Azure devops - server-side git hooks

Question

How can we implement server-side hooks, or any similar solution, to restrict git push into git server?

For example, we want to disable push of commits containing *.class

Answer 1

What I do is using build option together with policies in Azure DevOps. This is my azure-pipelines.yml file:

---
trigger:
  branches:
    exclude:
      - '*'

pool:
  vmImage: 'ubuntu-latest'

steps:
  - script: sudo apt-get install python3-pip
    displayName: 'Install Python PIP'

  - script: sudo apt-get install python3-setuptools
    condition: succeeded()
    displayName: Install Python SetupTools

  - script: sudo pip3 install -r requirements.txt
    condition: succeeded()
    displayName: Install Python PIP Packages

  - task: PythonScript@0
    inputs:
      scriptSource: filePath
      scriptPath: hooks/lint_checker.py
      pythonInterpreter: python3
    condition: succeeded()
    displayName: Lint Checker

Answer 2

Use branch policies and set merge only with PR, after that direct push to the branch will be disabled, you can skip these policies for certain users (build users or admins)

Answer 3

I don't think Azure DevOps uses hooks.

You can use Branch Policies to make use of an external validation service (as I understand it this uses web hooks).

Additional: the status of this User Voice request indicates the above is the official answer.

But maybe the simple case would be .gitignore and code reviews?