Securing API_KEY in REST Apis?

I have an application on appgyver, which utilizes REST Api calls to Firebase Auth and also Firestore.
Recently uploaded my compiled code to Github, and got an email from google saying my API keys are exposed.
After checking, realized that all my API Keys are stored in the compiled index.html files that appgyver outputs. Is there a more secure way to access these REST Api services, without actually exposing our Api Keys?
I do believe in common coding environments/servers we would store them as environment variables. How can we do that in AppG?


Just found Mevis answer in another post, could be the solution: Store an API key in the AppGyver hosted user management - #2 by Mevi