chore: Add gitignore for secrets/clients to prevent plaintext files

- Only allow .sops.yaml encrypted files
- Block all plaintext, temp, and backup files
- Prevents accidental commits of unencrypted secrets

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

secrets/clients/.gitignore

@@ -0,0 +1,13 @@
+# Only allow SOPS-encrypted files in version control
+# Block all plaintext/temp secret files
+
+# Allow only .sops.yaml files
+*.yaml
+!*.sops.yaml
+
+# Block temporary files
+*_temp.yaml
+*_plaintext.yaml
+*-temp.yaml
+*.tmp
+*.backup