diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 00000000000..645901dd618
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,22 @@
+name: ci
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  tests:
+    name: Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.26.0"
+
+      - name: Run unit tests        
+        run: go test ./... -cover
\ No newline at end of file
diff --git a/README.md b/README.md
index c2bec0368b7..4d14af87604 100644
--- a/README.md
+++ b/README.md
@@ -21,3 +21,8 @@ go build -o notely && ./notely
 *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`.
 
 You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course!
+
+Athens' version of Boot.dev's Notely app.
+
+![CI workflow]
+(https://github.com/AthensF/learn-cicd-starter/actions/workflows/ci.yml/badge.svg)
\ No newline at end of file
diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index f969aacf638..3d620e6b356 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -10,6 +10,7 @@ var ErrNoAuthHeaderIncluded = errors.New("no authorization header included")
 
 // GetAPIKey -
 func GetAPIKey(headers http.Header) (string, error) {
+	// authHeader := headers.Get("Authorization")
 	authHeader := headers.Get("Authorization")
 	if authHeader == "" {
 		return "", ErrNoAuthHeaderIncluded
diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go
new file mode 100644
index 00000000000..9411fcdb539
--- /dev/null
+++ b/internal/auth/auth_test.go
@@ -0,0 +1,65 @@
+package auth
+
+import (
+	"fmt"
+	"net/http"
+	"strings"
+	"testing"
+)
+
+func TestGetAPIKey(t *testing.T) {
+	tests := []struct {
+		key       string
+		value     string
+		expect    string
+		expectErr string
+	}{
+		{
+			expectErr: "no authorization header",
+		},
+		{
+			key:       "Authorization",
+			expectErr: "no authorization header",
+		},
+		{
+			key:       "Authorization",
+			value:     "-",
+			expectErr: "malformed authorization header",
+		},
+		{
+			key:       "Authorization",
+			value:     "Bearer xxxxxx",
+			expectErr: "malformed authorization header",
+		},
+		{
+			key:       "Authorization",
+			value:     "ApiKey xxxxxx",
+			expect:    "xxxxxx",
+			expectErr: "not expecting an error",
+		},
+	}
+
+	for i, tc := range tests {
+		t.Run(fmt.Sprintf("TestGetAPIKey Case # %v:", i), func(t *testing.T) {
+			header := http.Header{}
+			header.Add(tc.key, tc.value)
+
+			got, err := GetAPIKey(header)
+
+			if err != nil {
+				if strings.Contains(err.Error(), tc.expectErr) {
+					return
+				}
+				t.Errorf("Unexpected: TestGetAPIKey: %v\n", err)
+			}
+
+			if got != tc.expect {
+				t.Errorf("Expected: TestGetAPIKey: %v\n Actual: %v", tc.expect, got)
+				return
+			}
+
+		})
+
+	}
+
+}