I got a pipeline in Azure Devops which has a task that pushes a Docker image to an Azure Container Registry. I want to know if there's a way to prevent this task to overwrite any existing Docker tags/images.

Per the documentation

By default, a tagged image in Azure Container Registry is mutable, so with appropriate permissions you can repeatedly update and push an image with the same tag to a registry. Container images can also be deleted as needed. This behavior is useful when you develop images and need to maintain a size for your registry.

However, when you deploy a container image to production, you might need an immutable container image. An immutable image is one that you can't accidentally delete or overwrite.

Using the Azure CLI, to lock a single image by tag:

az acr repository update \
--name myregistry --image myrepo/myimage:tag \
--write-enabled false

You can also lock the entire repository:

az acr repository update \
--name myregistry --repository myrepo/myimage \
--write-enabled false

There's also a --delete-enabled argument to prevent images or repos from being deleted (though they can still be overwritten.)

If you want it on yml you can refere to this. I implemented for github actions.

- name: Check if image exists
    id: check_image
    run: |
      set -e
      if docker pull "${{ env.DOCKER_IMAGE }}"; then
        echo "::set-output name=image_exists::true"
      else
        echo "::set-output name=image_exists::false"
      fi

  - name: Build the Docker image
    if: steps.check_image.outputs.image_exists != 'true'
    run: docker build --tag "${{ env.DOCKER_IMAGE }}" --file ./docker/Dockerfile ./src 

  - name: Push the Docker image
    if: steps.check_image.outputs.image_exists != 'true'
    run: docker push "${{ env.DOCKER_IMAGE }}"