feat(pki): add pagerduty channel to PKI alerting and split alerting docs

[saifsmailbox98]

Context

This PR adds PagerDuty as a channel to PKI alerting and also splits the existing documentation of alerting from being a large single page to separate pages for each channel type.

Screenshots

Steps to verify the change

• Configure PKI alerts with pagerduty as a channel
• run mint dev in docs

Type

• Fix
• Feature
• Improvement
• Breaking
• Docs
• Chore

Checklist

• Title follows the conventional commit format: type(scope): short description (scope is optional, e.g., fix: prevent crash on sync or fix(api): handle null response).
• Tested locally
• Updated docs (if needed)
• Read the contributing guide

[linear]

PKI-68 Infisical PKI: Alerting Integration with PagerDuty

PKI-122 Create dedicated docs for Webhook and Slack alerts

[maidul98]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR successfully adds PagerDuty as a notification channel for PKI certificate alerts and improves documentation organization by splitting alerting docs into separate pages for each channel type.

Key Changes:

• Added PagerDuty integration with Events API v2 support, including proper validation of 32-character hex integration keys, automatic severity mapping based on certificate expiry, and retry logic for transient failures
• Updated frontend to include PagerDuty channel option in alert configuration UI with proper form validation
• Split PKI alerting documentation from a single page into dedicated pages for each channel (overview, webhook, Slack, PagerDuty) with a redirect for backward compatibility
• Renamed SIGNING_SECRET_MASK to SECRET_MASK for broader reuse across different secret types

Technical Implementation:

• Uses hardcoded PagerDuty endpoint (no SSRF risk)
• Implements proper retry logic with exponential backoff
• Masks sensitive integration keys in logs and UI
• Groups alerts by alert ID using dedup_key to prevent duplicate incidents
• Limits certificates in payload to 10 to stay under 512KB limit

Security Notes:

• Integration keys are validated and masked properly
• No user-controllable URLs (PagerDuty endpoint is hardcoded)
• Regex patterns are simple fixed-length validators (low ReDoS risk, but should follow repo guidelines to use re2)

Confidence Score: 4/5

• This PR is safe to merge with minimal risk after addressing the regex usage guideline
• The implementation is well-structured with proper validation, error handling, and documentation. The only concern is minor non-compliance with repository guidelines requiring re2 package for regex operations instead of native regex, though the specific regex patterns used are simple and low-risk
• Check backend/src/services/pki-alert-v2/pki-alert-v2-channel-pagerduty-fns.ts and frontend/src/hooks/api/pkiAlertsV2/types.ts for regex usage compliance with repository guidelines

Important Files Changed

Filename	Overview
backend/src/services/pki-alert-v2/pki-alert-v2-channel-pagerduty-fns.ts	New PagerDuty integration with proper validation, retry logic, and hardcoded endpoint (no SSRF risk)
backend/src/services/pki-alert-v2/pki-alert-v2-service.ts	Integrates PagerDuty channel into alert service with proper error handling and masking
backend/src/services/pki-alert-v2/pki-alert-v2-types.ts	Adds PagerDuty types and validation schema with proper 32-char hex key validation
frontend/src/hooks/api/pkiAlertsV2/types.ts	Frontend types updated for PagerDuty channel with validation schema
frontend/src/views/PkiAlertsV2Page/components/CreatePkiAlertV2FormSteps.tsx	Adds PagerDuty channel UI with integration key input field and proper form handling
docs/docs.json	Restructures PKI alerting docs into separate pages with redirect for backward compatibility

[greptile-apps]

_{17 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}