Comment 4 for bug 2058012

In summary, it appears that something around CommitHook ends up calling CreateSecret, which ends up doing a Mongo query, and Mongo is returning "Invalid Regex".
I haven't found a smoking gun there, but I do see that $regex is used extensively in 'state/secrets.go':
$ rg '\$regex'

state/secrets.go
622: bson.D{{"$regex", fmt.Sprintf("%s/.*", uri.ID)}}}}).Select(
650: "_id", bson.D{{"$regex", fmt.Sprintf("%s/%s", uri.ID, revisionRegexp)}},
723: bson.D{{"$regex", fmt.Sprintf("%s/.*", uri.ID)}}}}).Select(
738: "_id", bson.D{{"$regex", fmt.Sprintf("%s/.*", uri.ID)}},
747: "_id", bson.D{{"$regex", fmt.Sprintf("%s#.*", uri.ID)}},
904: "$regex": fmt.Sprintf("%s#.*", uri.ID),
1164: q = bson.D{{"_id", bson.D{{"$regex", uri.ID + "/.*"}}}}
1381: count, err := col.Find(bson.M{"_id": bson.M{"$regex": keyPattern}}).Count()
1392: Id: bson.M{"$regex": keyPattern},
1461: q := bson.D{{"_id", bson.D{{"$regex", id}}}}
1579: {{"_id", bson.D{{"$regex", fmt.Sprintf("%s#.*", uri.ID)}}}},
1602: "_id", bson.D{{"$regex", fmt.Sprintf("%s#.*", uri.ID)}},
1615: "_id", bson.D{{"$regex", fmt.Sprintf("%s#.*", uri.ID)}},
1662: q := bson.D{{"consumer-tag", bson.D{{"$regex", match}}}}
1856: q := bson.D{{"_id", bson.D{{"$regex", key}}}}
1884: err := secretConsumerCollection.Find(bson.D{{"_id", bson.D{{"$regex", idSnippet}}}}).All(&docs)
1899: err := secretConsumerCollection.Find(bson.D{{"_id", bson.D{{"$regex", q}}}}).All(&docs)
1958: w.matchQuery = bson.D{{"consumer-tag", bson.D{{"$regex", match}}}}
2376: "_id": bson.M{"$regex": st.docID(uri.ID + "#.*")},