Output full secret path in certain kv commands

[digivava]

This PR is meant to mitigate some of the confusion for new Vault users, who often struggle with the discrepancy between the shortened path used by the CLI (secret/foo) and the real secret path (secret/data/foo). This bites people when they've only worked with the CLI but then need to write a policy or make a logical call with our Go and Ruby client libraries.

With this change, vault kv get, vault kv put, vault kv patch, and vault kv metadata get will all output another top-level section when run in table output mode. I did not add this to the kv commands that produce just a simple success message, and I did not add it to kv rollback as it seemed irrelevant given the use case.

Examples:

Creating a new secret:

$ vault kv put secret/my-secret foo=bar
==== Secret Path ====
secret/data/my-secret

======= Metadata =======
Key                Value
---                -----
created_time       2022-02-28T17:29:34.110676Z
custom_metadata    <nil>
deletion_time      n/a
destroyed          false
version            1

Reading a secret:

$ vault kv get secret/my-secret
==== Secret Path ====
secret/data/my-secret

======= Metadata =======
Key                Value
---                -----
created_time       2022-02-28T17:29:34.110676Z
custom_metadata    <nil>
deletion_time      n/a
destroyed          false
version            1

=== Data ===
Key    Value
---    -----
foo    bar

For kv metadata get, the same logic is used, but the header is slightly different:

$ vault kv metadata get secret/my-secret
===== Metadata Path =====
secret/metadata/my-secret

========== Metadata ==========
Key                     Value
---                     -----
cas_required            false
created_time            2022-02-28T17:29:34.110676Z
current_version         1
custom_metadata         <nil>
delete_version_after    0s
max_versions            0
oldest_version          0
updated_time            2022-02-28T17:29:34.110676Z

====== Version 1 ======
Key              Value
---              -----
created_time     2022-02-28T17:29:34.110676Z
deletion_time    n/a
destroyed        false

While "Data Path" may seem more internally accurate and matching with "Metadata Path", I chose to go with "Secret Path" for the main use case (regular kv commands) because I want totally new users who are not familiar with the /data /metadata subcategories to immediately intuit that this is the "real path" to their secret.

[averche]

Small nit comments, otherwise LGTM 👍

[VinnyHC]

This is a great addition that doesn't seem to muddy things up too much! Do you think there's an easy way to add some tests?

[AnPucel]

This is great! So, we decided against adding the Metadata path when returning the secret path due to difficulty?

[digivava]

This is great! So, we decided against adding the Metadata path when returning the secret path due to difficulty?

Yeah, I wasn't able to think of a way to get the metadata path at this point in the code, without breaking for paths that have words like "data" in the actual secret name or mount name.