Updates ECR tags as 'immutable' for Customer portal

CR images tags shouldn't be mutable - Repository tags are mutable.

ID: aws-ecr-enforce-immutable-repository
Severity: High
Impact: Image tags could be overwritten with compromised images
Resolution: Only use immutable images in ECR

Filename
base/codebuild_ecr_customer_portal/main.tf

More Information
https://aquasecurity.github.io/tfsec/v1.26.0/checks/aws/ecr/enforce-immutable-repository/

https://sysdig.com/blog/toctou-tag-mutability/

base/codebuild_ecr_customer_portal/main.tf

@@ -40,7 +40,8 @@ resource "aws_codebuild_project" "this_no_artifact" {
 }
 
 resource "aws_ecr_repository" "this-server" {
-  name = "portal_server"
+  name                 = "portal_server"
+  image_tag_mutability = "IMMUTABLE"
 
   image_scanning_configuration {
     scan_on_push = true
@@ -48,7 +49,8 @@ resource "aws_ecr_repository" "this-server" {
 }
 
 resource "aws_ecr_repository" "this-nginx" {
-  name = "django_nginx"
+  name                 = "django_nginx"
+  image_tag_mutability = "IMMUTABLE"
 
   image_scanning_configuration {
     scan_on_push = true