- Home
- Skills
- Tencentblueking
- Bk Ci
- Utility Components
utility-components_skill
- Kotlin
2.5k
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill tencentblueking/bk-ci --skill utility-components- SKILL.md7.4 KB
Overview
This skill provides a compact guide to four utility component families used in CI/CD services: JWT security, expression parsing, thread-pool looping utilities, and the chain-of-responsibility pattern. It focuses on practical usage, code snippets, and decision guidance for applying these tools in Kotlin/Java microservice contexts. The content helps engineers choose the right utility for authentication, dynamic evaluations, concurrent processing, and request interception chains.
How this skill works
The skill explains what each component inspects and does: JWT utilities generate, verify, and refresh tokens and integrate with OAuth2; the expression parser evaluates variable and conditional expressions with custom functions and caching; thread-pool and loop utilities manage concurrent batch tasks, retries, and backoff; the responsibility chain composes interceptors to process requests sequentially. Each section includes quick-start examples and recommended configuration patterns for production safety and performance.
When to use it
- Implement stateless authentication, token refresh, or OAuth2 flows for APIs
- Evaluate or expand pipeline variables and conditional logic at runtime
- Process large batches or concurrent jobs with controlled thread pools and retry loops
- Compose request handling, validation, logging, or plugin pipelines using interceptor chains
- Choose tool-level solutions when the need is a focused utility rather than a framework-wide cross-cutting concern
Best practices
- Keep JWT secrets and signing keys in a secure vault and rotate periodically
- Cache parsed expressions and limit dynamic function exposure to avoid injection risks
- Tune thread-pool sizes based on CPU, IO characteristics, and observed latency; use bounded queues
- Use exponential backoff and max-retry limits for external calls to avoid cascading failures
- Design interceptors to be idempotent and fail-fast; keep chain handlers small and single-responsibility
Example use cases
- Protect CI API endpoints with JWT tokens and token refresh flows
- Evaluate pipeline expressions like ${buildId}_${status} with custom functions for formatting
- Run thousands of small tasks concurrently using a configured thread pool and loop utilities for batching
- Implement an interceptor chain for auth, validation, and audit logging in request pipelines
- Wrap external service calls with LoopUtil.loopWithRetry to add resilient retry behavior
FAQ
Use utility components when you need a focused tool (JWT, parser, thread pool, chain) that plugs into your codebase. Use framework-level practices for cross-cutting concerns like AOP, distributed locking, or centralized monitoring.
How do I avoid expression injection risks?
Restrict available functions, validate input variables, use whitelists, and cache parsed templates to reduce parsing overhead and limit attack surface.
How many threads should I configure for batch processing?
Start with a calculation based on cores and IO profile (e.g., cores * 2 for IO-bound), run load tests, and use bounded queues with monitoring to adjust safely.