Reputation: 4755
Can I block a specific git tag from being pushed to remote in Azure Repos Git?
My team is using Azure DevOps as our Git server, and is having an issue where a specific unwanted tag keeps being pushed to the remote. We've set up client-side git hooks, and asked everyone on the team to opt in, but it's a large team and seemingly not everyone has done so, because the tag keeps periodically reappearing on the remote. Is there any way the server can be set up to block pushes which would create a specific unwanted tag?
Upvotes: 3
Views: 549
Answers (2)
Reputation: 6475
Well, for those, who still looking for the solution today (2024), here is update (Mar 30, 2023) from Microsoft about the Add Git pre-receive hooks feature request mentioned by Leo Liu:
There were at least two repository level policies delivered. These are to block pushes where:
- Commit author e-mail does not match specified patterns
- File path does match specified patterns
In general, the pre-receive hooks are a common feature in self-hosted DevOps tools (including GitHub Enterprise Server as well) but not typically supported in SaaS offerings (which Azure DevOps Service is), where running arbitrary customer code on the SaaS’s servers is problematic and raises security concerns.
For credential scanning, GitHub Advanced Security for Azure DevOps will offer push protections to prevent secrets from being uploaded into repositories. This feature is in private preview now and will be progressing through public preview and general availability in the coming months.
So, this ticket will be closed soon as we do have no plans to allow customers running their own code on the Azure DevOps Service.
It is suggested to raise new ask for any specific check that you may find missing.
So, it looks like there is still no way to achieve this and, more over, it is not on the roadmap anymore, unfortunately. 🤷♂️
Upvotes: 0
Reputation: 76880
Is there any way the server can be set up to block pushes which would create a specific unwanted tag?
I am afraid there is no such way to achieve this at this moment.
The Azure devops Git repos currently do not support Git hooks, there is a much-requested user voice about it:
And this request is already on the roadmap, I believe that I will meet with us in the near future, You can follow this thread for the latest information:
On Roadmap means that your feature suggestion has a broad community impact and will help improve the product experience. We've allocated time for it on our roadmap. We'll update you on the progress.
Upvotes: 2
Related Questions
- Git / Azure Repos - is it possible to block commits on master if a certain branch exist?
- Blocking commits to branches with no-direct-commit policies
- How to allow tags in Azure DevOps environment branch control
- Azure DevOps - deny access to repo
- How completely protect/block branch in Azure Devops from Pull requests
- How do I stop users from pushing all tags (git push --tags)?
- Git : How to restrict tag push
- Stop getting Git tags from specific remote repo
- Is there a way to lock a GIT tag?
- Preventing pushes from a branch to a specific remote