support cert buffer (#336)

Signed-off-by: ryjiang <jiangruiyi@gmail.com>

milvus/grpc/BaseClient.ts

@@ -171,13 +171,15 @@ export class BaseClient {
 
     // If the root certificate path is provided, also set to one-way authentication
     this.tlsMode =
-      this.config.tls && this.config.tls.rootCertPath
+      this.config.tls &&
+      (this.config.tls.rootCert || this.config.tls.rootCertPath)
         ? TLS_MODE.ONE_WAY
         : this.tlsMode;
 
     // If the private key path is provided, set to two-way authentication
     this.tlsMode =
-      this.config.tls && this.config.tls.privateKeyPath
+      this.config.tls &&
+      (this.config.tls.privateKey || this.config.tls.privateKeyPath)
         ? TLS_MODE.TWO_WAY
         : this.tlsMode;
 
@@ -187,20 +189,34 @@ export class BaseClient {
         // For one-way authentication, create SSL credentials with the root certificate if provided
         const sslOption = this.config.tls?.rootCertPath
           ? readFileSync(this.config.tls?.rootCertPath)
-          : undefined;
+          : this.config.tls?.rootCert || undefined;
         this.creds = credentials.createSsl(sslOption);
         break;
       case TLS_MODE.TWO_WAY:
         // For two-way authentication, create SSL credentials with the root certificate, private key, certificate chain, and verify options
-        const { rootCertPath, privateKeyPath, certChainPath, verifyOptions } =
-          this.config.tls!;
-        const rootCertBuff: Buffer | null = rootCertPath
+        const {
+          rootCertPath,
+          rootCert,
+          privateKeyPath,
+          privateKey,
+          certChainPath,
+          certChain,
+          verifyOptions,
+        } = this.config.tls!;
+
+        const rootCertBuff: Buffer | null = rootCert
+          ? rootCert
+          : rootCertPath
           ? readFileSync(rootCertPath)
           : null;
-        const privateKeyBuff: Buffer | null = privateKeyPath
+        const privateKeyBuff: Buffer | null = privateKey
+          ? privateKey
+          : privateKeyPath
           ? readFileSync(privateKeyPath)
           : null;
-        const certChainBuff: Buffer | null = certChainPath
+        const certChainBuff: Buffer | null = certChain
+          ? certChain
+          : certChainPath
           ? readFileSync(certChainPath)
           : null;
         this.creds = credentials.createSsl(

milvus/types/Client.ts

@@ -40,10 +40,16 @@ export interface ClientConfig {
   tls?: {
     // root certificate file path, it can be a CA PEM (Certificate Authority PEM) or Server PEM (Server Certificate PEM):
     rootCertPath?: string;
+    // root certificate buffer
+    rootCert?: Buffer;
     // private key path
     privateKeyPath?: string;
+    // private key buffer
+    privateKey?: Buffer;
     // certificate path
     certChainPath?: string;
+    // certificate buffer
+    certChain?: Buffer;
     // verify options
     verifyOptions?: Record<string, any>;
     // server name

test/grpc/MilvusClient.spec.ts

@@ -1,4 +1,5 @@
 import path from 'path';
+import { readFileSync } from 'fs';
 import {
   MilvusClient,
   ERROR_REASONS,
@@ -215,5 +216,19 @@ describe(`Milvus client`, () => {
 
   //   const healthy = await mc.checkHealth();
   //   expect(healthy.isHealthy).toEqual(true);
+
+  //   const mc2 = new MilvusClient({
+  //     address: 'localhost:19530',
+  //     tls: {
+  //       rootCert: readFileSync(`test/cert/ca.pem`),
+  //       privateKey: readFileSync(`test/cert/client.key`),
+  //       certChain: readFileSync(`test/cert/client.pem`),
+  //       serverName: 'localhost',
+  //     },
+  //     logLevel: 'debug',
+  //   });
+
+  //   const healthy2 = await mc2.checkHealth();
+  //   expect(healthy2.isHealthy).toEqual(true);
   // });
 });