`vault kv get` redirected to file ignores `-field` flag

[coffeepac]

Describe the bug Attempting to redirect the output of vault kv get -field <key> to a file. This causes the entire key to be written to the file and not the sole field selected.

To Reproduce

1. store a key with multiple fields in vault, eg vault kv put /<some>/<key>/<path> fieldA=dataA fieldB=dataB
2. fetch only one field from that key and redirect to a file, eg vault kv get -field fieldA /<some>/<key>/<path> > my_file.file
3. examine contents of my_file.file, will include metadata for key and both fieldA/fieldB key and data

Expected behavior my_file.file should only contain dataA, just like it does when vault outputs to STDOUT

Environment:

• Vault Server Version (retrieve with vault status):

  Key                      Value
  ---                      -----
  Recovery Seal Type       shamir
  Initialized              true
  Sealed                   false
  Total Recovery Shares    1
  Threshold                1
  Version                  1.0.1
  Cluster Name             vault-cluster-85516bbc
  Cluster ID               37ba7c99-9958-afa4-f56f-b3cf4be579ef
  HA Enabled               true
  HA Cluster               <scrubbed>
  HA Mode                  standby
  Active Node Address      <scrubbed>

• Vault CLI Version (retrieve with vault version): Vault v1.0.1 ('c3ac83fe313bfa62e82802416582cab32778c4ee+CHANGES')
• Server Operating System/Architecture: CentOS 7

Vault server configuration file(s):

Additional context

[kalafut]

Does the non-redirected command return the expected value? I'm not able to reproduce this on 1.0.1 or 1.2.3:

$ vault kv get secret/a
====== Metadata ======
Key              Value
---              -----
created_time     2019-09-19T18:05:13.282718Z
deletion_time    n/a
destroyed        false
version          1

=== Data ===
Key    Value
---    -----
bar    95
foo    42

$ vault kv get -field foo secret/a
42

$ vault kv get -field foo secret/a > out.txt

$ cat out.txt
42%

[coffeepac]

apologies for the slow reply.

yes, when not redirected I receive the expected value.

[michelvocks]

Hi @coffeepac!

I'm also not able to reproduce this. I also tried it on CentOS 7 with no luck. Is there anything else you do / any other information you can provide to help us reproduce this issue?

Cheers, Michel

[coffeepac]

unfortunately, no. I've given up trying to use the -field flag and am just dumping the whole key in json and parsing locally with jq.

[jefferai]

Try a newer CLI version. Maybe it's been fixed, which is why nobody can repro.

[catsby]

Hello - I'm sorry we haven't been able to help you here. Unfortunately I too tried to reproduce this with vault v1.0.1 and can't reproduce the bug as described. I'm going to close this issue for now, but if you have more information please let us know.

Thanks!