fix: log security warning when auth disabled and remove API key from 401 response

[oindrilakha12-ui]

What

Two security hardening changes to pkg/servers/e2b/routes.go:

1. Log a security warning when authentication is disabled — when keyCfg is nil, every request silently received admin-level AnonymousUser access with no operator visibility. Now logs an Error-level message on every request so misconfigured deployments are immediately detectable in logs/alerts.

2. Stop echoing submitted API key in 401 responses — the previous error message "Invalid API Key: <submitted-key>" reflected the caller's key back in the response body, aiding brute-force key validation. Replaced with the static message "Invalid API Key".

Why

• A single Helm misconfiguration (missing key Secret) silently exposed all sandbox management APIs with admin privileges
• Operators had no signal that auth was disabled unless they audited the startup config
• Leaking the submitted key in 401 aids attackers in confirming partial key guesses

Changes

• routes.go: Add klog.Error warning in CheckApiKey when sc.keys == nil
• routes.go: Replace fmt.Sprintf("Invalid API Key: %s", apiKey) with "Invalid API Key"
• routes_test.go: Update test expectations to match new generic 401 message

Testing

• go test github.com/openkruise/agents/pkg/servers/e2b -run TestCheckApiKey ✅
• go build ./pkg/servers/e2b/... ✅

Fixes #389

[kruise-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign furykerry for approval by writing /assign @furykerry in a comment. For more information see:The Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov]

Codecov Report

❌ Patch coverage is 50.00000% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 76.50%. Comparing base (5d3212b) to head (d736ac4).
⚠️ Report is 3 commits behind head on master.

Files with missing lines	Patch %	Lines
pkg/servers/e2b/routes.go	50.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #391      +/-   ##
==========================================
+ Coverage   75.90%   76.50%   +0.60%     
==========================================
  Files         145      146       +1     
  Lines       10626    10685      +59     
==========================================
+ Hits         8066     8175     +109     
+ Misses       2212     2169      -43     
+ Partials      348      341       -7     

Flag	Coverage Δ
unittests	76.50% <50.00%> (+0.60%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.