From 00933b8ac5274154cd176c25990706cd52358f27 Mon Sep 17 00:00:00 2001
From: Alex Bozarth <ajbozart@us.ibm.com>
Date: Mon, 25 Nov 2024 18:24:48 -0600
Subject: [PATCH] add push to openssl3

Signed-off-by: Alex Bozarth <ajbozart@us.ibm.com>
---
 .github/workflows/openssl3.yml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/.github/workflows/openssl3.yml b/.github/workflows/openssl3.yml
index f3bb1b7..ee5fd76 100644
--- a/.github/workflows/openssl3.yml
+++ b/.github/workflows/openssl3.yml
@@ -14,6 +14,10 @@ on:
         required: false
         default: false
         type: boolean
+      release_tag:
+        description: "Which tag to use when pushing the docker image"
+        required: false
+        type: string
   workflow_dispatch:
     inputs:
       build_main:
@@ -21,11 +25,16 @@ on:
         required: false
         default: false
         type: boolean
+      release_tag:
+        description: "Which tag to use when pushing the docker image"
+        required: false
+        type: string
 
 env:
   build-args: |
     LIBOQS_TAG=main
     OQSPROVIDER_TAG=main
+  push: ${{ github.repository == 'open-quantum-safe/oqs-demos' && github.ref == 'refs/heads/main' }}
 
 jobs:
   build:
@@ -40,6 +49,11 @@ jobs:
       - uses: actions/checkout@v3
       - uses: docker/setup-qemu-action@v3
       - uses: docker/setup-buildx-action@v3
+      - uses: docker/login-action@v3
+        if: ${{ env.push == true }}
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
       - uses: docker/login-action@v3
         with:
           registry: ghcr.io
@@ -61,3 +75,17 @@ jobs:
         run: |
           docker run --rm --name oqs-ossl3 oqs-ossl3 sh -c "openssl list -providers; /opt/openssl32/bin/serverstart.sh; sleep 2; echo 'GET /' | openssl s_client -connect localhost --groups kyber768 --CAfile /opt/openssl32/bin/CA.crt" &&
           docker run --rm --name oqs-ossl3 oqs-ossl3 sh -c "KEM_ALG=p521_frodo1344aes /opt/openssl32/bin/serverstart.sh; sleep 2; echo 'GET /' | openssl s_client -connect localhost --groups p521_frodo1344aes --CAfile /opt/openssl32/bin/CA.crt"
+
+      - name: Push Docker image to registries
+        if: ${{ env.push == true }}
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          context: openssl3
+          platforms: ${{ matrix.platform }}
+          build-args: |
+            MAKE_DEFINES=-j4
+            ${{ (github.event.inputs.build_main == 'true') && env.build-args || null }}
+          tags: |
+            openquantumsafe/openssl3:${{ inputs.release_tag || 'latest' }}
+            ghcr.io/openquantumsafe/openssl3:${{ inputs.release_tag || 'latest' }}