Bitbucket tag push and delete is interpreted as a branch push and delete

[seanhamlin]

Describe the bug

It was discovered that if you push a tag into your Bitbucket repo, Lagoon appears to interpret the resulting webhook payload this as a branch, and deploys it. The same with tag deletion, Lagoon will delete any non-production environment with that tag name.

To Reproduce

Steps to reproduce the behavior:

1. Create a new dev environment called develop, and push this branch
2. Wait for environment to be created
3. Push a new tag called develop attached to any other SHA
4. Wait for environment to be deployed
5. Notice that you deployed a tag, when this is not supported in Lagoon
6. Delete the tag develop
7. Notice how the environment is deleted, but the branch was not deleted

N.B. You cannot delete production environments through this method, as they have an added layer of protection.

Expected behavior

Tag pushes and deletions are ignored

Documentation

The payloads can be found at https://support.atlassian.com/bitbucket-cloud/docs/event-payloads/

Lagoon code in question

https://github.com/amazeeio/lagoon/blob/master/services/webhooks2tasks/src/webhooks/projects.ts#L197-L214