File encryption in Git Repository

Question

Is there any way (in built or add-on) to encrypt individual files in a repository, accessible by limited people. Files when checked in by those folks will auto encrypt and decry

Answer 1

I know my answer is late but there is plenty of alternatives for storing secrets in git repos:

1. Git-crypt
2. BlackBox
3. SOPS
4. Transcrypt

Most of them use GNU Privacy Guard (GPG), symmetric key encryption, and/or cloud key services (SOPS). If you just want a simple encryption mechanism with password you can also take a look at ansible vault, which doesn't require generating keys for each account.

Answer 2

Maybe Blackbox helps?

From their website (https://github.com/StackExchange/blackbox):

Safely store secrets in a VCS repo (i.e. Git, Mercurial, Subversion or Perforce). These commands make it easy for you to Gnu Privacy Guard (GPG) encrypt specific files in a repo so they are "encrypted at rest" in your repository. However, the scripts make it easy to decrypt them when you need to view or edit them, and decrypt them for use in production. Originally written for Puppet, BlackBox now works with any Git or Mercurial repository.

...

Rather than one GPG passphrase for all the files, each person with access has their own GPG keys in the system. Any file can be decrypted by anyone with their GPG key. This way, if one person leaves the company, you don't have to communicate a new password to everyone with access. Simply disable the one key that should no longer have access. The process for doing this is as easy as running 2 commands (1 to disable their key, 1 to re-encrypt all files.)