Enable Support for Custom secureSettings in elasticsearch-kibana Helm Package

Feature Request

Why

What is the use case for the feature you are requesting? What are you trying to solve?

Currently, the elasticsearch-kibana package in Big Bang has a hardcoded logic for secureSettings that only supports the sso-secret.

While this facilitates OIDC/SSO, it prevents the injection of additional sensitive credentials into the Elasticsearch Keystore—specifically those required for Snapshot Lifecycle Management (SLM) targeting cloud-native storage (e.g., S3, Azure, GCS). To enable S3 snapshots in a hardened environment, we need a way to inject s3.client.default.access_key and s3.client.default.secret_key without exposing them as plaintext in the values.yaml.

Proposed Solution

Update the elasticsearch.yaml Helm template to allow for a user-defined secret name via the values.yaml.

1. Template Change (templates/elasticsearch.yaml): Modify the top-level secureSettings block to allow for a dynamic secret:

2. Values Schema Change (values.yaml): Add a placeholder for the snapshot secret.