Update CI/CD workflow to use OIDC for ACR login and streamline Docker image build and push steps

Author: emmanuelknafo

.github/workflows/cicd.yml

@@ -55,14 +55,15 @@ jobs:
           app-name: ${{ env.AZURE_WEBAPP_NAME }} # Replace with your app name
           package: "${{ env.AZURE_WEBAPP_PACKAGE_PATH }}/webapp01/bin/publish"
 
-      - uses: azure/docker-login@v2
-        with:
-          login-server: ${{ env.AZURE_ACR_NAME }}.azurecr.io
-          username: ${{ secrets.REGISTRY_USERNAME }}
-          password: ${{ secrets.REGISTRY_PASSWORD }}
-      - run: |
+      - name: ACR Login via OIDC
+        run: az acr login --name ${{ env.AZURE_ACR_NAME }}
+
+      - name: Build and Push Docker Image
+        run: |
           docker build ./src/webapp01 --file ./src/webapp01/Dockerfile -t ${{ env.AZURE_ACR_NAME }}.azurecr.io/webapp01:${{ github.sha }}
+          docker tag ${{ env.AZURE_ACR_NAME }}.azurecr.io/webapp01:${{ github.sha }} ${{ env.AZURE_ACR_NAME }}.azurecr.io/webapp01:latest
           docker push ${{ env.AZURE_ACR_NAME }}.azurecr.io/webapp01:${{ github.sha }}
+          docker push ${{ env.AZURE_ACR_NAME }}.azurecr.io/webapp01:latest
 
       - name: Azure Web Apps Deploy
         uses: azure/webapps-deploy@v3
@@ -77,7 +78,6 @@ jobs:
   # https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-and-reusable-workflows-to-achieve-slsa-v1-build-level-3
   container-build-publish:
     name: Build and Publish Container Image
-    needs: []
     uses: devopsabcs-engineering/devsecops-reusable-workflows/.github/workflows/container.yml@main
     with:
       # This is used for tagging the container image