how to encrypt a file using private key in gpg
What you mean is not called "encryption" but "signing" in gpg lingo.
Signing is basically encrypting with your private key and decrypting with the public key.
Use
gpg --sign myfile.extOr use your email-client's signing capabilities.
Signing will obviously allow anybody who has access to your "public" key to read the contents of your file (and since a "public" key is usually, well..., public, this will allow everybody to decypher the content).
If you are looking for a method, where only the recipient can decode the content, then you need to encrypt the data in a way where only the recipient has access to the decrypting token. obviously the recipient need to have such a token (that is: you encode with their public key, so they can decode with their private key)
UPDATE
To make it simple: if you want to guarantee integrity (that is: the recipient knows for sure, that the data comes from you and nobody else), you need to sign the data.If you want to guarantee confidentiality (that is: only your recipient can read the data), you need to encrypt the data.
Both signing and encryption are really the same thing.The only difference is, who has access to the keys.
With signing, you use your private key to encrypt the data, and it can be decrypted with your public key (and since everybody has access to the public key, everybody can decrypt it, and thus everybody can validate that the data has been signed by you)
With encrypting, you use your recipients public key to encrypt the data, and they use their private key to decrypt it (so only they can read it; but everybody can send them an encrypted datum, they have no guarantee that it really comes from the sender, but it is guaranteed that only they can read it).
If you need both confidentiality and integrity, you need to do both signing and encryption, and for this to work, both you and your recipients need to have a (different) public/private key pair.
CONCLUSION
Since both signing and encrypting are the same thing, you can use both to guarantee validity and integrity of your data, as long as you have full control over the availability of the keys involved.
It is not true that GnuPG requires you to publish your private key in order to encrypt a document. You should never publish your private key to anyone.
GnuPG supports two different encryption methods, asymmetric and symmetric encryption.
Asymmetric encryption requires to to know the public key of your recipient. This is usually not a problem because as the name already suggests these keys are not a secret but known to everyone. For decrypting it again only the private key can be used which is known only to your recipient. Asymmetric encryption using GnuPG is done with the --encrypt option.
If you don't know the public key of your recipient then you can use symmetric encryption where both parties share the same key. This requires a secure channel for transmitting the shared secret, of course. For symmetric encryption, use the --symmetric option. Neither a public nor a private key is required here but the secure exchange of the shared key makes symmetric encryption prone to attacks.
If you just need integrity and accountability (the document can't be modified without detecting it and you are able to verify who created/signed it) then you can use the --sign option to create a signature using your private key. Everybody having access to your public key can check this signature to verify both integrity and accountability. But note that everybody can read your original message content because this signature is no encryption. The resulting .gpg-file looks like binary data but only contains compressed but not encrypted text. You can also disable compression by specifying --compress-level 0 and you will see that the output file contains your original message in plaintext. So don't use this option if you want confidentiality.
I am working on a similar problem: distribute software updates from a central source to be applied to many end-users in the field. End users need to validate that the update came from the official source (signed with private key), but I also want the update to travel confidentially (encrypted).
In the cryptography course I had at University ~30 years ago now, they taught that encrypting with one's private key was the same thing as signing a message - when the recipient decrypts using the public key, the fact that they do not get gibberish confirms use of the private key to encrypt. This also provides a measure of confidentiality if the public key is kept "close to the vest," which would be my preferred implementation.
As mentioned by others, I have confirmed that the gpg --sign operation does not encrypt the message, the message is visible in plaintext in the signed file. To use gpg to accomplish both certain authenticity with a signature from the private key, and a reasonable measure of confidentiality, I have settled on the solution of giving the field based receivers their own key pair, in addition to the public key of the update distributor. This isn't a terribly secure solution, anyone can reverse engineer a device in the field and get ahold of the "secret" key that it will hold, with that they can decrypt the signed update message and see its cleartext contents. What they cannot do is create a file with the distributor's secret key signature on it, and so they cannot make an update of their own that will be accepted by the devices in the field which are looking for both encryption with their public key, and a signature from the update distributor's privately held key.
It's a matter of degrees of exposure. The updates in transit are secure from anyone who does not have access to an endpoint device to reverse engineer. With physical access to an endpoint (something we cannot prevent), they will eventually be able to reverse engineer the installed software, and even the updates themselves, but they will never be able to sign their own update and push it to un-compromised machines. At least as long as RSA is secure.