How to encrypt a files in Jenkins
Use an external tool such as 7zip to create a strongly encrypted zip file.
Install it by using this command sudo apt-get install p7zip-full -y
Encrypt your Jenkins's secretes directory by using the following command;
7z a -mhe=on -t7z -mx=9 -pyour_custom_password output_encryped_backup_archive.7z secretes
You can read more about the above options at https://linux.die.net/man/1/7z
You can automate this script by using crontab.
Option 1. Jenkins credentials plugin
Store all credentials/secrets in one place.
https://www.jenkins.io/doc/pipeline/steps/credentials-binding/
example
node { ws { withCredentials([file(credentialsId: 'secret', variable: 'FILE')]) { sh 'use $FILE' } }}
Options 2. git-crypt
Just store as is into git with module git-crypt. In Jenkins credentials you have store the key
https://github.com/AGWA/git-crypt
to get data just checkout git with additional encryption key
Option 3. Store encrypted archive in acrtifactory/S3 and password in Jenkins credentials
e.g. from https://www.jenkins.io/doc/pipeline/steps/credentials-binding/
node { withCredentials([usernameColonPassword(credentialsId: 'mylogin', variable: 'USERPASS')]) { sh ''' set +x curl -u "$USERPASS" https://private.server/ > output ''' }}