When storing api keys in your project you likely want to add them to a separate file and encrypt or ignore that file. Unfortunately, when your client decrypts or uses the key during build, the key gets stored in your build so it might not look like it is available to anyone, but simple scrappers can discover the secret api.
My question is, what is a modestly responsible way to store API keys in your project and try to keep them secure from the public view. It is not possible to be 100% secure according to several sources I've found: https://stackoverflow.com/questions/48699820/how-do-i-hide-api-key-in-create-react-app
So the question remains, how do I simply but responsibly try to implement the api key without exposing my google firebase server to the public?