Hardcoding API keys in your code is not a good practice. It makes your code less portable and less flexible. It also makes it harder to keep your code secure. Instead, you should use environment variables to store values that are specific to your development environment. Chainlit will automatically load environment variables from a .env file in the root of your project. This file should be added to your .gitignore file so that it is not committed to your repository.
.env
OPENAI_API_KEY=sk-...
PINECONE_API_KEY=...

Public Apps & Environment Variables

If you want to share your app to a broader audience, you should not put your own OpenAI API keys in the .env file. Instead, you should use user_env in the Chainlit config to ask each user to provide their own keys. You can then access the user’s keys in your code using: 
import chainlit as cl

user_env = cl.user_session.get("env")