docs: rework API keys documentation

[JamesGuthrie]

Note: this is a somewhat opinionated refactoring of our API key documentation.

The main problem I'm trying to solve is the same repeated (but slightly different) instructions for every provider.

To this end, I extracted out the common bits, and left enough to get started in for each provider.

In extracting out the common bits, I have removed some of the instructions that we previously had. In particular I have cut out the "Handle API keys using pgai from python" section. The following paragraph is now completely removed:

### Handle API keys using pgai from python
1. In your Python environment, include the dotenv and postgres driver packages:
    ```bash
    pip install python-dotenv
    pip install psycopg2-binary
    ```
2. Set your Anthropic API key in a .env file or as an environment variable:
    ```bash
    ANTHROPIC_API_KEY="this-is-my-super-secret-api-key-dont-tell"
    DB_URL="your connection string"
    ```
3. Pass your API key as a parameter to your queries:
    ```python
    import os
    from dotenv import load_dotenv
        
    load_dotenv()
       
    ANTHROPIC_API_KEY = os.environ["ANTHROPIC_API_KEY"]
    DB_URL = os.environ["DB_URL"]
       
    import psycopg2
    from psycopg2.extras import Json
       
    messages = [{'role': 'user', 'content': 'Name five famous people from Birmingham, Alabama.'}]
       
    with psycopg2.connect(DB_URL) as conn:
        with conn.cursor() as cur:
            # pass the API key as a parameter to the query. don't use string manipulations
            cur.execute("""
                SELECT ai.anthropic_generate
                ( 'claude-3-5-sonnet-20240620'
                , %s
                , api_key=>%s
                )
            """, (Json(messages), ANTHROPIC_API_KEY))
            records = cur.fetchall()
    ```
   Do not use string manipulation to embed the key as a literal in the SQL query.

[cevian]

Love the direction of this change but want to change the wording a bit.

[cevian]

Suggested change

	All pgai functions that require an API key take two optional parameters:
	`api_key_name`, and `api_key`. If neither parameter is provided, the function
	will fall back to a default name and attempt to extract an API key with that
	name. TODO: is this clear?
	We suggest that you generally prefer using `api_key_name`, as it is harder to
	misuse.
	Since API keys are sensitive values, we provide several ways to specify them so they can be
	provided securely:
	**Recommended ways (most secure) **
	- If you are using Timescale Cloud, we recommend (setting the API key)[#TODO-link-section-below] through the console and then specify the env variable name via the `api_key_name` function parameters.
	- If you are self-hosting, you can (provide them as environmental variables to the database)[#TODO-link-section-below] and then specify the env variable name via the `api_key_name` function parameters.
	** Other ways **
	1. You can provide them as environmental variable to interactive psql session and then specify the env variable name via the `api_key_name` function parameters.
	1. You can provide the value directly via the `api_key` function parameters.
	By default, the system to extract an API key with the default `api_key_name`.

[jgpruitt]

** Other ways **
	1. You can provide them as environmental variable to interactive psql session and then specify the env variable name via the `api_key_name` function parameters.

I would say "You can provide them as a session-level GUC to interactive psql session..."

[jgpruitt]

b/c unless I'm mistaken, an environment variable on the psql client side won't work

[JamesGuthrie]

I've applied the suggestions that you proposed. PTAL.

[jgpruitt]

lgtm

[cevian]

Suggested change

	### Using the `api_key` parameter
	### Provide the API key value directly using the `api_key` parameter

[cevian]

I would break out the subsections here into their own sections and move the two recommended ones on top

[cevian]

not sure about this text since the session level parameter isn't the recommended method. Let's think.

[JamesGuthrie]

What do you propose?

[cevian]

Suggested change

	The simplest option for interactive use is to configure the API key as a
	In production, we suggest setting the API key using an environment variable. During testing and development, it may be easiest to pass the key value in directly using the `api_key` parameter. For more options and details, consult the
	[Handling API keys](./handling-api-keys.md) document.

[JamesGuthrie]

I'm not really happy with this suggestion. I agree with telling users to use an env var as first prio. I don't think that we should suggest passing the key value directly (instead of the session-level parameter). The main reason I don't like it is that it will definitely result in the secret being exposed in the logs.

[jgpruitt]

There are two flavors of interactive psql session:

1. session level guc
2. psql variable with \bind

[jgpruitt]

the session level guc option is probably "better" but I'd like to keep the instructions about using a psql variable too

[JamesGuthrie]

the session level guc option is probably "better" but I'd like to keep the instructions about using a psql variable too

Why?

[jgpruitt]

the session level guc option is probably "better" but I'd like to keep the instructions about using a psql variable too

Why?

Why not? It's a valid option that might appeal to some folks. Also, I'd personally like to have the instructions around. Also, it demonstrates an approach that is similar to how you might do it from a programming language (i.e. a parameterized query).

[cevian]

my suggestion for the entry text. Should be in multiple places

[cevian]

Suggested change

	The simplest option for interactive use is to configure the API key as a
	In production, we suggest setting the API key using an environment variable. During testing and development, it may be easiest to pass the key value in directly using the `api_key` parameter. For more options and details, consult the
	[Handling API keys](./handling-api-keys.md) document.

[cevian]

@JamesGuthrie @jgpruitt I'd like to reduce the number of options, but that can wait for another PR