feat(pki): add slack webhook to alerts

[saifsmailbox98]

Context

This adds slack webhook to PKI alerts, earlier we only had emails and general webhooks.

Screenshots

Steps to verify the change

Add a slack webhook url to a new PKI alert

Type

• Fix
• Feature
• Improvement
• Breaking
• Docs
• Chore

Checklist

• Title follows the conventional commit format: type(scope): short description (scope is optional, e.g., fix: prevent crash on sync or fix(api): handle null response).
• Tested locally
• Updated docs (if needed)
• Read the contributing guide

[linear]

PKI-108 Notification Channel: Webhook Slack integration

[maidul98]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR adds Slack webhook support to PKI alerts, allowing notifications to be sent to Slack channels via Incoming Webhooks. The implementation follows the existing patterns for email and webhook channels with comprehensive security measures.

Key Changes:

• New pki-alert-v2-channel-slack-fns.ts implements Slack notification logic with Block Kit formatting
• Slack webhook URL validation enforces HTTPS and restricts hostname to exactly hooks.slack.com
• SSRF protection via DNS resolution and private IP blocking
• Webhook URL masking in logs to prevent token exposure
• Frontend forms and UI updated to support Slack channel creation and display
• Zod schemas added for client and server-side validation
• Documentation updated with Slack setup instructions

Security:
The PR implements strong security controls:

• URL validation enforces exact hostname match (hooks.slack.com) to prevent bypasses
• SSRF protection through DNS resolution and IP blocking
• HTTPS enforcement at both validation and schema levels
• Webhook token masking in all logging to prevent credential exposure
• Encrypted storage of webhook URLs using project KMS

Confidence Score: 5/5

• This PR is safe to merge with no critical issues found
• The implementation is well-structured with comprehensive security measures, follows existing patterns, includes proper validation at all layers, and has complete documentation
• No files require special attention

Important Files Changed

Filename	Overview
backend/src/services/pki-alert-v2/pki-alert-v2-channel-slack-fns.ts	New file that implements Slack webhook integration with proper URL validation, SSRF protection, retry logic, and masked logging
backend/src/services/pki-alert-v2/pki-alert-v2-service.ts	Integrates Slack channel support into alert service with proper validation and notification handling
frontend/src/views/PkiAlertsV2Page/components/CreatePkiAlertV2FormSteps.tsx	Adds Slack channel support to the alert creation form with proper input fields and display logic
frontend/src/hooks/api/pkiAlertsV2/types.ts	Adds Slack channel types and Zod validation schemas with proper URL and hostname validation
backend/src/services/pki-alert-v2/pki-alert-v2-types.ts	Adds Slack channel types and Zod validation schemas, removes unused fields from schema