#!/bin/sh

# Check if there are files under secrets/ directory that don't end with .gpg that are staged
if git diff --cached --name-only | grep -q 'secrets/'; then
  if git diff --cached --name-only | grep -v '\.gpg$' | grep -q 'secrets/'; then
    echo "ERROR: You have unencrypted files under secrets/ directory. Please encrypt them before committing."
    exit 1
  fi
fi