Uat流水线优化。

docs/jenkins/uat/Jenkinsfile

@@ -48,6 +48,7 @@ def pushOneHarborImage(def script, Map svc, String reg, String proj, String late
     def imageLatest = "${reg}/${proj}/${svc.repo}:${latestTag}"
     def imageBuild = "${reg}/${proj}/${svc.repo}:${buildTag}"
     def withLibFlag = svc.withLib ? 'true' : 'false'
+    // Parallel branches share one Docker daemon; serialize docker ops to avoid containerd CreateDiff/lease races.
     script.sh """
         set -e
         test -f ${workspace}/${svc.module}/target/${jarName}
@@ -59,23 +60,38 @@ def pushOneHarborImage(def script, Map svc, String reg, String proj, String late
         else
           touch .jenkins_docker_ctx/lib/.keep
         fi
-        cd .jenkins_docker_ctx
-        if docker pull ${imageLatest} 2>/dev/null; then
-          echo ">>> archive previous ${latestTag} -> ${buildTag}"
-          docker tag ${imageLatest} ${imageBuild}
-          docker push ${imageBuild}
-          docker rmi ${imageBuild} ${imageLatest} 2>/dev/null || true
-        fi
-        docker build -f ${workspace}/${dockerfile} \\
-          --build-arg BASE_IMAGE=${baseImage} \\
-          --build-arg JAR_FILE=${jarName} \\
-          --build-arg SERVER_PORT=${svc.port} \\
-          --build-arg WITH_LIB=${svc.withLib} \\
-          -t ${imageLatest} .
-        docker push ${imageLatest}
-        echo ">>> pushed ${imageLatest} (archived prior latest as ${buildTag} if any)"
-        docker rmi ${imageLatest} 2>/dev/null || true
-        docker image prune -f 2>/dev/null || true
+        DOCKER_LOCK=/tmp/jenkins-alien-cloud-docker.lock
+        flock "\${DOCKER_LOCK}" sh -c '
+          set -e
+          cd ${workspace}/${svc.module}/.jenkins_docker_ctx
+          if docker pull ${imageLatest} 2>/dev/null; then
+            echo ">>> archive previous ${latestTag} -> ${buildTag}"
+            docker tag ${imageLatest} ${imageBuild}
+            docker push ${imageBuild}
+            docker rmi ${imageBuild} ${imageLatest} 2>/dev/null || true
+          fi
+          build_ok=0
+          for attempt in 1 2 3; do
+            if docker build -f ${workspace}/${dockerfile} \\
+              --build-arg BASE_IMAGE=${baseImage} \\
+              --build-arg JAR_FILE=${jarName} \\
+              --build-arg SERVER_PORT=${svc.port} \\
+              --build-arg WITH_LIB=${svc.withLib} \\
+              -t ${imageLatest} .; then
+              build_ok=1
+              break
+            fi
+            echo ">>> WARN: docker build ${svc.repo} attempt \${attempt} failed, retrying..."
+            sleep "\$((attempt * 5))"
+          done
+          if [ "\${build_ok}" -ne 1 ]; then
+            echo ">>> ERROR: docker build ${svc.repo} failed after 3 attempts"
+            exit 1
+          fi
+          docker push ${imageLatest}
+          echo ">>> pushed ${imageLatest} (archived prior latest as ${buildTag} if any)"
+          docker rmi ${imageLatest} 2>/dev/null || true
+        '
         cd ${workspace}/${svc.module}
         rm -rf .jenkins_docker_ctx
     """
@@ -212,7 +228,7 @@ pipeline {
         booleanParam(
                 name: 'HARBOR_PUSH_PARALLEL',
                 defaultValue: true,
-                description: 'Parallel docker build/push per service (faster; needs enough CPU/disk on agent)'
+                description: 'Parallel per service (context prep); docker build/push serialized via flock on agent'
         )
     }
 

docs/jenkins/uat/README.md

@@ -23,8 +23,8 @@
 | 构建前删 BOM | `rm -rf spring-cloud-dependencies` | 无 |
 | `FORCE_UPDATE` | 默认 **true** | 默认 **false** |
 | Maven 并行 | 无 | `-T 1C -Dmaven.artifact.threads=8` |
-| Harbor push | 串行 | 可并行（`HARBOR_PUSH_PARALLEL`） |
-| Docker build | BuildKit（需 buildx） | 经典 builder（节点无 buildx 时稳定） |
+| Harbor push | 串行 | 上下文准备可并行；`docker build/push` 经 `flock` 串行（防 containerd 竞态） |
+| Docker build | BuildKit（需 buildx） | 经典 builder + 失败重试 3 次（节点无 buildx 时稳定） |
 | Deploy | 串行 7 次 `sh` | `parallel` |
 | 并发构建 | 允许（产生 `@2` 工作区） | `disableConcurrentBuilds()` |
 | Harbor prune | bash `mapfile`（易失败） | POSIX `sh` + `catchError` |