Improve knife commands and order

[gmanfunky]

If you run knife -h you can see that knife commands are usually in the form of knife NOUN VERB, such as knife environment list and knife data bag show.

The current chef-vault commands are a bit disjointed with most being under knife encrypt VAULTNAME ITEM. One is under knife decrypt VAULTNAME ITEM VALUE and then there is knife rotate keys which may not be valid at the moment.

I suggest we standardize all chef-vault commands as knife vault OPERATION VAULTNAME ...

e.g.:
knife vault encrypt vault1 item --json item.json --admin gmanfunky --mode client
knife vault decrypt vault1 id,foo,bar --mode client
knife vault rotate vault1 --mode client

Or consider revamping knife use-cases more thoroughly to continue the analogy of a data bag command overlay. We can get rid of encrypt+decrypt sub-commands and try to match the existing knife data bag create,delete,edit,from file, show. Note that chef-vault's knife plugins go beyond knife data bag parity to enable individual value modification.

[trinitronx]

👍 +1

[trinitronx]

Also particularly useful:

1. An analogue to knife data bag show bag_name to show all _VALUE_s within a Chef Vault "ITEM" (also to show all _ITEM_s within a VAULT
2. A way to decrypt the entire Chef Vault "ITEM" (all values) like knife data bag show BAG ITEM --secret-file ~/.chef/encrypted_data_bag_secret in Chef)
3. json output format with -F j (also for extra credit: text, yaml, and pp like knife data bag has )

[trinitronx]

Looks like #50 is related to (3) ⏫

[ghost]

👍

It would be great if I could set the default mode in my knife.rb so I don't have to pass --mode client every run.

[jgeiger]

Some of these have been fixed in
#68
#69
#71

I just realized I referenced the wrong issue in my first pull request...