The issue of private deployment and language version selection during function compilation.

[Taylorzhao]

Problem In real-world scenarios, it's common for enterprises to deploy in isolated networks due to confidentiality requirements. Given this context, could you provide a private deployment solution? Additionally, compilation of functions needs to occur within these isolated networks, using private dependencies.

[pierDipi]

Hi @Taylorzhao

In real-world scenarios, it's common for enterprises to deploy in isolated networks due to confidentiality requirements. Given this context, could you provide a private deployment solution?

can you please clarify more what do you? are you asking to use network policies to isolate different namespaces / applications?

Additionally, compilation of functions needs to occur within these isolated networks, using private dependencies.

I'm not too familiar with function compilation but can you clarify what is the current and expected behavior? cc @lkingland @matzew

[lkingland]

Hello @Taylorzhao,

Yes, one can build Functions with private repositories in a few ways. If you're building from within a container (such as for the Pack or S2I builders) you'd need to generate and then pass in a personal-access-token as a build environment variable.

If you're using Go, the easier method would be to set FUNC_ENABLE_HOST_BUILDER=true and build using --builder=host which will use your current environment, which can be configured to have access using normal means. We are bringing this feature to the other runtimes but it is available now for Go behind that feature flag.

Note this is just for dependencies of the language itself. If you're fully isolated, you may need to create and populate a container registry as well.

[Taylorzhao]

Hello @lkingland , I have looked at all the content related to compilation in func and found the image used for compilation, which involves a lifecycle image. Many operations are performed in this image, and I successfully set the variables of the compilation environment and used the proxy of Go. However, during the compilation process, it will automatically download the Go version package, and currently, I have no way to replace the download link with an internal network download link. May I ask if there is a good solution?

[lkingland]

I do not believe we currently support customizing the Go download url. Cc @matejvasek

It may be easier for you to configure the environment in which you are building the function, and then use FUNC_ENABLE_HOST_BUILDER=true and deploy with --builder=host. This will use the host environment's Go toolchain.

[Taylorzhao]

I do not believe we currently support customizing the Go download url. Cc @matejvasek

It may be easier for you to configure the environment in which you are building the function, and then use FUNC_ENABLE_HOST_BUILDER=true and deploy with --builder=host. This will use the host environment's Go toolchain.

Thank you very much. I tried to set the environment variable FUNC_ENABLE_HOST_BUILDER=true and the compilation succeeded.

[Taylorzhao]

FUNC_ENABLE_HOST_BUILDER @lkingland May I ask, is there any plan to embed the language version package into the compiled image and no longer download it from the Internet? If there is no corresponding version number for the embedded package, then download it from the Internet.

[github-actions[bot]]

This issue is stale because it has been open for 90 days with no activity. It will automatically close after 30 more days of inactivity. Reopen the issue with /reopen. Mark the issue as fresh by adding the comment /remove-lifecycle stale.