feat: report failure gha on slack (#11)

.github/actions/report-failure-on-slack/README.md

@@ -0,0 +1,39 @@
+# Report Failure and Notify Slack
+
+This GitHub composite action imports secrets from HashiCorp Vault and sends a Slack notification in case of a workflow failure.
+It helps automate incident reporting and ensures timely notifications to the relevant Slack channel.
+
+## Inputs
+
+- **vault_addr**: (required) The address of the Vault instance.
+- **vault_role_id**: (required) The role ID used for authentication with Vault.
+- **vault_secret_id**: (required) The secret ID used for authentication with Vault.
+- **slack_channel_id**: (optional) The Slack channel ID where the notification will be sent. Default is 'C076N4G1162' (#infraex-alerts).
+- **slack_mention_people**: (optional) The Slack people to mention of the notification. Default is '@infraex-medic'.
+
+## Usage
+
+To use this composite action in your workflow, include it as a step and provide the necessary inputs. Below is an example workflow using this action:
+
+```yaml
+name: Example Workflow
+on: [push, pull_request]
+
+jobs:
+  example-job:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      # Other steps of your workflow
+
+      - name: Report Failure and Notify Slack
+        if: failure() && github.event_name == 'schedule'
+        uses: camunda/infraex-common-config/.github/actions/report-failure-on-slack@main
+        with:
+          vault_addr: ${{ secrets.VAULT_ADDR }}
+          vault_role_id: ${{ secrets.VAULT_ROLE_ID }}
+          vault_secret_id: ${{ secrets.VAULT_SECRET_ID }}
+          slack_channel_id: 'your-slack-channel-id' # Optional
+```

.github/actions/report-failure-on-slack/action.yml

@@ -0,0 +1,57 @@
+name: 'Report Failure and Notify Slack'
+description: 'Imports secrets and sends a Slack notification in case of failure'
+inputs:
+  vault_addr:
+    description: 'Vault address'
+    required: true
+  vault_role_id:
+    description: 'Vault role ID'
+    required: true
+  vault_secret_id:
+    description: 'Vault secret ID'
+    required: true
+  slack_channel_id:
+    description: 'Slack channel ID'
+    default: 'C076N4G1162' # infraex-alerts
+  slack_mention_people:
+    description: "People to mention in the alert message"
+    default: "@infraex-medic"
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Import Secrets
+      id: secrets
+      uses: hashicorp/vault-action@d1720f055e0635fd932a1d2a48f87a666a57906c # v3
+      with:
+        url: ${{ inputs.vault_addr }}
+        method: approle
+        roleId: ${{ inputs.vault_role_id }}
+        secretId: ${{ inputs.vault_secret_id }}
+        exportEnv: false
+        secrets: |
+          secret/data/products/infrastructure-experience/ci/common SLACK_BOT_TOKEN;
+
+    - name: Notify in Slack in case of failure
+      id: slack-notification
+      uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
+      with:
+        channel-id: ${{ inputs.slack_channel_id }}
+        payload: |
+          {
+            "unfurl_links": false,
+            "unfurl_media": false,
+            "text": "${{ github.event.repository.name }} (${{ github.server_url }}/${{ github.repository }}) scheduled workflow: ${{ github.workflow }} failed! Please check: ${{ env.WORKFLOW_URL }} (cc ${{ inputs.slack_mention_people }})",
+            "blocks": [
+              {
+                "type": "section",
+                "text": {
+                  "type": "mrkdwn",
+                  "text": ":automation-platform-failure: :mechanic: <${{ github.server_url }}/${{ github.repository }}|[${{ github.event.repository.name }}]> scheduled workflow: ${{ github.workflow }} failed! \n :link: Please check: ${{ env.WORKFLOW_URL }} \n (cc ${{ inputs.slack_mention_people }})"
+                }
+              }
+            ]
+          }
+      env:
+        SLACK_BOT_TOKEN: ${{ steps.secrets.outputs.SLACK_BOT_TOKEN }}
+        WORKFLOW_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"