commit/23de844) [FAB-16695](https://jira.hyperledger.org/browse/FAB-16695) Make peerServer singleton a slice
+* [ad1b514](https://github.com/hyperledger/fabric/commit/ad1b514) [FAB-16695](https://jira.hyperledger.org/browse/FAB-16695) Re-use metrics for comm GRPCServer
+* [1a4ff3f](https://github.com/hyperledger/fabric/commit/1a4ff3f) [FAB-16715](https://jira.hyperledger.org/browse/FAB-16715) Wire endpoint override in UpdateEndpoints
+* [994f15c](https://github.com/hyperledger/fabric/commit/994f15c) [FAB-16715](https://jira.hyperledger.org/browse/FAB-16715) Add overrides to ConnectionCriteria
+* [0ac4069](https://github.com/hyperledger/fabric/commit/0ac4069) [FAB-16706](https://jira.hyperledger.org/browse/FAB-16706) remove validate ledger
+* [cdaa9dd](https://github.com/hyperledger/fabric/commit/cdaa9dd) [FAB-16483](https://jira.hyperledger.org/browse/FAB-16483) Improve error message
+* [14e85ce](https://github.com/hyperledger/fabric/commit/14e85ce) [FAB-16274](https://jira.hyperledger.org/browse/FAB-16274) - Add link to off_chain_data sample
+* [7775c13](https://github.com/hyperledger/fabric/commit/7775c13) [FAB-15666](https://jira.hyperledger.org/browse/FAB-15666) Pass NetworkMode in DockerBuildOptions
+* [003c8c5](https://github.com/hyperledger/fabric/commit/003c8c5) Add test for deployImage
+* [1483166](https://github.com/hyperledger/fabric/commit/1483166) [FAB-16687](https://jira.hyperledger.org/browse/FAB-16687) reduce mutex contention in validator
+* [bc2d289](https://github.com/hyperledger/fabric/commit/bc2d289) [FAB-16630](https://jira.hyperledger.org/browse/FAB-16630) Fix comment error
+* [fcfd12e](https://github.com/hyperledger/fabric/commit/fcfd12e) [FAB-16165](https://jira.hyperledger.org/browse/FAB-16165) Change pkcs11 test keystore directory
+* [0abcce8](https://github.com/hyperledger/fabric/commit/0abcce8) [FAB-16650](https://jira.hyperledger.org/browse/FAB-16650) align sentence for eventclient readme
+* [a5d9a93](https://github.com/hyperledger/fabric/commit/a5d9a93) [FAB-16605](https://jira.hyperledger.org/browse/FAB-16605) Add log message for slow WAL
+* [157f500](https://github.com/hyperledger/fabric/commit/157f500) [FAB-16571](https://jira.hyperledger.org/browse/FAB-16571) Fix peer panic when package java chaincode
+* [7f1abdb](https://github.com/hyperledger/fabric/commit/7f1abdb) [FAB-16580](https://jira.hyperledger.org/browse/FAB-16580) Remove Hyperledger Composer references
+* [48a1c86](https://github.com/hyperledger/fabric/commit/48a1c86) [FAB-16413](https://jira.hyperledger.org/browse/FAB-16413) Prepare for next fabric rel (1.4.4)
+* [05479d9](https://github.com/hyperledger/fabric/commit/05479d9) [FAB-16376](https://jira.hyperledger.org/browse/FAB-16376) MSP_1.4.3: support for admincerts
+
 ## v1.4.3
 Mon Aug 26 15:15:42 EDT 2019
 

diff --git a/CODEOWNERS b/CODEOWNERS
@@ -0,0 +1,4 @@
+# SPDX-License-Identifier: Apache-2.0
+
+# Fabric Maintainers
+*	@ale-linux @binhn @c0rwin @christo4ferris @denyeart @guoger @JonathanLevi @jyellick @kchristidis @manish-sethi @mastersingh24 @muralisrini @sykesm @yacovm
diff --git a/Makefile b/Makefile
@@ -44,10 +44,10 @@
 #   - docker-tag-stable - re-tags the images made by 'make docker' with the :stable tag
 #   - help-docs - generate the command reference docs
 
-BASE_VERSION = 1.4.3
-PREV_VERSION = 1.4.2
+BASE_VERSION = 1.4.5
+PREV_VERSION = 1.4.4
 CHAINTOOL_RELEASE=1.1.3
-BASEIMAGE_RELEASE=0.4.15
+BASEIMAGE_RELEASE=0.4.18
 
 # Allow to build as a submodule setting the main project to
 # the PROJECT_NAME env variable, for example,
@@ -231,10 +231,12 @@ $(BUILD_DIR)/%/chaintool: Makefile
 $(BUILD_DIR)/docker/bin/%: $(PROJECT_FILES)
 	$(eval TARGET = ${patsubst $(BUILD_DIR)/docker/bin/%,%,${@}})
 	@echo "Building $@"
-	@mkdir -p $(BUILD_DIR)/docker/bin $(BUILD_DIR)/docker/$(TARGET)/pkg
+	@mkdir -p $(BUILD_DIR)/docker/bin $(BUILD_DIR)/docker/$(TARGET)/pkg $(BUILD_DIR)/docker/gocache
 	@$(DRUN) \
 		-v $(abspath $(BUILD_DIR)/docker/bin):/opt/gopath/bin \
 		-v $(abspath $(BUILD_DIR)/docker/$(TARGET)/pkg):/opt/gopath/pkg \
+		-v $(abspath $(BUILD_DIR)/docker/gocache):/opt/gopath/cache \
+		-e GOCACHE=/opt/gopath/cache \
 		$(BASE_DOCKER_NS)/fabric-baseimage:$(BASE_DOCKER_TAG) \
 		go install -tags "$(GO_TAGS)" -ldflags "$(DOCKER_GO_LDFLAGS)" $(pkgmap.$(@F))
 	@touch $@
@@ -249,10 +251,12 @@ $(BUILD_DIR)/docker/gotools/bin/protoc-gen-go: $(BUILD_DIR)/docker/gotools
 
 $(BUILD_DIR)/docker/gotools: gotools.mk
 	@echo "Building dockerized gotools"
-	@mkdir -p $@/bin $@/obj
+	@mkdir -p $@/bin $@/obj $(BUILD_DIR)/docker/gocache
 	@$(DRUN) \
 		-v $(abspath $@):/opt/gotools \
 		-w /opt/gopath/src/$(PKGNAME) \
+		-v $(abspath $(BUILD_DIR)/docker/gocache):/opt/gopath/cache \
+		-e GOCACHE=/opt/gopath/cache \
 		$(BASE_DOCKER_NS)/fabric-baseimage:$(BASE_DOCKER_TAG) \
 		make -f gotools.mk GOTOOLS_BINDIR=/opt/gotools/bin GOTOOLS_GOPATH=/opt/gotools/obj
 

diff --git a/README.md b/README.md
@@ -28,6 +28,7 @@ open source architecture; Hyperledger Fabric is your starting point.
 
 ## Releases
 
+- [v1.4.4 - November 14, 2019](https://github.com/hyperledger/fabric/releases/tag/v1.4.4)
 - [v1.4.3 - August 26, 2019](https://github.com/hyperledger/fabric/releases/tag/v1.4.3)
 - [v1.4.2 - July 17, 2019](https://github.com/hyperledger/fabric/releases/tag/v1.4.2)
 - [v1.4.1 - April 11, 2019](https://github.com/hyperledger/fabric/releases/tag/v1.4.1)

diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,12 @@
+# Hyperledger Security Policy
+
+## Reporting a Security Bug
+
+If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to hear from you. We will take all security bugs seriously and if confirmed upon investigation we will patch it within a reasonable amount of time and release a public security bulletin discussing the impact and credit the discoverer.
+
+There are two ways to report a security bug. The easiest is to email a description of the flaw and any related information (e.g. reproduction steps, version) to [security at hyperledger dot org](mailto:[email protected]).
+
+The other way is to file a confidential security bug in our [JIRA bug tracking system](https://jira.hyperledger.org). Be sure to set the “Security Level” to “Security issue”.
+
+The process by which the Hyperledger Security Team handles security bugs is documented further in our [Defect Response page](https://wiki.hyperledger.org/display/HYP/Defect+Response) on our [wiki](https://wiki.hyperledger.org).
+
diff --git a/bccsp/pkcs11/impl_test.go b/bccsp/pkcs11/impl_test.go
@@ -20,6 +20,7 @@ import (
 	"encoding/asn1"
 	"fmt"
 	"hash"
+	"io/ioutil"
 	"math/big"
 	"net"
 	"os"
@@ -49,12 +50,23 @@ type testConfig struct {
 }
 
 func TestMain(m *testing.M) {
-	ks, err := sw.NewFileBasedKeyStore(nil, os.TempDir(), false)
+	os.Exit(testMain(m))
+}
+
+func testMain(m *testing.M) int {
+	tmpDir, err := ioutil.TempDir("", "pkcs11_ks")
+	if err != nil {
+		fmt.Printf("Failed to create keystore directory [%s]\n", err)
+		return -1
+	}
+	defer os.RemoveAll(tmpDir)
+
+	keyStore, err := sw.NewFileBasedKeyStore(nil, tmpDir, false)
 	if err != nil {
-		fmt.Printf("Failed initiliazing KeyStore [%s]", err)
-		os.Exit(-1)
+		fmt.Printf("Failed initiliazing KeyStore [%s]\n", err)
+		return -1
 	}
-	currentKS = ks
+	currentKS = keyStore
 
 	lib, pin, label := FindPKCS11Lib()
 	tests := []testConfig{
@@ -77,28 +89,28 @@ func TestMain(m *testing.M) {
 		Label:   label,
 		Pin:     pin,
 	}
+
 	for _, config := range tests {
-		var err error
 		currentTestConfig = config
 
 		opts.HashFamily = config.hashFamily
 		opts.SecLevel = config.securityLevel
 		opts.SoftVerify = config.softVerify
 		opts.Immutable = config.immutable
-		fmt.Printf("Immutable = [%v]", opts.Immutable)
-		currentBCCSP, err = New(opts, currentKS)
+		fmt.Printf("Immutable = [%v]\n", opts.Immutable)
+		currentBCCSP, err = New(opts, keyStore)
 		if err != nil {
-			fmt.Printf("Failed initiliazing BCCSP at [%+v]: [%s]", opts, err)
-			os.Exit(-1)
+			fmt.Printf("Failed initiliazing BCCSP at [%+v] \n%s\n", opts, err)
+			return -1
 		}
 
 		ret := m.Run()
 		if ret != 0 {
-			fmt.Printf("Failed testing at [%+v]", opts)
-			os.Exit(-1)
+			fmt.Printf("Failed testing at [%+v]\n", opts)
+			return -1
 		}
 	}
-	os.Exit(0)
+	return 0
 }
 
 func TestNew(t *testing.T) {

diff --git a/ci.properties b/ci.properties
@@ -1 +1 @@
-GO_VER=1.11.5
+GO_VER=1.12.12
diff --git a/ci/azure-pipelines-merge.yml b/ci/azure-pipelines-merge.yml
@@ -0,0 +1,27 @@
+# Copyright the Hyperledger Fabric contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: $(SourceBranchName)-$(Date:yyyyMMdd)$(Rev:.rrr)
+trigger:
+- release-1.*
+pr: none
+
+variables:
+  GOPATH: $(Agent.BuildDirectory)/go
+  PATH: $(Agent.BuildDirectory)/go/bin:/usr/local/go/bin:/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin
+  GOVER: 1.12.12
+
+jobs:
+  - job: UnitTests
+    pool:
+      vmImage: ubuntu-16.04
+    steps:
+      - template: install_deps.yml
+      - checkout: self
+        path: 'go/src/github.com/hyperledger/fabric'
+        displayName: Checkout Fabric Code
+      - script: ./ci/scripts/setup_hsm.sh
+        displayName: Install SoftHSM
+      - script: make unit-test
+        displayName: Run Unit Tests
diff --git a/ci/azure-pipelines-release.yml b/ci/azure-pipelines-release.yml
@@ -0,0 +1,89 @@
+# Copyright the Hyperledger Fabric contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+name: RELEASE-$(Date:yyyyMMdd)$(Rev:.rrr)
+trigger: none
+pr: none
+
+variables:
+  - group: credentials
+  - name: GOPATH
+    value: $(Agent.BuildDirectory)/go
+  - name: GOVER
+    value: 1.12.12
+
+stages:
+  - stage: BuildBinaries
+    dependsOn: []
+    displayName: "Build Fabric Binaries"
+    jobs:
+      - job: Build
+        pool:
+          vmImage: ubuntu-16.04
+        strategy:
+          matrix:
+            Linux-amd64:
+              TARGET: linux-amd64
+            MacOS-amd64:
+              TARGET: darwin-amd64
+            Windows-amd64:
+              TARGET: windows-amd64
+        steps:
+          - template: install_deps.yml
+          - checkout: self
+            path: 'go/src/github.com/hyperledger/fabric'
+            displayName: Checkout Fabric Code
+          - script: ./ci/scripts/create_binary_package.sh
+            displayName: Compile Binary and Create Tarball
+          - publish: release/$(TARGET)/hyperledger-fabric-$(TARGET)-$(RELEASE).tar.gz
+            artifact: hyperledger-fabric-$(TARGET)-$(RELEASE).tar.gz
+            displayName: Publish Release Artifact
+
+  - stage: BuildAndPushDockerImages
+    dependsOn: []
+    displayName: "Build and Push Fabric Docker Images"
+    jobs:
+      - job: Docker
+        pool:
+          vmImage: ubuntu-16.04
+        steps:
+          - template: install_deps.yml
+          - checkout: self
+            path: 'go/src/github.com/hyperledger/fabric'
+            displayName: Checkout Fabric Code
+          - script: ./ci/scripts/publish_docker.sh
+            env:
+              DOCKER_PASSWORD: $(DockerHub-Password)
+              DOCKER_USERNAME: $(DockerHub-Username)
+            displayName: Publish Docker Images
+
+  - stage: DraftRelease
+    displayName: "Draft GitHub Release"
+    dependsOn:
+      - BuildBinaries
+      - BuildAndPushDockerImages
+    jobs:
+      - job: Release
+        pool:
+          vmImage: ubuntu-16.04
+        steps:
+          - download: current
+            patterns: '*.tar.gz'
+            displayName: Download Artifacts
+          - checkout: self
+          - task: GitHubRelease@0
+            inputs:
+              action: create
+              addChangeLog: true
+              assets: $(Pipeline.Workspace)/*amd64*/*
+              compareWith: lastFullRelease
+              gitHubConnection: fabric-release
+              isDraft: true
+              releaseNotesFile: release_notes/v$(RELEASE).md
+              repositoryName: $(Build.Repository.Name)
+              releaseNotesSource: file
+              tag: v$(RELEASE)
+              tagSource: manual
+              title: v$(RELEASE)
+            displayName: Draft Release of Fabric