Files that are encrypted and were read by the binary store should not use encryption configuration settings

[felixfontein]

If settings like encrypted_regex, unencrypted_regex, encrypted_suffix, unencrypted_suffix, encrypted_comment_regex, unencrypted_comment_regex are used, files read with the binary store often end up unencrypted. This is likely the cause for the observations in #1818 and #1805.

I think we should either:

• simply ignore these settings when encrypting a file that was read with the binary store;
• or maybe warn in that case, with either encrypting with or without these settings;
• or fail encryption if these settings prevent encryption of the data key.

What do you think @getsops/maintainers? Simply acting as now and not encrypting the data key (and thus not encrypting anything!) is surely a bad idea.

This could also be generalized to encryption in general: if you try to encrypt a file and nothing is actually encrypted, print a warning. This might be intentional in some special cases, but more often is likely a mistake. Maybe allow to disable the warning via a command line option for the cases where it is intentional and a warning is not wanted by the user.