Multi-platform (amd64/arm64) Docker builds for the DSM frontend CI pipeline

The frontend's automated Docker build-and-publish pipeline was upgraded to produce multi-architecture container images (Intel/AMD linux/amd64 and ARM linux/arm64) in a single build. This is an internal build-tooling change with no user-facing functionality; it broadens the range of server hardware the frontend can be deployed on. (Reached QA.)

The previous pipeline used a plain docker build that produced an image for only one CPU architecture. As deployment targets increasingly include ARM-based hosts (e.g. AWS Graviton instances) alongside traditional x86 servers, a single-architecture image limits where the application can run and can cause failures when the build and runtime architectures differ. Multi-platform images remove that constraint.

No change to application behavior, UI, or APIs for end users. The operational benefit is deployment flexibility: the published image now runs natively on both x86 (amd64) and ARM (arm64) infrastructure, enabling potential cost or performance gains from ARM hosts and reducing architecture-mismatch deployment errors.

• Single file changed: .github/workflows/docker-ecr.yml (+9 / -2).
• Added a step to create and bootstrap a dedicated Buildx builder: docker buildx create --use --name multiarch-builder --driver docker-container followed by docker buildx inspect --bootstrap.
• Replaced the docker build + separate docker push steps with a single docker buildx build invocation using --platform linux/amd64,linux/arm64 and --push (build args for the various NEXT_PUBLIC_* values are unchanged).
• The docker/setup-buildx-action@v3 setup step that already existed is retained.

Low application risk (no app code touched), but a real CI/CD risk: a misconfigured Buildx setup could break the publish step, blocking deployments. Multi-arch builds also increase build time and pushed image size. Mitigation: the change is confined to the QA pipeline first; verify a green pipeline run and confirm the resulting multi-arch image pushes to ECR and deploys before promoting to production.

• Confirm the GitHub Actions docker-ecr workflow completes successfully end to end after merge.
• Verify the ECR image manifest lists both linux/amd64 and linux/arm64 platforms (e.g. docker buildx imagetools inspect <repo>:<tag>).
• Confirm the image still pushes to the correct ECR repository/tag and that the downstream webhook/deploy notification still fires.
• Smoke-test the deployed QA frontend to confirm the multi-arch image boots and serves the app normally.