support tls (#347)

Signed-off-by: ryjiang <jiangruiyi@gmail.com>

README.md

@@ -20,7 +20,7 @@ Before you begin, make sure that you have Milvus installed on either [your serve
 Here are the steps to start a container for running Attu:
 
 ```code
-docker run -p 8000:3000 -e MILVUS_URL={milvus server IP}:19530 zilliz/attu:v2.3.1
+docker run -p 8000:3000 -e MILVUS_URL={milvus server IP}:19530 zilliz/attu:v2.3.5
 ```
 
 Make sure that the Attu container can access the Milvus IP address. After starting the container, open your web browser and enter `http://{ Attu IP }:8000` to view the Attu GUI.
@@ -37,13 +37,24 @@ kubectl apply -f https://raw.githubusercontent.com/zilliztech/attu/main/attu-k8s
 
 Make sure that the Attu pod can access the Milvus service. In the example provided this connects directly to `my-release-milvus:19530`. Change this based on the Milvus service name. A more flexible way to achieve this would be to introduce a `ConfigMap`. See this [example]("https://raw.githubusercontent.com/zilliztech/attu/main/examples/attu-k8s-deploy-ConfigMap.yaml") for details.
 
-#### Parameters for Docker CLI
+#### Optional Environment Variables for Running Attu Docker
 
-| Parameter  | Example           | Required | Description                 |
-| :--------- | :---------------- | :------: | --------------------------- |
-| MILVUS_URL | 192.168.0.1:19530 |  false   | Optional, Milvus server URL |
+| Parameter        | Example              | Required | Description                             |
+| :--------------- | :------------------- | :------: | --------------------------------------- |
+| MILVUS_URL       | 192.168.0.1:19530    |  false   | Optional, Milvus server URL             |
+| ATTU_LOG_LEVEL   | info                 |  false   | Optional, sets the log level for Attu   |
+| ROOT_CERT_PATH   | /path/to/root/cert   |  false   | Optional, path to the root certificate  |
+| PRIVATE_KEY_PATH | /path/to/private/key |  false   | Optional, path to the private key       |
+| CERT_CHAIN_PATH  | /path/to/cert/chain  |  false   | Optional, path to the certificate chain |
+| SERVER_NAME      | your_server_name     |  false   | Optional, name of your server           |
 
-Note that "127.0.0.1" or "localhost" will not work when running Attu on Docker.
+> Please note that the `MILVUS_URL` should be an address that the Attu Docker container can access. Therefore, "127.0.0.1" or "localhost" will not work.
+
+To run the Docker container with these environment variables, use the following command:
+
+```bash
+docker run -e MILVUS_URL=192.168.0.1:19530 -e ATTU_LOG_LEVEL=info -e ROOT_CERT_PATH=/path/to/root/cert -e PRIVATE_KEY_PATH=/path/to/private/key -e CERT_CHAIN_PATH=/path/to/cert/chain -e SERVER_NAME=your_server_name zilliz/attu:v2.3.5
+```
 
 ## Common connection problem using Attu
 

server/src/milvus/milvus.service.ts

@@ -2,6 +2,7 @@ import {
   MilvusClient,
   FlushReq,
   GetMetricsResponse,
+  ClientConfig,
 } from '@zilliz/milvus2-sdk-node';
 import HttpErrors from 'http-errors';
 import { HTTP_STATUS_CODE } from '../utils/Const';
@@ -56,11 +57,32 @@ export class MilvusService {
 
     try {
       // Create a new Milvus client with the provided connection details
-      const milvusClient: MilvusClient = new MilvusClient({
+      const clientOptions: ClientConfig = {
         address: milvusAddress,
         username,
         password,
-      });
+        logLevel: process.env.ATTU_LOG_LEVEL || 'info',
+      };
+
+      if (process.env.ROOT_CERT_PATH) {
+        clientOptions.tls = {
+          rootCertPath: process.env.ROOT_CERT_PATH,
+        };
+
+        if (process.env.PRIVATE_KEY_PATH) {
+          clientOptions.tls.privateKeyPath = process.env.PRIVATE_KEY_PATH;
+        }
+
+        if (process.env.CERT_CHAIN_PATH) {
+          clientOptions.tls.certChainPath = process.env.CERT_CHAIN_PATH;
+        }
+
+        if (process.env.SERVER_NAME) {
+          clientOptions.tls.serverName = process.env.SERVER_NAME;
+        }
+      }
+      // create the client
+      const milvusClient: MilvusClient = new MilvusClient(clientOptions);
 
       // Set the active Milvus client to the newly created client
       MilvusService.activeMilvusClient = milvusClient;

server/test/tls/ca.pem

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDpzCCAo+gAwIBAgIUXZen56S+MZE8UTb09jyM6szs/ukwDQYJKoZIhvcNAQEL
+BQAwYzELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdaMQswCQYDVQQHDAJHWjESMBAG
+A1UECgwJcm9uZXRoaW5nMRIwEAYDVQQLDAlyb25ldGhpbmcxEjAQBgNVBAMMCWxv
+Y2FsaG9zdDAeFw0yMjA1MDEwODU3MzRaFw0zMjA0MjgwODU3MzRaMGMxCzAJBgNV
+BAYTAkNOMQswCQYDVQQIDAJHWjELMAkGA1UEBwwCR1oxEjAQBgNVBAoMCXJvbmV0
+aGluZzESMBAGA1UECwwJcm9uZXRoaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC4fe/Cw5gKBb/5L1n6ofYvLQB
+TtnYiBy3gr6g5ML+Nck1N3LiZgvEa7mm19eijxPegQH8u0AZhfEOP41IJCNedTSY
+dvenIpvDun+MI52dNnRnIl8gBdhEfJ6PyGWdI+PAksQD9R704TxID+TmyPIKA/ul
+u8Um3pkvlk3X9PHzo7kE0fveQPatbpHRc7YrCIfdpzJ/b3YYXtHS4FtBA4wX9sW/
+siSKcgiNzcxP8hqPcygFzOx3oUCt21LaS9E1Ji4r0s1M2eVwhFKxhqpfKRI4jLFN
+IA9vJlucH7hS5RU2p+2a9NBOqgYkarVKD0xIWtcoHoajKwqZnklBkMM8nhJhAgMB
+AAGjUzBRMB0GA1UdDgQWBBT8tV8mSqY4ujxUPTNNue7ty9ad8DAfBgNVHSMEGDAW
+gBT8tV8mSqY4ujxUPTNNue7ty9ad8DAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3
+DQEBCwUAA4IBAQCbaK5wizgoH3AS0AYgHRHbvVaLXEgihcmdsFGqszmkOS50dpcm
+bqs0wS0g7Ibgpv8bS9tn9gXhdTR04F08PrbbALBF0I1zIbT5F6rp2w7P78gWZDa7
+iPYCTYA1WRZEEVJD4eyFC4cM8uG0wVCbKuOFUJaUPONbdJ1S26xtBSJHy0g8JeNK
+3N70/xYa0AFk4D9EoX39oiCOnj1QWN2M0IjUJHUcu1Bm50dxDcpiaoWR6sCFJU4r
+gMlFpeZ9Sg6zh4sUs2X0YYusEp3ATz+0E0iRChEM0213yvBR3HwaJKSegBocflCZ
+SKrjAyIpRkscR0JKWUPICf+rr0B0mPeEYfgK
+-----END CERTIFICATE-----

server/test/tls/client.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCwQ/qyS53J8Xdp
+M26LcFGdtTMzjfzPoNtwnSdfqrMi2iMZeMwDPRkHoeHE9lyHYPssDbFuLNJPLibc
+BCfd5SeELLlyG3GDP+W0inUs3kE0voXbH4LmSOCKLnzw0GfblINWMB7aqgpHPtRT
+cdWHcPo+KJA66ZbD5cNIw77aBxcsDJa40GunzxVOKtGQopypjrj6mkpauVzT9Dwh
+ylYvMR+VL12pjozGCvSTNSgJfP7DX2UwHTMEBbxiTNQ7F8w4X5d2xuS2HepLy0/+
+uWo1e7jDGAWN27Alr1766n2os3WClL06U6mmlT7HE2TvunhiBNjWnWafENaeH9W5
+rmVNDCmLAgMBAAECggEBAJLcUOh08EbtlRxl6djsAFRyQPLXfqhP0gYGKmQfCZok
+PdJfPzwDj/M4Aa/lxDpXp26RCiBN3/xw65etLrpGz6Hk0a4tB2rftjeylOaJV7Lm
+ewiTPLE6TztSeG78dUwSdUs+VLbDrkSmKKpN0idDDnzztxgev6sAqLDbxwxJlBjy
+EeERzCG4JCc4aZlFtz1oWgFGXr3lxxxXbfzdhY/M87IkenGNZges0iSRbcFsGq8z
+oVaFV9KkVZ6lxLCMXIIfen9E6g/nq01mnTXM+LHd9Laqj0q6wpULCi5X/v/igS5I
+1fsUT8V+s+LjpWMBu6Bd0uY2tr3Li4Fn46p+HvVe6cECgYEA3eqSfUowlEs3WLBl
+acfb6/Vo9GeRnJpmLeTdXAO3NeOX4qLISQFQEUopG2qOrXSo4t40o8xX0iMe6uIQ
+7BVFJgdE12kdx0cQGqFACIxAiM6VbeqfKt4i8EB1ld/8fXusdH71b/ZkudbQ8gUx
+S3HNsid7Y7qIgXlQ3zZel8+juakCgYEAy1Z8R6bnyF7W0D09SkVfpuMsMoFIi6ZP
+w+rrk/8E85S2Ag8LnbQtJICiMgBYWQSu5IoGMoBw6N0j9OhaSOsbNYZjwmC9UqWH
+8ZbPrAqt3q0B76i9f7+K75gIyXEhVQBtlKUw53wGd9dgUkq5o+YZxK4ABqji+r+2
+d1rj49PLkhMCgYANQpL2QZSdh9EKz59/rp2Jf+SBlh6xSNiKLX68nMw5wBu3QxrM
+ofNy1QeXx8o2ux3MUJK8pt0ohUi3qEJymOLE3vJSHMnWunxP2wrEd/zzL8TmCHry
+SMu1p2RfTD7+EIHBhESOKB7kq91YWM8VPvuXhZxt3RuDAQjADbOhRpr14QKBgGIy
+2D46SsGnm5JhoNHXgwQzvcp+SSy4GtmBAFgu1pNUBDomTfPRaeOxA6OmKwSCkHvq
+dGe7Q8wR0CWceM2yTSeiSVc8JPJe4rI3pP9vAN0DLGYzVaD2PgDLqaKvMeu9Ey6w
+QFfqu6zwpKHZWKHgpB0p8vVEZqm2IEav7FLAnBVlAoGBAI1KJJ0Z18lOQDqpZtH/
+tYYmCMlYLOkHOVJ5/Fi+UjLLwCk2yyXw3Tr5PqxNaI1va4wp5lt/VZqRZibFm9hW
+ecsBuCDVZFPcu5UUHNrwXxb3wwidjsjJso0PVxw7FI7d7rlTqRYm5dntjlxBHhtd
+IPkBc4ceeMp14AaItE9f1HE5
+-----END PRIVATE KEY-----

server/test/tls/client.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDizCCAnOgAwIBAgIUNCeQzjvQkinJwUgQ4quG0opHAL8wDQYJKoZIhvcNAQEL
+BQAwYzELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdaMQswCQYDVQQHDAJHWjESMBAG
+A1UECgwJcm9uZXRoaW5nMRIwEAYDVQQLDAlyb25ldGhpbmcxEjAQBgNVBAMMCWxv
+Y2FsaG9zdDAeFw0yMjA1MDEwODU3MzRaFw0zMjA0MjgwODU3MzRaMEkxCzAJBgNV
+BAYTAkNOMRIwEAYDVQQKDAlyb25ldGhpbmcxEjAQBgNVBAsMCXJvbmV0aGluZzES
+MBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAsEP6skudyfF3aTNui3BRnbUzM438z6DbcJ0nX6qzItojGXjMAz0ZB6HhxPZc
+h2D7LA2xbizSTy4m3AQn3eUnhCy5chtxgz/ltIp1LN5BNL6F2x+C5kjgii588NBn
+25SDVjAe2qoKRz7UU3HVh3D6PiiQOumWw+XDSMO+2gcXLAyWuNBrp88VTirRkKKc
+qY64+ppKWrlc0/Q8IcpWLzEflS9dqY6Mxgr0kzUoCXz+w19lMB0zBAW8YkzUOxfM
+OF+Xdsbkth3qS8tP/rlqNXu4wxgFjduwJa9e+up9qLN1gpS9OlOpppU+xxNk77p4
+YgTY1p1mnxDWnh/Vua5lTQwpiwIDAQABo1EwTzAJBgNVHRMEAjAAMAsGA1UdDwQE
+AwIF4DA1BgNVHREELjAsgglsb2NhbGhvc3SCDioucm9uZXRoaW5nLmNugg8qLnJv
+bmV0aGluZy5jb20wDQYJKoZIhvcNAQELBQADggEBAHBmcrQBtOcY776CHfRnHkWG
+2JX595eY9cTEi+xB3n3q6Uo9GkGpGkg0T9U67dj68aB5ETm9+F8augS/5e2vbyJ/
+GfwtwbmJFkM4SVrSYpHLYQc72j6kG4oLauz8C3IZxirX4nAxGDEnHbpLrS2HIZ+l
+/G5YQeaYStxmleOD4CwrOOIUdRATMTaQgRu6pUJhuhC9Fm1v+ueg6b24RB9V+jvU
+FOFiR29PPRyyAm3UBEv4yyVSoW6RgD+5QpD/HTGbXumT1xASKDeLY7HBVU9FXxN+
+wojcbIyFkXNo3C+5P7zN7S1zJV6Fp4TeOJpIeQn8ARf7XFQYREVesf9QC7yHxPk=
+-----END CERTIFICATE-----

server/test/tls/server.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDizCCAnOgAwIBAgIUNCeQzjvQkinJwUgQ4quG0opHAL4wDQYJKoZIhvcNAQEL
+BQAwYzELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdaMQswCQYDVQQHDAJHWjESMBAG
+A1UECgwJcm9uZXRoaW5nMRIwEAYDVQQLDAlyb25ldGhpbmcxEjAQBgNVBAMMCWxv
+Y2FsaG9zdDAeFw0yMjA1MDEwODU3MzRaFw0zMjA0MjgwODU3MzRaMEkxCzAJBgNV
+BAYTAkNOMRIwEAYDVQQKDAlyb25ldGhpbmcxEjAQBgNVBAsMCXJvbmV0aGluZzES
+MBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAsiO3f54uRcWcXTHJSbYzCC9io8duF0xxnHIEke7smYOAFmNDsHri/9405UNt
+zcpanMfaSck1cf/OM5jzHZDyDvK3WsSo6uHtxnw3T8f8FwNoenRZGPUPx7+tYnGN
+AScnPkMOidXZf2YKEwn/VQD9/3nmsv+CbA+YaHLcqvGXn7aqDb6Uj6Ja8E6O7j9E
+0rb4jNC0k76Jl8+3RkHZTm45fNqXyUmXKtWMy1OgYxNI09Y0yo4GgTE8KqTtjT+v
+ug/nQv3RwWPP93yc9CHHR5Zon10j0CNZ/Cyb2Zi0SBnayojW8mtL8MkyvfpDFpJg
+KPC5m7kgguhUN193lEUPNVLoYwIDAQABo1EwTzAJBgNVHRMEAjAAMAsGA1UdDwQE
+AwIF4DA1BgNVHREELjAsgglsb2NhbGhvc3SCDioucm9uZXRoaW5nLmNugg8qLnJv
+bmV0aGluZy5jb20wDQYJKoZIhvcNAQELBQADggEBAG18ss3sNJjLXMv9Wm+dBvMQ
+ekGFunZ3unN641RxGpUWjbUj963woXx8eiL6lJFKiU52aXrFR4+6BZ0tbRsLz4e4
+pmCdOz4mClmNSk6mSSz7W8tnhz+h1jqUzp5whAh1Gj5QdauTzgcLFxBw3PWTt8tp
+4xGIuZwAWyB9MHXMkBtsdiP/oUEoVXYC2SA+o7dWr0d9w0K6BA00TZR+OHscfpGS
+k0aD1Cu8fxiccnY7jcBMz/2vVg3LzoeUqL7TZbpan/jzO5FAMVoi21UFwEQbBYMb
+yUbPei060JQ/u7H6CR9OCCHKsDvtpIfgpeAmjcuFSCF+Q3cHTAstHrlZWaOCNO4=
+-----END CERTIFICATE-----