ci: fix pipeline vulnerabilities

[Vamshi-Microsoft]

Purpose

This pull request updates the CI and test automation GitHub Actions workflows to improve security and streamline tool installation. The most significant changes are the addition of explicit permissions for workflow runs and the replacement of manual CLI installation steps with official setup actions.

Security improvements:

• Added explicit permissions for contents: read and actions: read in both .github/workflows/CI.yml and .github/workflows/test-automation.yml to restrict workflow access and enhance security. [1] [2]

Tool installation updates:

• Replaced manual installation of Azure Developer CLI (azd) with the official Azure/setup-azd@v2 GitHub Action for more reliable and maintainable setup.
• Removed manual installation steps for Azure CLI in both the main CI job and the deploy job, reducing redundancy and simplifying workflow maintenance. [1] [2]

Does this introduce a breaking change?

• Yes
• No

Golden Path Validation

• I have tested the primary workflows (the "golden path") to ensure they function correctly without errors.

Deployment Validation

• I have validated the deployment process successfully and all services are running as expected with this change.

[github-actions]

🎉 This PR is included in version 1.2.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀