General MR

Summary

This Merge Request adds native support for injecting snapshot credentials and DRYs up the Elasticsearch Helm chart by introducing common configuration blocks:

Added elasticsearch.secureSettings values block (secretName: example-secret) to support injecting custom Kubernetes secrets into Elasticsearch secureSettings for example Snapshot Lifecycle Management (SLM) repository credentials (S3, Azure, GCS)
Added elasticsearch.common.initContainers to prepend shared init containers to every Elasticsearch nodeSet (master, data, ingest, ml, coord), eliminating per-node duplication
Added elasticsearch.common.config to provide a baseline Elasticsearch config merged into every nodeSet, with per-nodeSet config taking precedence
Removed upgrade job that handled previous breaking change upgrade 1.20.0-bb.0, released with Big Bang 2.40.0

Relevant logs/screenshots

# Source: elasticsearch-kibana/templates/elasticsearch.yaml
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
  name: elasticsearch
  namespace: default
  labels:
    helm.sh/chart: elasticsearch-kibana-1.35.0-bb.2
    app.kubernetes.io/name: elasticsearch-kibana
    app.kubernetes.io/instance: elasticsearch
    app.kubernetes.io/version: "9.2.4"
    app.kubernetes.io/managed-by: Helm
spec:
  version: 9.2.4
  image: registry1.dso.mil/ironbank/elastic/elasticsearch/elasticsearch:9.2.4
  secureSettings:
    - secretName: snapshot-bigbang-test

Umbrella Branch

feature/issue-297-improvement

Linked Issue

Links to #288 (closed), #297 (closed), #283 (closed), and #299 (closed)

Upgrade Notices

N/A

Edited Mar 12, 2026 by Kirby Liu

Update the secureSettings to include injecting multiple secrets