Only return sanitized errors for Custom Hooks (!1101) · Merge requests · GitLab.org / gitaly

This MR will allow us to re-enable the feature in GitLab Rails of custom error messages being displayed in the UI when custom hooks fail (see https://gitlab.com/gitlab-org/gitlab-ce/issues/48132). The feature was disabled in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18646 due to security concerns that information which was not intended to be public (like stack traces) would leak into public view.

This MR will change pre-receive, post-receive and update custom hooks to return only messages from the scripts they execute that have been prefixed in a particular way ("GitLab:")

Additionally, all messages sent to stderr during the script execution are now logged, so sysadmins can see the full picture of any errors.

Edited Mar 06, 2019 by Luke Duncalfe

Only return sanitized errors for Custom Hooks