fix: Return null for corrupted/invalid API key files and add Connect fixtures test

[elibosley]

Motivation

• Make API key file loading tolerant of corrupted JSON and validation failures by returning null and logging errors instead of throwing, and ensure only valid Connect key fixtures are loaded from disk.

Description

• Change loadApiKeyFile to return null and log errors when encountering a SyntaxError or ValidationError instead of throwing exceptions.
• Add a unit test should load only valid keys from provided Connect key fixtures to assert only valid Connect keys are loaded and that missing/invalid files produce an error log.
• Update tests should return null on corrupted JSON and should return null on invalid API key structure to expect null and to assert the appropriate error logs are emitted.
• Keep existing normalization behavior for roles and permission actions and validate that normalized values are returned by the loader.

Testing

• Ran the ApiKeyService unit tests in api-key.service.spec.ts, including the new should load only valid keys from provided Connect key fixtures test, and they passed.
• Updated tests should return null on corrupted JSON and should return null on invalid API key structure to reflect the new null return behavior and those assertions passed.
• Existing normalization tests for actions/roles were executed and passed.

---

Codex Task

Summary by CodeRabbit

• Bug Fixes

  • Improved API key file loading resilience—invalid or corrupted key files are now skipped gracefully instead of causing the entire loading process to fail, ensuring valid keys are still loaded even when problematic files are present.

• Tests

  • Enhanced test coverage for error handling scenarios during API key validation.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 6dbf5234-b7f5-4988-8038-19e1e7001275

📥 Commits

Reviewing files that changed from the base of the PR and between 90bbe9a and 47e466b.

📒 Files selected for processing (2)

• api/src/unraid-api/auth/api-key.service.spec.ts
• api/src/unraid-api/auth/api-key.service.ts

Disabled knowledge base sources:

• Linear integration is disabled

You can enable these sources in your CodeRabbit configuration.

---

Walkthrough

The API key service error handling is updated to gracefully skip invalid key files by returning null instead of throwing errors. This allows the system to load valid keys from disk without aborting when encountering corrupted or malformed files, with validation errors logged for debugging.

Changes

Cohort / File(s)	Summary
API Key Service Error Handling api/src/unraid-api/auth/api-key.service.ts, api/src/unraid-api/auth/api-key.service.spec.ts	Implementation returns null for corrupted or invalid key files instead of throwing errors. Corresponding test updates refactor expectations for corrupted JSON and invalid structures to assert null returns with specific logged error messages. New test added for validating loadAllFromDisk filters invalid files while preserving valid Connect-key fixtures.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 With whiskers twitching and nose held high,
We skip the broken files without a sigh,
Return a null instead of throwing fits,
And log our troubles bit by bit,
No crashes now—just graceful grace! 🌿

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch codex/fix-onboarding-flow-crash-due-to-api-key-validation

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 48.61%. Comparing base (14a8fa8) to head (47e466b).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1886      +/-   ##
==========================================
- Coverage   48.62%   48.61%   -0.01%     
==========================================
  Files        1013     1013              
  Lines       67606    67606              
  Branches     6925     6927       +2     
==========================================
- Hits        32872    32870       -2     
- Misses      34613    34615       +2     
  Partials      121      121              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

This plugin has been deployed to Cloudflare R2 and is available for testing.
Download it at this URL:

https://preview.dl.unraid.net/unraid-api/tag/PR1886/dynamix.unraid.net.plg