Protected containers: Add DELETE REST API for container protection rules

• Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA

What does this MR do and why?

Protected containers: Add DELETE REST API for container protection rules

This MR adds the DELETE route to the REST API for container protection rules to allow deleting existing container protection rules.

This is part of #457518 (closed) and still behind a feature flag.

It's the equivalent to the DELETE endpoint for package protection rules, but for the container registry.

🛠 with ❤ at Siemens

MR acceptance checklist

MR Checklist ( @nwittstruck)

• Changelog entry added, if necessary
• Documentation created/updated via this MR
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Tested in all supported browsers
• Conforms to the code review guidelines
• Conforms to the merge request performance guidelines
• Conforms to the style guides
• Conforms to the javascript style guides
• [] Conforms to the database guides

How to set up and validate locally

1. Enable feature flag via rails c:

Feature.enable(:container_registry_protected_containers)

2. Create a new container protection rule:

curl -k --request POST \
  --url https://gdk.test:3443/api/v4/projects/7/registry/protection/rules \
  --header 'Authorization: Bearer ypCa3Dzb23o5nvsixwPA' \
  --header 'Content-Type: application/json' \
  --data '{
	"repository_path_pattern": "flightjs/flight-needs-to-be-a-unique-path",
	"minimum_access_level_for_push": "maintainer",
        "minimum_access_level_for_delete": "maintainer"
    }'

3. Now you can delete this rule - just adjust the id to the id returned by the previous command:

curl -k --request DELETE \                                                                                                                                                                 
  --url https://gdk.test:3443/api/v4/projects/7/registry/protection/rules/1 \
  --header 'Authorization: Bearer ypCa3Dzb23o5nvsixwPA'

Related to #457518 (closed)

doc/api/project_container_registry_protection_rules.md

@@ -158,3 +158,37 @@ curl --request PATCH \
        "repository_path_pattern": "flight/flight-*"
     }'
 ```
+
+## Delete a container registry protection rule
+
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/457518) in GitLab 17.3.
+
+Deletes a container registry protection rule from a project.
+
+```plaintext
+DELETE /api/v4/projects/:id/registry/protection/rules/:protection_rule_id
+```
+
+Supported attributes:
+
+| Attribute            | Type           | Required | Description |
+|----------------------|----------------|----------|-------------|
+| `id`                 | integer/string | Yes      | ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
+| `protection_rule_id` | integer        | Yes      | ID of the container registry protection rule to be deleted. |
+
+If successful, returns [`204 No Content`](rest/index.md#status-codes).
+
+Can return the following status codes:
+
+- `204 No Content`: The protection rule was deleted successfully.
+- `400 Bad Request`: The `id` or the `protection_rule_id` are missing or are invalid.
+- `401 Unauthorized`: The access token is invalid.
+- `403 Forbidden`: The user does not have permission to delete the protection rule.
+- `404 Not Found`: The project or the protection rule was not found.
+
+Example request:
+
+```shell
+curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" \
+  --url "https://gitlab.example.com/api/v4/projects/7/registry/protection/rules/1"
+```