It should be possible by encrypting the files: https://git-secret.io/
Why does encrypting files help:
How does git-secret solve these problems? git-secret encrypts files
and stores them inside the git repository, so you will have all the
changes for every commit.
Files which are encrypted with public keys cannot be read by other parties which do not have access to the private keys, so they can be safely uploaded to a public repository.*
git-secret is a bash tool to store your private data inside a git
repo. How’s that? Basically, it just encrypts, using gpg, the tracked
files with the public keys of all the users that you trust.
The tool provides a way to encrypt/decrypt files with multiple public keys (from diff. people).
usage instruction from the git-secret page:
Usage: Setting up git-secret in a repository These steps cover the
basic process of using git-secret:
Before starting, make sure you have created gpg RSA key-pair: public
and secret key identified by your email address.
Begin with an existing or new git repository. You’ll use the ‘git
secret’ commands to add the keyrings and information to make the
git-secret hide and reveal files in this repository.
Initialize the git-secret repository by running git secret init
command. the .gitsecret/ folder will be created, Note all the contents
of the .gitsecret/ folder should be checked in, /except/ the
random_seed file. In other words, of the files in .gitsecret, only the
random_seed file should be mentioned in your .gitignore file.
Add the first user to the git-secret repo keyring by running git
secret tell [email protected].
Now it’s time to add files you wish to encrypt inside the git-secret
repository. It can be done by running git secret add
command. Make sure these files are ignored by mentions in .gitignore,
otherwise git-secret won’t allow you to add them, as these files could
be stored unencrypted.
When done, run git secret hide to encrypt all files which you have
added by the git secret add command. The data will be encrypted with
the public-keys described by the git secret tell command. After using
git secret hide to encrypt your data, it is safe to commit your
changes. NOTE:. It’s recommended to add git secret hide command to
your pre-commit hook, so you won’t miss any changes.
Later you can decrypt files with the git secret reveal command, or
just show their contents to stdout with the git secret cat command. If
you used a password on your GPG key (always recommended), it will ask
you for your password. And you’re done!
* Quantum computing may change this in the future.