From 7127fbc6dd0111ce517bd98ec368e8d96a517129 Mon Sep 17 00:00:00 2001
From: Hiroshi Nishito <admin@itc.tokyo>
Date: Mon, 20 Jan 2025 20:00:00 +0900
Subject: [PATCH] =?UTF-8?q?init]cicd=E3=81=AE=E4=BF=AE=E6=AD=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/workflows/backend.yml | 2 ++
 backend/package.json          | 3 ++-
 backend/serverless.yml        | 6 +-----
 3 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/backend.yml b/.github/workflows/backend.yml
index 7fd3a49..9011b37 100644
--- a/.github/workflows/backend.yml
+++ b/.github/workflows/backend.yml
@@ -64,10 +64,12 @@ jobs:
 
           if [ "${{ github.ref_name }}" = "develop" ]; then
             echo "Deploying to dev stage..."
+            export ALLOWED_REFERER="${{ secrets.ALLOWED_REFERER_DEV }}"
             npm run deploy:dev   # 例) package.json: "deploy:dev": "serverless deploy --stage dev"
 
           elif [ "${{ github.ref_name }}" = "main" ]; then
             echo "Deploying to prod stage..."
+            export ALLOWED_REFERER="${{ secrets.ALLOWED_REFERER_PROD }}"
             npm run deploy:prod  # 例) package.json: "deploy:prod": "serverless deploy --stage prod"
 
           else
diff --git a/backend/package.json b/backend/package.json
index ec61314..beefc27 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -5,7 +5,8 @@
   "scripts": {
     "build": "tsc",
     "dev:local": "npm run build && env-cmd -f .env.local serverless offline --stage dev",
-    "deploy:dev": "npm run build && env-cmd -f .env.dev serverless deploy --stage dev",
+    "deploy:dev:local": "npm run build && env-cmd -f .env.dev serverless deploy --stage dev",
+    "deploy:dev": "npm run build && serverless deploy --stage dev",
     "deploy:prod": "npm run build && env-cmd -f .env.prod serverless deploy --stage prod",
     "test": "echo 'No tests yet' && exit 0"
   },
diff --git a/backend/serverless.yml b/backend/serverless.yml
index 9d3433f..9fc4cae 100644
--- a/backend/serverless.yml
+++ b/backend/serverless.yml
@@ -26,7 +26,7 @@ provider:
   environment:
     BUCKET_NAME: ${env:BUCKET_NAME}     # S3バケット名 (ローカルなら .env.dev など、CI/CD は secrets)
     S3_PREFIX: ${self:custom.prefixes.${self:provider.stage}}
-    ALLOWED_REFERER: ${self:custom.allowedReferers.${self:provider.stage}}
+    ALLOWED_REFERER: ${env:ALLOWED_REFERER}
 
   iamRoleStatements:
     - Effect: "Allow"
@@ -64,7 +64,3 @@ custom:
   prefixes:
     dev: dev/
     prod: prod/
-
-  allowedReferers:
-    dev: "localhost:5173, dev.mydomain.com"
-    prod: "mydomain.com"