Knife vault issues with 'solo' vaults

In chefdk v0.14.25 and previous I can create a vault locally via:

knife vault create test_chef_secret test_secret

This creates the directory:


And the files:


I can then knife show and knife edit that vault as needed.
This no longer works in any chefdk version past v0.14.25.
I can create the vault, but any other commands complain:

ERROR: ChefVault::Exceptions::KeysNotFound: test_chef_secrets/test_secret_keys could not be found

Is this functionality no longer supported?

Replying to my own message:

Is ‘knife vault’ supposed to actually work in ‘solo’ mode or not? It certainly has worked before, but it does not work correctly now. Am I using ‘knife vault’ in an unexpected or improper manner? I’m really looking for some guidance here and would appreciate a reply.


It should work, yes. Can you show the exact commands that you’re running that fail?

If I create a ‘solo’ vault as detailed in my original message, the only command that works is the initial create. The vault files do get created. If I then try to run ‘knife vault show’ or ‘knife vault edit’ I receive the ‘KeysNotFound’ exception listed in my original message. These commands work as expected in chefdk version 0.14.25, but they don’t work in any version after that. I have tested on MacOS and Windows 10, and I experience the same error in both environments.

My knife.rb looks like this: (with specific information replaced with generic info)

current_dir = File.dirname(FILE)
log_level :info
log_location STDOUT
node_name 'mynodename’
client_key "#{current_dir}/myuser.pem"
validation_client_name 'myorg-validator’
validation_key "#{current_dir}/myorg-validator.pem"
chef_server_url '
cache_type 'BasicFile’
cache_options( :path => “#{ENV[‘HOME’]}/.chef/checksums” )
data_bag_path [“data_bags”]

if you do knife vault show -M solo test_chef_secret test_secret does it work? (Or add vault_mode :solo to your knife.rb)?

Either option results in a:

ERROR: ChefVault::Exceptions::KeysNotFound: test_chef_secrets/test_secret_keys could not be found

I have additional behavior to report that is very confusing.

I have found that I can ‘knife vault show’ and ‘knife vault edit’ a solo vault that was created with an older version of the chefdk (v0.14.25). However, making an edit and then running ‘knife vault show’ again doesn’t contain the change in the output. To further confuse me, looking at the local vault json files shows that the change is actually present in the .json file. The data is encrypted, but I can see the key name of the vault item right there in the file. If I ‘knife vault edit’ the same vault again, I don’t see my change in my editor, and if I save the vault the change is then removed from the local vault .json file. I explicitly used -M solo in all of these operations.

Is there any other information I can provide that would help resolve this issue?