cli: Improve error handling for plugin commands

[tomhjp]

vault plugin info and vault plugin deregister have accepted either 1 or 2 positional args since we introduced types for plugins way back in v1.0.0 (#5536). This PR drops CLI support for type-less plugins on those commands, but the API can still be used to query any extremely old legacy plugins (although based on the plugin catalog's UpgradePlugins function, run during unseal, I don't think it should be possible for v1.0.0+ versions of Vault to have functioning type-less plugins). In return, we can get a much nicer UX on the CLI. It also improves the error reporting for vault plugin reload, which was simply buggy.

Examples of previous bad behaviour:

# The type is missing, but it's hard to give a good error message when it's valid to not include it.
$ vault plugin info github
No value found for plugin "github"

# Plugin not actually deleted because a type-less artifactory plugin does not exist
$ vault plugin deregister artifactory
Success! Deregistered plugin (if it was registered): artifactory
$ vault plugin list | grep artifactory
artifactory

# reload takes flags instead of positional arguments
$ vault plugin reload artifactory
Not enough arguments (expected 1, got 1)

To exercise all the possible vault plugin deregister outcomes and get a feel for the UX:

# Setup Vault dev server with plugin_directory config
tee local/config.hcl <<EOF
plugin_directory = "$(pwd)/local/config.hcl
EOF
VAULT_DEV_ROOT_TOKEN_ID=root vault server -dev -config=local/config.hcl
export VAULT_ADDR=http://127.0.0.1:8200
export VAULT_TOKEN=root
vault policy write deregister-only -<<EOF
$(vault plugin deregister -output-policy auth github)
EOF

# Build a plugin
go build -o local/plugins/github builtin/credential/github/cmd/github/main.go
SHA256="(shasum -a 256 local/plugins/github | cut -f1 -d' ')"
vault plugin register -sha256=$SHA256 auth github

$ vault plugin deregister auth github
Success! Deregistered auth plugin: github

$ vault plugin deregister auth github
Plugin "github" (type: "auth") is a builtin plugin
# Exit code 2

$ vault plugin deregister auth github2
Plugin "github2" (type: "auth", version "") does not exist in the catalog
# Exit code 0

$ VAULT_TOKEN="$(vault token create -policy=deregister-only -field=token)" vault plugin deregister auth github
Success! Deregistered auth plugin (if it was registered): github

[github-actions]

Build Results:
All builds succeeded! ✅

[github-actions]

CI Results:
All Go tests succeeded! ✅

[benashz]

Aside from some minor nits, it seems good to me. I guess its better to get this breaking change out sooner rather than later, and it is definitely a good step forward.

[benashz]

nit: I wonder if we should change the test below to be a bit more specific by using strings.HasSuffix rather than strings.Contains.

[tomhjp]

I'm already pretty uncomfortable with how brittle these tests are tbh (string-matching on error messages that can be arbitrarily updated), and it doesn't feel like that meaningfully improves the intent of the test, but it does make it more brittle. Unless you disagree strongly, I'd prefer to leave it as-is.

[tomhjp]

Thanks!