OMDSCloud/dictation_server/src/main.ts

import { NestFactory } from '@nestjs/core';
import cookieParser from 'cookie-parser';
import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
import { AppModule } from './app.module';
import { ValidationPipe } from '@nestjs/common';
import helmet from 'helmet';
const helmetDirectives = helmet.contentSecurityPolicy.getDefaultDirectives();
helmetDirectives['connect-src'] =
  process.env.STAGE === 'local'
    ? [
        "'self'",
        process.env.ADB2C_ORIGIN,
        process.env.STORAGE_ACCOUNT_ENDPOINT_US,
        process.env.STORAGE_ACCOUNT_ENDPOINT_AU,
        process.env.STORAGE_ACCOUNT_ENDPOINT_EU,
      ]
    : ["'self'"];

helmetDirectives['navigate-to'] = ["'self'"];
helmetDirectives['style-src'] = ["'self'", 'https:'];
helmetDirectives['report-uri'] = ["'self'"];
async function bootstrap() {
  const app = await NestFactory.create(AppModule);

  app.use(
    helmet({
      contentSecurityPolicy: {
        directives: helmetDirectives,
      },
    }),
    cookieParser(),
  );

  // バリデーター(+型の自動変換機能)を適用
  app.useGlobalPipes(
    new ValidationPipe({ transform: true, forbidUnknownValues: false }),
  );

  if (process.env.STAGE === 'local') {
    const options = new DocumentBuilder()
      .setTitle('ODMSOpenAPI')
      .setVersion('1.0.0')
      .addBearerAuth({
        type: 'http',
        scheme: 'bearer',
        bearerFormat: 'JWT',
      })
      .build();
    const document = SwaggerModule.createDocument(app, options);
    SwaggerModule.setup('api', app, document);
  }

  await app.listen(process.env.PORT || 80);
}
bootstrap();