Add canary nightly build job

Bug: twpowertools:20
Change-Id: I622c1d671ba8fc623a96ce5d92fd6edead6c90f1
diff --git a/roles/cws-publish/defaults/main.yaml b/roles/cws-publish/defaults/main.yaml
new file mode 100644
index 0000000..4055a80
--- /dev/null
+++ b/roles/cws-publish/defaults/main.yaml
@@ -0,0 +1 @@
+dryrun: false
diff --git a/roles/cws-publish/tasks/main.yaml b/roles/cws-publish/tasks/main.yaml
new file mode 100644
index 0000000..5ab7d8d
--- /dev/null
+++ b/roles/cws-publish/tasks/main.yaml
@@ -0,0 +1,37 @@
+- name: Check extension_id, credentials.clientId, credentials.refreshToken are set
+  when: >
+    extension_id is not defined or credentials.clientId is not defined or
+    credentials.refreshToken is not defined
+  fail:
+    msg: "extension_id, credentials.clientId and credentials.refreshToken must be set"
+
+- name: Build extension
+  include_role:
+    name: build-extension
+  vars:
+    make_target: release_chromium_canary
+
+- name: Get name of the compiled ZIP file
+  ansible.builtin.shell:
+    cmd: "ls -Art | tail -n 1"
+    chdir: "{{ zuul.project.src_dir }}/out"
+  register: zip_file
+
+- name: Check the ZIP file name is non-empty
+  when: zip_file.stdout == ""
+  fail:
+    msg: "zip_file.stdout is empty"
+
+- name: Print ZIP file name
+  when: not (zip_file.stdout == "")
+  debug:
+    msg: "zip_file.stdout is \"{{ zip_file.stdout }}\""
+
+- name: Upload and publish the ZIP file to the Chrome Web Store
+  when: not (dry_run|bool)
+  ansible.builtin.command:
+    cmd: >
+      "chrome-webstore-upload upload --auto-publish --extension-id {{ extension_id }}
+      --source {{ zuul.project.src_dir|quote }}/out/{{ zip_file.stdout|quote }}
+      --client-id {{ credentials.clientId|quote }} --refresh-token {{ credentials.refreshToken|quote }}"
+  no_log: True