feat(core): DockerBuildOptions support network param (#34725)

### Issue # (if applicable)

Closes #34514

### Reason for this change
`DockerRunOptions` has `network` param but `DockerBuildOptions` doesn't

### Description of changes
`DockerBuildOptions` support `network` param

### Describe any new or updated permissions being added




### Description of how you validated changes
Unit + Integ

#### Test DockerImage.fromBuild with python-alpha/test/integ.function.custom-build
```console
$ ps aux | grep "docker build"
superch+ 44036  0.1  0.1 1994552 26112 pts/0   Sl+  08:20   0:00 docker build -t cdk-5322298f1d5d198bb67c2885f92ffc76a9e60f4ec4b584a8df116ebc75ebc843 --network default /workspaces/aws-cdk/packages/@aws-cdk/aws-lambda-python-alpha/test/lambda-handler-custom-build
``` 
#### Test PythonLayerVersion with python-alpha/test/integ.function.project
```console
$ ps aux | grep "docker build"
superch+ 76129  100  0.1 1920308 24064 pts/0   Sl+  09:09   0:00 docker build -t cdk-858025f5c9bccadc11d046a66c283180089509773bb117d94236a7e2c03a0295 --platform linux/amd64 --network default --build-arg IMAGE=public.ecr.aws/sam/build-python3.13 /workspaces/aws-cdk/packages/@aws-cdk/aws-lambda-python-alpha/lib
```

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

Author: phuhung273

packages/@aws-cdk/aws-lambda-go-alpha/lib/bundling.ts

@@ -148,6 +148,7 @@ export class Bundling implements cdk.BundlingOptions {
           IMAGE: Runtime.GO_1_X.bundlingImage.image, // always use the GO_1_X build image
         },
         platform: props.architecture.dockerPlatform,
+        network: props.network,
       })
       : cdk.DockerImage.fromRegistry('dummy'); // Do not build if we don't need to
 

packages/@aws-cdk/aws-lambda-go-alpha/test/bundling.test.ts

@@ -39,6 +39,7 @@ test('bundling', () => {
     environment: {
       KEY: 'value',
     },
+    network: 'host',
   });
 
   expect(Code.fromAsset).toHaveBeenCalledWith(path.dirname(moduleDir), {
@@ -65,6 +66,7 @@ test('bundling', () => {
       IMAGE: expect.stringMatching(/build-go/),
     }),
     platform: 'linux/amd64',
+    network: 'host',
   }));
 });
 

packages/@aws-cdk/aws-lambda-python-alpha/README.md

@@ -210,12 +210,12 @@ new python.PythonFunction(this, 'function', {
   entry,
   runtime: Runtime.PYTHON_3_8,
   bundling: {
-      network: 'host',
-      securityOpt: 'no-new-privileges',
-      user: 'user:group',
-      volumesFrom: ['777f7dc92da7'],
-      volumes: [{ hostPath: '/host-path', containerPath: '/container-path' }],
-   },
+    network: 'host',
+    securityOpt: 'no-new-privileges',
+    user: 'user:group',
+    volumesFrom: ['777f7dc92da7'],
+    volumes: [{ hostPath: '/host-path', containerPath: '/container-path' }],
+  },
 });
 ```
 

packages/@aws-cdk/aws-lambda-python-alpha/lib/bundling.ts

@@ -105,6 +105,7 @@ export class Bundling implements CdkBundlingOptions {
         IMAGE: runtime.bundlingImage.image,
       },
       platform: architecture.dockerPlatform,
+      network: props.network,
     });
     this.command = props.command ?? ['bash', '-c', chain(bundlingCommands)];
     this.entrypoint = props.entrypoint;

packages/@aws-cdk/aws-lambda-python-alpha/test/bundling.test.ts

@@ -31,6 +31,7 @@ test('Bundling a function without dependencies', () => {
     entry: entry,
     runtime: Runtime.PYTHON_3_7,
     architecture: Architecture.X86_64,
+    network: 'host',
   });
 
   // Correctly bundles
@@ -48,6 +49,7 @@ test('Bundling a function without dependencies', () => {
       IMAGE: expect.stringMatching(/build-python/),
     }),
     platform: 'linux/amd64',
+    network: 'host',
   }));
 
   const files = fs.readdirSync(assetCode.path);
@@ -426,7 +428,6 @@ test('Bundling with volumes from other container', () => {
     entry: entry,
     runtime: Runtime.PYTHON_3_7,
     volumesFrom: ['777f7dc92da7'],
-
   });
 
   expect(Code.fromAsset).toHaveBeenCalledWith(entry, expect.objectContaining({
@@ -442,7 +443,6 @@ test('Bundling with custom volume paths', () => {
     entry: entry,
     runtime: Runtime.PYTHON_3_7,
     volumes: [{ hostPath: '/host-path', containerPath: '/container-path' }],
-
   });
 
   expect(Code.fromAsset).toHaveBeenCalledWith(entry, expect.objectContaining({
@@ -474,7 +474,6 @@ test('Bundling with custom user', () => {
     entry: entry,
     runtime: Runtime.PYTHON_3_7,
     user: 'user:group',
-
   });
 
   expect(Code.fromAsset).toHaveBeenCalledWith(entry, expect.objectContaining({
@@ -490,7 +489,6 @@ test('Bundling with custom securityOpt', () => {
     entry: entry,
     runtime: Runtime.PYTHON_3_7,
     securityOpt: 'no-new-privileges',
-
   });
 
   expect(Code.fromAsset).toHaveBeenCalledWith(entry, expect.objectContaining({
@@ -506,7 +504,6 @@ test('Bundling with custom network', () => {
     entry: entry,
     runtime: Runtime.PYTHON_3_7,
     network: 'host',
-
   });
 
   expect(Code.fromAsset).toHaveBeenCalledWith(entry, expect.objectContaining({
@@ -522,7 +519,6 @@ test('Bundling with docker copy variant', () => {
     entry: entry,
     runtime: Runtime.PYTHON_3_7,
     bundlingFileAccess: BundlingFileAccess.VOLUME_COPY,
-
   });
 
   expect(Code.fromAsset).toHaveBeenCalledWith(entry, expect.objectContaining({