Improve error messages for missing api keys

[ZuebeyirEser]

• Early API key validation before expensive operations
• Clear, helpful error messages
• Provider-specific instructions (OpenAI, Anthropic, Google, etc.)
• Suggests Ollama as an alternative
• Works correctly for both missing keys (shows error) and Ollama (no error)

Closes #243

[gemini-code-assist]

Summary of Changes

Hello @ZuebeyirEser, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly improves the user experience by introducing proactive and informative API key validation. It ensures that users are immediately notified of missing API keys with clear, actionable instructions before any resource-intensive operations begin. The changes include a new utility for generating detailed error messages, a centralized configuration for API key information, and integration of this validation logic across key CLI commands and model configuration settings.

Highlights

• Early API Key Validation: Implemented API key validation at the start of CLI commands (start, optimize, mcp_server) to prevent expensive operations from failing due to missing keys, providing immediate feedback to the user.
• Enhanced Error Messages: Introduced detailed, user-friendly error messages for missing API keys, including provider-specific setup instructions and suggesting Ollama as a local alternative.
• Centralized API Key Information: Created an API_KEY_INFO dictionary to centralize and manage details for various AI providers (OpenAI, Anthropic, Google, Azure, Cohere), making error message generation consistent.
• Model Configuration Validation: Added a validate_api_key method to ModelConfig and integrated it into AppConfig properties and methods to ensure API keys are present for configured models upon activation or setting.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request significantly improves the user experience by adding early validation for API keys and providing clear, helpful error messages. The changes are well-structured, particularly the centralization of API key information and the creation of a formatted error message function.

I've included a few suggestions to further refine the implementation:

• A refactoring to remove redundant validation logic, which will make the code cleaner and more efficient.
• Some minor improvements in config.py to enhance maintainability by using constants and simplifying code.

Overall, this is a great enhancement to the project's usability and robustness.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR attempts to add early API key validation with helpful error messages, but introduces a critical bug that breaks core CLI functionality.

Critical Issue

The validation added to active_orchestrator_config and active_cypher_config property getters (config.py:287-297) executes before CLI model switching completes. When _update_single_model_setting() (main.py:702) accesses settings.active_orchestrator_config to get the current config's kwargs, it triggers validation on the old/default config before the new model from --orchestrator flag is applied. This means:

• ❌ Users cannot switch from Ollama (default, no API key) to OpenAI via CLI flags
• ❌ The intended "fail fast" behavior actually prevents valid model switching
• ❌ The feature breaks the existing workflow where users override defaults via command-line

Additional Issues

Code Quality Violations (Custom Instructions):

1. Hardcoded strings: Multiple string literals ("model", "local", "vllm", error messages) should be constants or StrEnum members
2. TypedDict not used: API_KEY_INFO dict keys should be a StrEnum for type safety
3. Redundant validation: Validation happens 3 times - in property getter, in validate_models_early(), and in _initialize_services_and_agent()
4. Unnecessary wrapper: validate_model_config() method adds no value and should be inlined
5. Type inconsistency: cs.ModelRole | str parameter type is redundant (StrEnum already inherits from str)

What Works

✅ The format_missing_api_key_errors() function generates helpful, provider-specific error messages
✅ The ApiKeyInfoEntry TypedDict is well-structured
✅ Local providers (Ollama, local, vllm) are correctly exempted from API key requirements

Recommendation

The PR requires significant rework. The validation logic needs to be moved out of property getters to avoid breaking the model update flow. Consider validating only at the point where models are actually used, not when configs are accessed.

Confidence Score: 1/5

• This PR is NOT safe to merge - it contains a critical bug that breaks CLI model switching functionality.
• Score of 1/5 reflects a critical logic error that breaks core functionality. The validation in property getters executes before CLI model updates complete, preventing users from switching models via --orchestrator/--cypher flags when the default config lacks an API key. This completely undermines the PR's goal of improving error messages, as it blocks legitimate use cases. Additionally, multiple coding standard violations (hardcoded strings, redundant code, type inconsistencies) indicate the implementation needs substantial rework.
• Pay critical attention to codebase_rag/config.py - the property validation must be removed or moved to prevent breaking model switching. Also review codebase_rag/cli.py to eliminate redundant validation.

Important Files Changed

File Analysis

Filename	Score	Overview
codebase_rag/config.py	1/5	CRITICAL BUG: Property validation breaks CLI model switching. Multiple coding standard violations (hardcoded strings, type inconsistencies).
codebase_rag/cli.py	2/5	Adds redundant validation function that duplicates existing validation logic. Premature validation in MCP server command.

Sequence Diagram

sequenceDiagram
    participant User
    participant CLI as cli.py
    participant Main as main.py
    participant Config as config.py (AppConfig)
    participant Model as ModelConfig

    User->>CLI: graph-code start --orchestrator openai:gpt-4
    CLI->>Main: update_model_settings("openai:gpt-4", None)
    Main->>Main: _update_single_model_setting(ORCHESTRATOR, ...)
    
    Note over Main,Config: BUG: Validates OLD config before updating
    Main->>Config: settings.active_orchestrator_config
    Config->>Model: validate_api_key(ORCHESTRATOR)
    Model-->>Config: ValueError (if old config missing API key)
    Config-->>Main: FAILS before new config is set
    
    Note over Main,Config: If validation passed (e.g., Ollama default)
    Main->>Config: set_orchestrator(provider, model, **kwargs)
    Config->>Config: _active_orchestrator = ModelConfig(...)
    
    CLI->>CLI: validate_models_early()
    CLI->>Config: settings.active_orchestrator_config
    Note over CLI,Config: Redundant validation #1
    Config->>Model: validate_api_key(ORCHESTRATOR)
    
    CLI->>Main: main_async(...)
    Main->>Main: _initialize_services_and_agent()
    Main->>Main: _validate_provider_config()
    Note over Main: Redundant validation #2
    
    Note over User,Model: Result: Validation happens 3 times,<br/>breaks CLI model switching

Loading

[greptile-apps]

_{7 files reviewed, 7 comments}

_{Edit Code Review Agent Settings | Greptile}

[ZuebeyirEser]

@vitali87 Hi! I've resolved the merge conflict and addressed the code review feedback from @greptile-apps and @gemini-code-assist. The PR is now ready for review. Thanks!

[greptile-apps]

_{10 files reviewed, 10 comments}

_{Edit Code Review Agent Settings | Greptile}

[ZuebeyirEser]

@vitali87 I have resolved all the suggestion form greptile and ready for review!

[vitali87]

/gemini review

[gemini-code-assist]

Code Review

This pull request significantly improves the user experience by adding early validation for API keys and providing clear, helpful error messages when a key is missing. The changes are well-structured, with new providers and constants added cleanly.

I have two suggestions for improvement:

1. In codebase_rag/cli.py, consider refactoring duplicated code for model setting updates and validation into a helper function, while also considering the trade-off with readability that intentional duplication can sometimes offer.
2. In codebase_rag/config.py, a condition for checking API keys can be made more concise and Pythonic.

Overall, this is a valuable enhancement to the project.

[gemini-code-assist]

This block of code for updating and validating model settings is duplicated in the optimize function (lines 317-323). To improve maintainability and reduce redundancy, consider extracting this logic into a helper function. For example:

def _update_and_validate_models(orchestrator: str | None, cypher: str | None) -> None:
    try:
        update_model_settings(orchestrator, cypher)
    except ValueError as e:
        app_context.console.print(style(str(e), cs.Color.RED))
        raise typer.Exit(1) from None

    validate_models_early()

You could then call _update_and_validate_models(orchestrator, cypher) in both start and optimize commands. However, remember that intentional code duplication can sometimes be preferable to abstraction if it improves readability by making the control flow for slightly different cases more explicit. This is a trade-off to be consciously made.

References

1. Intentional code duplication may be preferable to abstraction if it improves readability by making the control flow for slightly different cases more explicit. This is a trade-off to be consciously made.

[gemini-code-assist]

The condition to check for a missing or whitespace-only API key can be simplified. The expression not (self.api_key and self.api_key.strip()) is a more concise and Pythonic way to achieve the same result as not self.api_key or self.api_key.strip() == "". It correctly handles None, empty strings, and whitespace-only strings.

Suggested change

	not self.api_key
	or self.api_key.strip() == ""
	not (self.api_key and self.api_key.strip())