chore: bump github.com/nhatthm/otelsql from 0.3.0 to 0.3.3 (#2415)

Bumps [github.com/nhatthm/otelsql](https://github.com/nhatthm/otelsql) from 0.3.0 to 0.3.3. - [Release notes](https://github.com/nhatthm/otelsql/releases) - [Commits](nhatthm/otelsql@v0.3.0...v0.3.3) --- updated-dependencies: - dependency-name: github.com/nhatthm/otelsql dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
coder · ammario · Jun 16, 2022 · Jun 16, 2022 · Jun 16, 2022 · Jun 16, 2022
commit ea545e0aa2e1f823d27e5e5b69b4ec95f9cbbbd4
diff --git a/docs/quickstart.md b/docs/quickstart.md
@@ -1,7 +1,5 @@
 # Quickstart
 
-This guide will walk you through creating your first template and workspace.
-
 ## Prerequisites
 
 Please [install Coder](./install.md) before proceeding with the steps outlined in this article.

diff --git a/docs/templates.md b/docs/templates.md
@@ -25,12 +25,11 @@ coder templates <create/update> <template-name>
 
 ## Parameters
 
-Templates often contain *parameters*. In Coder, there are two types of parameters:
+Templates often contain _parameters_. In Coder, there are two types of parameters:
 
 - **Admin parameters** are set when a template is created/updated. These values
   are often cloud secrets, such as a `ServiceAccount` token, and are annotated
-  with `sensitive =  true` in the template code.
-
+  with `sensitive = true` in the template code.
 - **User parameters** are set when a user creates a workspace. They are unique
   to each workspace, often personalization settings such as "preferred region"
   or "workspace image".
@@ -41,14 +40,20 @@ Templates often contain *parameters*. In Coder, there are two types of parameter
 
 We recommend source controlling your templates.
 
-### Authenticating with Cloud Providers
+### Authentication & Secrets
+
+<blockquote class="danger">
+  <p>
+  Do not store secrets in templates. Assume every user has cleartext access
+  to every template.
+  </p>
+</blockquote>
 
 Coder's provisioner process needs to authenticate with cloud provider APIs to provision
-workspaces. We strongly advise against including credentials directly in your templates. You
-can either pass credentials to the provisioner as parameters, or execute Coder
+workspaces. You can either pass credentials to the provisioner as parameters or execute Coder
 in an environment that is authenticated with the cloud provider.
 
-We encourage the latter where supported.  This approach simplifies the template, keeps cloud
+We encourage the latter where supported. This approach simplifies the template, keeps cloud
 provider credentials out of Coder's database (making it a less valuable target for attackers),
 and is compatible with agent-based authentication schemes (that handle credential rotation
 and/or ensure the credentials are not written to disk).
@@ -66,7 +71,7 @@ details.
 
 The way these generally work is via the credentials being available to Coder either in some
 well-known location on disk (e.g. `~/.aws/credentials` for AWS on posix systems), or via
-environment variables.  It is usually sufficient to authenticate using the CLI or SDK for the
+environment variables. It is usually sufficient to authenticate using the CLI or SDK for the
 cloud provider before running Coder for this to work, but check the Terraform provider
 documentation for details.