Griffin is Brave's version of Google's Finch - A backend for Chromium's variation service. This repository contains resources to compile, publish and inspect the so called seed file, which contains definitions for all variations.
See the Wiki to learn more about what variations are and how to use them for (1) staged rollouts, (2) parameter updates and (3) experiments.
A continuous integration server (CI) serializes and signs the updated seed file before publishing it to a CDN endpoint at https://variations.brave.com/seed. To browse the contents of the seed file a dashboard is hosted at https://griffin.brave.com. The repo is organized as follows:
/cryptocontains a util to create key pairs and sign the seed file./seedcontains a deprecated JSON seed definition and serialisation code./srccontains the web dashboard to browse the seed contents, the tracker code to track seed changes and the current seed generator. See src/README.md for details./studiescontains the studies used to generate the seed.
- Run
npm installafter checking out the repository. - Create or modify a study file in
studiesdirectory, following the protobuf schema insrc/proto/study.proto. - Run
npm run seed_tools lint -- --fixand address found issues. - Create a Pull Request targeting the
mainbranch. - Follow the PR instructions to verify that everything works as intended.
On initial deployment and subsequent key rotations a new key pair has to be generated. The public key is exchanged by patching the hard-coded public key bytes in variations_seed_store.cc:
- Generate a key pair with
$ go run ./crypto/crypto_util.go keygen. - Update the patched public key in brave-core.
- Store the private key in a secure vault and ensure it is accessible by CI.
The following steps are performed by CI to publish the updated seed file:
- Run
$ npm run seed_tools createto compile the protobuf. - Sign the seed file with
$ go run /crypto/crypto_util.go sign. - Update the
X-Seed-Signatureresponse header. - Update the ETAG header with the contents of
serialnumber. - Gzip the seed and set
Content-Encoding: gzipresponse header.
Constraints:
- All studies are one time randomized.
- Platform and channel filters must be applied.
- Brave Ads studies must contain the substring "BraveAds" in their study name. Only one ads study with page visible side effects is allowed to run. Multiple studies without visible side effects can run simultanesouly.
- Studies only take effect after restarting the browser.
- Pull from staging endpoint with
--variations-server-url=https://variations.bravesoftware.com/seed. - Precedence rules for feature overrides (starting with highest precedence):
- Flags via
brave://flags - CLI overrides with
--disable-features="..." --enable-features="...", e.g. enable featureFooBarwith parametersparam1=2andparam3=4via--enable-features=FooBar:param1/2/param3/4 - Variations overrides as defined in the
seed - hard-coded
base::featuredefaults
- Flags via
- Filter rules might include
- Countries: The ISO country code is set in the
X-Countryresponse header and is inferred from the source IP by the CDN but can be faked with e.g.--variations-override-country=US - Channels: Use e.g.
--fake-variations-channel=betato override the channel of your build.
- Countries: The ISO country code is set in the
- To verify if the browser signed up for any studies eight augment logs with
--vmodule="*/variations/*"=1or inspectbrave://version/?show-variations-cmdunder the "Variations" section. - for logging add
--vmodule="*/variations/*"=1or higher
To build the dashboard:
- Install dependencies
$ npm install - Bundle resources
$ npm run build