Do not disclose hidden deployment commits
Instead of displaying the exact sha1 of deployment, use the last common ancestor with the remote we're tracking. This is what we do in git.info() for MediaWiki already so reuse that data in scap3.
While we're here, clean up the logic for the failure case when we're not tracking an upstream. This has never worked, as "origin" is not a valid reference to anything, it's just a remote. For get_disclosable_head() to have any chance at finding an ancestor, we need an upstream branch or tag so accept one now.
git.info() is generally more robust to failure now.
Test Plan: Ran this with scap deploy a bunch of times with all kinds of bogus output. The default case should be mostly unchanged for MW, only more robust if we break things.
Reviewers: thcipriani, Release-Engineering-Team, mmodell
Reviewed By: thcipriani, Release-Engineering-Team
Differential Revision: https://phabricator.wikimedia.org/D486