feat: implement delete for resource by identifier

[mleonidas]

• adds the ability to delete a resource by identifier over the api

Summary by CodeRabbit

• New Features

  • New DELETE endpoint to remove resources by identifier (returns 204 No Content; 400/404 error cases)
  • Router and API typings updated to expose the identifier-based delete operation

• Style

  • Normalized formatting and consistent single-quote strings across OpenAPI helpers and responses

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds a DELETE endpoint to remove a resource by identifier, updates OpenAPI spec and typings, implements a route handler that resolves the resource, emits a ResourceDeleted event, returns 204 on success, and introduces OpenAPI helpers noContent() and internalServerError() with minor formatting fixes.

Changes

Cohort / File(s)	Summary
OpenAPI helpers apps/api/openapi/lib/openapi.libsonnet	Normalized spacing in helper signatures, switched description strings to single quotes, added noContent() (204) and internalServerError() (500) helpers.
OpenAPI path definitions apps/api/openapi/paths/resources.jsonnet	Added delete operation for /v1/workspaces/{workspaceId}/resources/identifier/{identifier} with workspaceIdParam() and identifierParam(); responses: noContent() + notFoundResponse() + badRequestResponse(); minor response formatting edits elsewhere.
OpenAPI JSON apps/api/openapi/openapi.json	Inserted DELETE operation /v1/workspaces/{workspaceId}/resources/identifier/{identifier} (operationId: deleteResourceByIdentifier) with 204 success and modeled 400/404 error responses.
Route handlers apps/api/src/routes/v1/workspaces/resources.ts	Added deleteResourceByIdentifier handler and router .delete("/identifier/:identifier", ...): pre-fetches resource, maps errors, emits ResourceDeleted, returns 204; router export updated.
OpenAPI types apps/api/src/types/openapi.ts	Added deleteResourceByIdentifier operation type and changed path item for /v1/workspaces/{workspaceId}/resources/identifier/{identifier} to include concrete delete operation (was never).

Sequence Diagram(s)

sequenceDiagram
  participant Client as Client
  participant API as API Server
  participant Service as Resource Service
  participant Events as Event Bus

  Client->>API: DELETE /v1/workspaces/{workspaceId}/resources/identifier/{identifier}
  API->>Service: resolveResource(workspaceId, identifier)
  alt resource found
    Service-->>API: resource
    API->>Service: deleteResource(resource.id)
    Service-->>API: deletion confirmation
    API->>Events: emit ResourceDeleted
    Events-->>API: ack
    API-->>Client: 204 No Content
  else not found
    Service-->>API: not found
    API-->>Client: 404 ErrorResponse
  end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• feat: delete resource worker #498: Adds DeleteResource worker and queue handling that likely consumes emitted ResourceDeleted events from this endpoint.

Suggested reviewers

• adityachoudhari26
• jsbroks

Poem

🐰 I dug a little route in code tonight,
A DELETE by ID to set things right.
Events hop out, the payloads sing,
No content returns — bells of spring.
I twitch my nose and nibble bytes.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: implement delete for resource by identifier' directly and clearly summarizes the main change: adding a DELETE operation for resources by identifier across the API, OpenAPI specs, types, and routes.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Fix all issues with AI agents

In `@apps/api/openapi/openapi.json`:
- Around line 5650-5682: Update the OpenAPI operation with operationId
"deleteResourceByIdentifier" to include documented error responses that match
runtime behavior: add 401 (Unauthorized) when auth fails, 404 (Not Found) when
the resource/ workspaceId or identifier is missing, and 500 (Internal Server
Error) for unexpected server errors; reference your existing error schema (e.g.,
ErrorResponse or ApiError) in each response's content/application/json schema
and keep descriptions concise; ensure the operation still includes the existing
204 response and retains path parameters "workspaceId" and "identifier".

In `@apps/api/src/routes/v1/workspaces/resources.ts`:
- Around line 116-144: In updateVariablesForResource, the handler currently
sends a 204 with no content which violates the OpenAPI contract; change the
final response to return HTTP 202 with a JSON body containing the updated
variables as described by the spec (use the request body `body` as the updated
variables payload and include any expected fields such as the resource id from
`resourceResponse.data.id` if the spec requires it), i.e. replace the
res.status(204).end() with a 202 JSON response that returns the updated
variables object after the sendGoEvent call.
- Around line 8-38: The CEL decoding can throw URIError causing a 500; wrap the
decode logic in a try/catch inside listResources: when cel is a string attempt
the decodeURIComponent(...) and if it throws, throw a new ApiError with a clear
validation message (e.g., "Invalid cel query") and status 400; keep the decoded
value in the existing decodedCel variable and leave the rest of the request flow
unchanged so malformed CEL returns 400 instead of bubbling as a 500.

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@apps/api/src/routes/v1/workspaces/resources.ts`:
- Around line 106-111: The GET call using getClientFor(workspaceId).GET is
passing limit and offset at the wrong level so they are ignored; move the query
object under params (i.e. params.query) so the SDK receives query params. Update
the call that builds the request for
"/v1/workspaces/{workspaceId}/resources/{resourceIdentifier}/variables" (the
code referencing workspaceId, resourceIdentifier, limit, offset) to nest the
query ({ limit, offset }) inside params as params.query instead of as a sibling.
- Around line 153-182: The handler getReleaseTargetForResourceInDeployment is
destructuring req.params.resourceIdentifier but the Express route registers the
param as :identifier, so resourceIdentifier will be undefined; fix by reading
req.params.identifier (or rename the route param to resourceIdentifier) and use
that value (e.g., const resourceIdentifier = req.params.identifier) before
encoding and calling getClientFor, and apply the same parameter-name alignment
to the other identifier-based handlers mentioned (the ones around the other
release-target/deployment routes) so route params and handler params match
consistently.