CCM-14833: Force Code Deploy for Container Based Lambdas

[jamesthompson26-nhs]

Description

This change improves the Lambda Terraform module so container image Lambdas can redeploy reliably when an image tag is moved to a new image version.

When force deploy is enabled for image-based Lambdas, the module now resolves tag-based image URIs to immutable image digests before applying the Lambda update.

Context

Using image tags alone can miss code changes when the tag value stays the same but points to a different image digest.

By resolving tags to digests during deployment, Terraform/Lambda can consistently detect image updates and apply code changes as expected.

This is an opt-in behavior through the existing force deploy setting, and existing Zip package behavior is unchanged.

This is intended for local development against sandbox environments only and supports the local development workflow, removing the need to commit code to force the lambda to update (it currently uses the branch's SHA as the tag).

Type of changes

• Refactoring (non-breaking change)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would change existing functionality)
• Bug fix (non-breaking change which fixes an issue)

Checklist

• I am familiar with the contributing guidelines
• I have followed the code style of the project
• I have added tests to cover my changes
• I have updated the documentation accordingly
• This PR is a result of pair or mob programming

---

Sensitive Information Declaration

To ensure the utmost confidentiality and protect your and others privacy, we kindly ask you to NOT including PII (Personal Identifiable Information) / PID (Personal Identifiable Data) or any other sensitive data in this PR (Pull Request) and the codebase changes. We will remove any PR that do contain any sensitive information. We really appreciate your cooperation in this matter.

• I confirm that neither PII/PID nor sensitive data are included in this PR and the codebase changes.