From 0892f91bbc6f60b7db19805bf4a9596962a173e2 Mon Sep 17 00:00:00 2001
From: Christer <christer@serverpod.dev>
Date: Wed, 10 Jun 2026 09:43:35 +0200
Subject: [PATCH 1/2] docs(cloud): Guide for private git dependencies

---
 .../02-handling-private-dependencies.md       | 43 ++++++++++++++++++-
 1 file changed, 42 insertions(+), 1 deletion(-)

diff --git a/cloud_docs/reference/01-deployment/02-handling-private-dependencies.md b/cloud_docs/reference/01-deployment/02-handling-private-dependencies.md
index 98d028a6..aacec3af 100644
--- a/cloud_docs/reference/01-deployment/02-handling-private-dependencies.md
+++ b/cloud_docs/reference/01-deployment/02-handling-private-dependencies.md
@@ -37,11 +37,52 @@ dependencies:
 
 When you deploy your Serverpod application, the CLI automatically detects workspace structures and includes all necessary workspace packages in your deployment package.
 
+## Using private git dependencies
+
+If your server depends on Dart packages from a private git repository, the
+Serverpod Cloud build process needs to be given read access to it.
+
+Do this by setting a _build secret_ on the project.
+
+> Build secrets are kept separate from runtime secrets and will not be accessible
+anywhere outside the build pipeline. They are automatically encrypted in transit
+and at rest.
+
+Use the `scloud deployment build-secret` commands to manage your build secrets.
+
+#### List the current build secrets
+```sh
+$ scloud deployment build-secret list
+```
+
+#### Add or modify a build secret
+```sh
+$ scloud deployment build-secret set MY_SECRET_NAME "my-secret-value"
+```
+
+#### Add or modify a build secret with the value in a file
+```
+$ scloud deployment build-secret set MY_SECRET_NAME --from-file my_private_ssh_key_file
+```
+
+### SSH keys
+
+Currently SSH keys are supported, and you store the private SSH key in the build secret.
+
+### Accessing a private repository in GitHub
+
+If you are using GitHub, you can set up a _deploy key_ for this.
+It only needs read access.
+
+[Set up deploy keys in GitHub](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/managing-deploy-keys#set-up-deploy-keys)
+
+Then store the private SSH key as a build secret on your Severpod Cloud project,
+and redeploy.
+
 ## Current limitations
 
 Serverpod Cloud currently does not support:
 
-- **Private git references**: Dependencies pointing to private Git repositories using `git:` URLs are not supported during deployment.
 - **Private package managers**: Custom package registry configurations are not supported.
 
 If you need to include private code in your deployment, use Dart workspaces to manage these dependencies as local packages within your project structure.

From 414e12508838845dc19262a13954b73ceceeac5a Mon Sep 17 00:00:00 2001
From: Christer <christer@serverpod.dev>
Date: Wed, 10 Jun 2026 16:00:36 +0200
Subject: [PATCH 2/2] docs(cloud): Fixed review comments

---
 .../02-handling-private-dependencies.md          | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/cloud_docs/reference/01-deployment/02-handling-private-dependencies.md b/cloud_docs/reference/01-deployment/02-handling-private-dependencies.md
index aacec3af..a74c07e5 100644
--- a/cloud_docs/reference/01-deployment/02-handling-private-dependencies.md
+++ b/cloud_docs/reference/01-deployment/02-handling-private-dependencies.md
@@ -42,11 +42,15 @@ When you deploy your Serverpod application, the CLI automatically detects worksp
 If your server depends on Dart packages from a private git repository, the
 Serverpod Cloud build process needs to be given read access to it.
 
-Do this by setting a _build secret_ on the project.
+Do this by setting a _build secret_ on the project. SSH keys are supported, and you store the private SSH key in the build secret.
 
-> Build secrets are kept separate from runtime secrets and will not be accessible
+:::info
+Build secrets are kept separate from runtime secrets and will not be accessible
 anywhere outside the build pipeline. They are automatically encrypted in transit
 and at rest.
+:::
+
+### CLI commands for build secrets
 
 Use the `scloud deployment build-secret` commands to manage your build secrets.
 
@@ -57,7 +61,7 @@ $ scloud deployment build-secret list
 
 #### Add or modify a build secret
 ```sh
-$ scloud deployment build-secret set MY_SECRET_NAME "my-secret-value"
+$ scloud deployment build-secret set MY_SECRET_NAME "my-private-ssh-key"
 ```
 
 #### Add or modify a build secret with the value in a file
@@ -65,10 +69,6 @@ $ scloud deployment build-secret set MY_SECRET_NAME "my-secret-value"
 $ scloud deployment build-secret set MY_SECRET_NAME --from-file my_private_ssh_key_file
 ```
 
-### SSH keys
-
-Currently SSH keys are supported, and you store the private SSH key in the build secret.
-
 ### Accessing a private repository in GitHub
 
 If you are using GitHub, you can set up a _deploy key_ for this.
@@ -76,7 +76,7 @@ It only needs read access.
 
 [Set up deploy keys in GitHub](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/managing-deploy-keys#set-up-deploy-keys)
 
-Then store the private SSH key as a build secret on your Severpod Cloud project,
+Then store the private SSH key as a build secret on your Serverpod Cloud project,
 and redeploy.
 
 ## Current limitations