encrypted data bag update

secret = Chef::EncryptedDataBagItem.load_secret("#{node['diw']['base']['secrets']}")

require 'net/ssh'

key = OpenSSL::PKey::RSA.new(4096)
private_key = key.to_pem
public_key  = "#{key.ssh_type} #{[key.to_blob].pack('m0')}"

jenkins_keys = {
    "id" => "#{node[:hostname]}",
    "private_key" => private_key,
    "public_key" => public_key
}

keys_bag = Chef::DataBag.new
keys_bag.name("#{node[:hostname]}")
keys_bag.create

databag_items = Chef::EncryptedDataBagItem.encrypt_data_bag_item(jenkins_keys, secret)

databag_item = Chef::DataBagItem.new
databag_item.data_bag("#{node[:hostname]}")
databag_item.raw_data = databag_items
databag_item.save

# Create the Jenkins user with the public key
jenkins_user 'jenkinschef' do
  public_keys [jenkins_keys['public_key']]
end

# Create the Jenkins user private credentials
jenkins_private_key_credentials 'jenkinschef' do
  private_key jenkins_keys['private_key']
end

# Set the public key on the Jenkins executor, the private key is stored on the Jenkins server as part of the crendentials
ruby_block 'set private key' do
  block { node.set['jenkins']['executor']['private_key'] = jenkins_keys['public_key'] }
end