openshift · sradco · Mar 12, 2026 · jgbernalp · May 19, 2026
diff --git a/.github/workflows/unit-tests.yaml b/.github/workflows/unit-tests.yaml
diff --git a/api/openapi.yaml b/api/openapi.yaml
@@ -12,6 +12,44 @@ servers:
 
 paths:
   /rules:
+    delete:
+      operationId: BulkDeleteUserDefinedAlertRules
+      summary: Bulk delete user-defined alert rules
+      description: >
+        Deletes one or more user-defined alert rules by their stable IDs.
+        Each rule is deleted independently; per-rule status is returned in
+        the response so partial success is visible to the caller.
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/BulkDeleteAlertRulesRequest"
+      responses:
+        "200":
+          description: Deletion results (may include per-rule errors)
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/BulkDeleteAlertRulesResponse"
+        "400":
+          description: Invalid request body
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
+        "401":
+          description: Missing or invalid authorization token
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
+        "500":
+          description: Unexpected server error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
     post:
       operationId: CreateAlertRule
       summary: Create an alert rule
@@ -141,6 +179,46 @@ components:
           type: string
           description: Computed stable ID for the created alert rule.
 
+    BulkDeleteAlertRulesRequest:
+      type: object
+      required:
+        - ruleIds
+      properties:
+        ruleIds:
+          type: array
+          minItems: 1
+          maxItems: 100
+          items:
+            type: string
+          description: List of stable alert rule IDs to delete (at most 100 per request).
+
+    DeleteAlertRuleResult:
+      type: object
+      required:
+        - id
+        - statusCode
+      properties:
+        id:
+          type: string
+          description: The stable alert rule ID that was processed.
+        statusCode:
+          type: integer
+          description: HTTP status code for this rule's deletion result.
+        message:
+          type: string
+          description: Error message if deletion failed; omitted on success.
+
+    BulkDeleteAlertRulesResponse:
+      type: object
+      required:
+        - rules
+      properties:
+        rules:
+          type: array
+          items:
+            $ref: "#/components/schemas/DeleteAlertRuleResult"
+          description: Per-rule deletion results.
+
     ErrorResponse:
       type: object
       required:

diff --git a/internal/managementrouter/api_generated.go b/internal/managementrouter/api_generated.go
diff --git a/internal/managementrouter/router.go b/internal/managementrouter/router.go
@@ -21,6 +21,8 @@ var log = logrus.WithField("module", "managementrouter")
 // maxRequestBodyBytes limits incoming request bodies to 1 MB across all handlers.
 const maxRequestBodyBytes = 1 << 20 // 1 MB
 
+const maxBulkDeleteRuleIds = 100
+
 type httpRouter struct {
 	managementClient management.Client
 }

diff --git a/internal/managementrouter/user_defined_alert_rule_bulk_delete.go b/internal/managementrouter/user_defined_alert_rule_bulk_delete.go
@@ -0,0 +1,61 @@
+package managementrouter
+
+import (
+	"encoding/json"
+	"net/http"
+	"strings"
+)
+
+// BulkDeleteUserDefinedAlertRules implements ServerInterface.
+func (hr *httpRouter) BulkDeleteUserDefinedAlertRules(w http.ResponseWriter, req *http.Request) {
+	req.Body = http.MaxBytesReader(w, req.Body, maxRequestBodyBytes)
+
+	var payload BulkDeleteAlertRulesRequest
+	if err := json.NewDecoder(req.Body).Decode(&payload); err != nil {
+		writeError(w, http.StatusBadRequest, "invalid request body")
+		return
+	}
+	if len(payload.RuleIds) == 0 {
+		writeError(w, http.StatusBadRequest, "ruleIds is required")
+		return
+	}
+	if len(payload.RuleIds) > maxBulkDeleteRuleIds {
+		writeError(w, http.StatusBadRequest, "ruleIds exceeds maximum of 100")
+		return
+	}
+
+	results := make([]DeleteAlertRuleResult, 0, len(payload.RuleIds))
+
+	for _, id := range payload.RuleIds {
+		id = strings.TrimSpace(id)
+		if id == "" {
+			msg := "missing ruleId"
+			results = append(results, DeleteAlertRuleResult{
+				Id:         id,
+				StatusCode: http.StatusBadRequest,
+				Message:    &msg,
+			})
+			continue
+		}
+
+		if err := hr.managementClient.DeleteAlertRuleById(req.Context(), id); err != nil {
+			status, message := parseError(err)
+			results = append(results, DeleteAlertRuleResult{
+				Id:         id,
+				StatusCode: status,
+				Message:    &message,
+			})
+			continue
+		}
+		results = append(results, DeleteAlertRuleResult{
+			Id:         id,
+			StatusCode: http.StatusNoContent,
+		})
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	if err := json.NewEncoder(w).Encode(BulkDeleteAlertRulesResponse{Rules: results}); err != nil {
+		log.WithError(err).Warn("failed to encode bulk delete response")
+	}
+}