From dd6dd4929e54ca14415516d2844a2ccf8a5fcf67 Mon Sep 17 00:00:00 2001
From: Mitchell Hashimoto <mitchell.hashimoto@gmail.com>
Date: Wed, 10 Jul 2013 20:26:53 -0700
Subject: [PATCH] Remove dna and data bag secret prior to upload in Chef
 [GH-1111]

---
 CHANGELOG.md                                       | 2 ++
 plugins/provisioners/chef/provisioner/base.rb      | 6 +++++-
 plugins/provisioners/chef/provisioner/chef_solo.rb | 7 +++++--
 3 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index aa98b7d21..868b1fa28 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -18,6 +18,8 @@ BUG FIXES:
   - Boxes downloaded as part of `vagrant up` are now done so _prior_ to
     config validation. This allows Vagrantfiles to references files that
     may be in the box itself. [GH-1061]
+  - Chef removes dna.json and encrypted data bag secret file prior to
+    uploading. [GH-1111]
   - NFS synced folders exporting sub-directories of other exported folders now
     works properly. [GH-785]
   - NFS shared folders properly dereference symlinks so that the real path
diff --git a/plugins/provisioners/chef/provisioner/base.rb b/plugins/provisioners/chef/provisioner/base.rb
index 180ce6e1b..5370ded4d 100644
--- a/plugins/provisioners/chef/provisioner/base.rb
+++ b/plugins/provisioners/chef/provisioner/base.rb
@@ -97,7 +97,11 @@ module VagrantPlugins
           temp.write(json)
           temp.close
 
-          @machine.communicate.upload(temp.path, File.join(@config.provisioning_path, "dna.json"))
+          remote_file = File.join(@config.provisioning_path, "dna.json")
+          @machine.communicate.tap do |comm|
+            comm.sudo("rm #{remote_file}", :error_check => false)
+            comm.upload(temp.path, remote_file)
+          end
         end
       end
     end
diff --git a/plugins/provisioners/chef/provisioner/chef_solo.rb b/plugins/provisioners/chef/provisioner/chef_solo.rb
index c0ce268a0..cc661a100 100644
--- a/plugins/provisioners/chef/provisioner/chef_solo.rb
+++ b/plugins/provisioners/chef/provisioner/chef_solo.rb
@@ -114,8 +114,11 @@ module VagrantPlugins
 
         def upload_encrypted_data_bag_secret
           @machine.env.ui.info I18n.t("vagrant.provisioners.chef.upload_encrypted_data_bag_secret_key")
-          @machine.communicate.upload(encrypted_data_bag_secret_key_path,
-                                           @config.encrypted_data_bag_secret)
+          @machine.communicate.tap do |comm|
+            comm.sudo("rm #{@config.encrypted_data_bag_secret}", :error_check => false)
+            comm.upload(encrypted_data_bag_secret_key_path,
+                        @config.encrypted_data_bag_secret)
+          end
         end
 
         def setup_solo_config