The problem is that we install a new cluster every time for testing, which creates a new pem file to encrypt secrets and convert them to sealedSecrets which you are then supposed to apply to the cluster. Doing that in an automated, repeatable, and reliable way is going to take some work
As it stands right now, we have no good way to test the sealedSecrets.
There is an issue with what we're passing in, and what sealedSecrets expects as output. https://github.com/rstudio/helm/blob/50f2a96b501cec5dc3bbafa9c573b13f65b6db8d/charts/rstudio-workbench/templates/configmap-session.yaml#L22 uses https://github.com/rstudio/helm/blob/50f2a96b501cec5dc3bbafa9c573b13f65b6db8d/charts/rstudio-library/templates/_config.tpl#L46-L71 which outputs an object, but sealedSecrets expects an encrypted string.
The problem is that we install a new cluster every time for testing, which creates a new pem file to encrypt secrets and convert them to sealedSecrets which you are then supposed to apply to the cluster. Doing that in an automated, repeatable, and reliable way is going to take some work