Skip to content

oguzhan-yilmaz/argocd-backup-s3

BranchesTags

Repository files navigation

argocd-backup-s3

Artifact Hub Build and publish Docker image to ghcr.io Helm package and push to Github Pages

Backup your ArgoCD Instance β€” the easy way

  • πŸ”„ Automated backups using Kubernetes CronJob
  • πŸ“¦ Uses official argocd admin export command for reliable backups
  • πŸ—„οΈ Supports any S3-compatible storage (AWS S3, MinIO, etc.) and Azure Blob Storage
  • πŸ”’ Secure credential management through Kubernetes secrets
  • πŸš€ Easy deployment via Helm chart or ArgoCD application
  • ⏰ Configurable backup schedule and timezone

Installation

Install with Helm

  1. Add the Helm repository:
helm repo add argocd-backup-s3 https://oguzhan-yilmaz.github.io/argocd-backup-s3/
helm repo update argocd-backup-s3
  1. Get the default values file:
helm show values argocd-backup-s3/argocd-backup-s3 > my-argocd-backup-s3.values.yaml
  1. Configure the required values in my-argocd-backup-s3.values.yaml:
timeZone: 'Asia/Istanbul'  # optional -- https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
schedule: "00 20 * * *"    # https://crontab.guru/#00_20_*_*_*

secretEnvVars:
  AWS_ACCESS_KEY_ID: ""
  AWS_SECRET_ACCESS_KEY: ""
  AWS_DEFAULT_REGION: ""
  S3_UPLOAD_PREFIX: ""
  S3_BUCKET_NAME: ""
  ARGOCD_SERVER: ""
  ARGOCD_ADMIN_USERNAME: "admin"
  ARGOCD_ADMIN_PASSWORD: ""

  # If you want to use S3 compatible storage, you can use the following env var
  #  https://docs.aws.amazon.com/sdkref/latest/guide/feature-ss-endpoints.html
  # AWS_ENDPOINT_URL_S3: 'https://s3.amazonaws.com'
  1. Install the chart:
helm upgrade --install \
  -n argocd \
  -f my-argocd-backup-s3.values.yaml \
  argocd-backup-s3 argocd-backup-s3/argocd-backup-s3

Helm β€” Use Azure Blob Storage

curl -sL https://raw.githubusercontent.com/oguzhan-yilmaz/argocd-backup-s3/refs/heads/main/argocd-backup-s3/azure-blob.values.yaml -o azure-blob.values.yaml

# Configure the required values in `azure-blob.values.yaml`:

helm upgrade --install \
  -n argocd \
  -f azure-blob.values.yaml \
  argocd-backup-s3 argocd-backup-s3/argocd-backup-s3

Install with ArgoCD

  1. Download the ArgoCD application manifest:
curl -sL https://raw.githubusercontent.com/oguzhan-yilmaz/argocd-backup-s3/refs/heads/main/argocd-application.yaml -o argocd-backup-s3.argoapp.yaml

  1. Edit the .valuesObject section in the manifest with your configuration

  2. Apply the manifest:

kubectl apply -f argocd-backup-s3.argoapp.yaml

ArgoCD Application: Run Custom Entrypoint Script

# 1. Download the ArgoCD application manifest:
curl -sL https://raw.githubusercontent.com/oguzhan-yilmaz/argocd-backup-s3/refs/heads/main/custom-command.argocd-application.yaml -o custom-command.argocd-application.yaml

# 2. Edit the `.valuesObject` section in the manifest with your configuration

# 3. Apply the manifest:
kubectl apply -f custom-command.argocd-application.yaml

ArgoCD Application: Use Azure Blob Storage

# 1. Download the ArgoCD application manifest:
curl -sL https://raw.githubusercontent.com/oguzhan-yilmaz/argocd-backup-s3/refs/heads/main/azure-blob.argocd-application.yaml -o azure-blob.argocd-application.yaml

# 2. Edit the `.valuesObject` section in the manifest with your configuration

kubectl apply -f azure-blob.argocd-application.yaml

Configuration

Required Environment Variables for AWS

  • AWS_ACCESS_KEY_ID: AWS access key for S3 access
  • AWS_SECRET_ACCESS_KEY: AWS secret key for S3 access
  • AWS_DEFAULT_REGION: AWS region for S3 bucket
  • S3_BUCKET_NAME: Name of the S3 bucket
  • S3_UPLOAD_PREFIX: Prefix for uploaded backup files
  • ARGOCD_SERVER: ArgoCD server address
  • ARGOCD_ADMIN_PASSWORD: ArgoCD admin password

Required Environment Variables for AZURE Blob Storage

  • AZURE_STORAGE_ACCOUNT: Azure Storage Account for Blob Storage
  • AZURE_STORAGE_CONTAINER: Azure Container for Blob Storage
  • AZURE_STORAGE_SAS_TOKEN: Azure Access Token for Blob Storage
  • AZURE_UPLOAD_PREFIX: Prefix for uploaded backup files
  • ARGOCD_SERVER: ArgoCD server address
  • ARGOCD_ADMIN_PASSWORD: ArgoCD admin password

Optional Configuration

  • timeZone: Timezone for the CronJob (default: UTC) https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
  • schedule: Cron schedule for backups (default: "00 20 * * *")
  • AWS_ENDPOINT_URL_S3: (env var) Custom S3 endpoint for non-AWS S3 storage
  • ARGOCD_ADMIN_USERNAME: Custom ArgoCD Admin Username
  • serviceAccount.irsaEnabled: This value allows your pods to access AWS S3 API via IAM Role please check the details

Setup Helpers

  • AWS S3 Setup Script The following script helps you set up the required AWS resources (S3 bucket and IAM user) for the backup solution:

  • Azure Setup Script The following script helps you set up the required Azure resources (Resource Group, Storage Account, Container and SAS Token ) for the backup solution:

Quick Links

Credits

  • WoodProgrammer: added Service Account EKS IRSA support
  • lieblinger: added ca-certificates and fixed ARGOCD_EXTRA_ARGS in entrypoint script
  • ersinsari13: added Azure Blob Storage support

License

This project is licensed under the Apache License 2.0 - see the LICENSE file for details.

About

Kubernetes CronJob to backup ArgoCD with `argocd admin export` cmd and upload to S3 compatible storage

artifacthub.io/packages/helm/argocd-backup-s3/argocd-backup-s3

Topics

kubernetes github-pages aws backup aws-s3 helm s3 aws-cli backup-utility helm-chart argocd argocd-application artifacthub argocd-cli argocd-backup

Resources

Readme

License

Apache-2.0 license
Activity

Stars

15 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases 51

v0.9.5 Latest
Nov 24, 2025
+ 50 releases

Packages

 
 
 

Contributors 4

  •  
  •  
  •  
  •  

Languages