Feature/#113

.github/workflows/backend.yml

@@ -52,6 +52,7 @@ jobs:
           echo aws region: ${{ secrets.AWS_REGION }}
           echo aws account: ${{ secrets.AWS_ACCOUNT }}
           echo actions role: ${{ secrets.ACTIONS_ROLE}}
+          echo certificate ARN: ${{ secrets.certificateArn }}
 
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v4
@@ -66,5 +67,8 @@ jobs:
 
       - name: CDK Deploy
         if: startsWith(github.ref, 'refs/heads/feature/') ||  github.ref == 'refs/heads/main'
+        env:
+          CERTIFICATE_ARN: ${{ secrets.certificateArn }}
+          ENVIRONMENT: ${{ needs.set-environment.outputs.environment }}
         run: npm run cdk deploy --all
         working-directory: src/backend

src/backend/lib/constructs/web.ts

@@ -7,6 +7,7 @@ import * as s3 from 'aws-cdk-lib/aws-s3';
 import * as waf from 'aws-cdk-lib/aws-wafv2';
 import * as cognito from 'aws-cdk-lib/aws-cognito';
 import * as idPool from '@aws-cdk/aws-cognito-identitypool-alpha';
+import * as acm from 'aws-cdk-lib/aws-certificatemanager';
 
 
 export interface WebProps {
@@ -21,6 +22,23 @@ export class Web extends Construct {
   constructor(scope: Construct, id: string, props: WebProps) {
     super(scope, id);
 
+   // 環境変数に基づいて条件を設定
+    const isProd = process.env.ENVIRONMENT === 'prod';
+    let certificateArn: acm.ICertificate | undefined = undefined;
+    let domainNames: string[] | undefined = undefined;
+
+    if (isProd) {
+      // 既存の証明書のARNを指定
+      const existingCertificateArn = process.env.CERTIFICATE_ARN;
+      if (typeof existingCertificateArn === 'string') { // ここでstring型であることを確認
+        const certificate = acm.Certificate.fromCertificateArn(this, 'Certificate', existingCertificateArn);
+        certificateArn = certificate;
+        domainNames = ['bouquet-note.com', '*.bouquet-note.com'];
+      } else {
+        console.error('CERTIFICATE_ARN environment variable is undefined.');
+      }
+    }
+
     const { cloudFrontWebDistribution, s3BucketInterface } = new CloudFrontToS3(this, 'Web', {
       insertHttpSecurityHeaders: false,
       bucketProps: {
@@ -43,6 +61,8 @@ export class Web extends Construct {
         serverAccessLogsPrefix: 'logs',
       },
       cloudFrontDistributionProps: {
+        certificate: certificateArn, // 条件に基づいてSSL証明書を設定
+        domainNames: domainNames, // 条件に基づいてドメイン名を設定
         geoRestriction: cloudfront.GeoRestriction.allowlist('JP'),
         errorResponses: [
           {
@@ -70,7 +90,6 @@ export class Web extends Construct {
         'npm run build -w src/frontend',
       ],
       buildEnvironment: {
-        // REACT_APP_IDENTITY_POOL_ID: props.identityPool.identityPoolId,
         VITE_COGNITO_REGION: cdk.Stack.of(this).region,
         VITE_COGNITO_USER_POOL_ID: props.userPool.userPoolId,
         VITE_COGNITO_APP_USER_POOL_CLIENT_ID: props.userPoolClient.userPoolClientId,

src/backend/package.json

@@ -12,7 +12,7 @@
   },
   "devDependencies": {
     "@types/jest": "^29.5.11",
-    "@types/node": "20.11.5",
+    "@types/node": "^20.11.5",
     "aws-cdk": "2.122.0",
     "jest": "^29.7.0",
     "ts-jest": "^29.1.1",

src/backend/tsconfig.json

@@ -20,6 +20,7 @@
     "inlineSources": true,
     "experimentalDecorators": true,
     "strictPropertyInitialization": false,
+    "types": ["node"],
     "typeRoots": [
       "./node_modules/@types"
     ]