diff --git a/.github/workflows/badge.svg b/.github/workflows/badge.svg
new file mode 100644
index 00000000000..e41b26e50df
--- /dev/null
+++ b/.github/workflows/badge.svg
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg fill="#000000" height="800px" width="800px" version="1.1" id="Capa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" 
+	 viewBox="0 0 375.041 375.041" xml:space="preserve">
+<g>
+	<g>
+		<path d="M305.745,152.489c7.346-6.515,15.67-13.898,15.67-24.241s-8.324-17.727-15.67-24.242
+			c-4.156-3.686-8.867-7.864-9.873-10.965c-1.105-3.399,0.275-9.773,1.494-15.397c2.035-9.399,4.342-20.054-1.523-28.111
+			c-5.918-8.131-16.828-9.221-26.453-10.182c-5.678-0.567-12.111-1.209-14.922-3.255c-2.74-1.993-5.301-7.856-7.56-13.029
+			c-3.902-8.929-8.322-19.049-18.006-22.192C227.114,0.295,225.216,0,223.259,0c-7.396,0-14.439,4.105-21.25,8.076
+			c-5.049,2.942-10.77,6.277-14.488,6.277c-3.721,0-9.441-3.335-14.49-6.277C166.22,4.105,159.177,0,151.78,0
+			c-1.959,0-3.857,0.295-5.644,0.875c-9.682,3.144-14.102,13.264-18.002,22.191c-2.26,5.173-4.822,11.036-7.56,13.029
+			c-2.813,2.046-9.246,2.688-14.922,3.255c-9.627,0.961-20.537,2.051-26.453,10.182c-5.865,8.058-3.559,18.712-1.521,28.111
+			c1.217,5.624,2.598,11.998,1.494,15.397c-1.008,3.1-5.717,7.278-9.873,10.964c-7.346,6.516-15.672,13.9-15.672,24.243
+			c0,10.344,8.326,17.729,15.672,24.243c4.156,3.686,8.867,7.863,9.873,10.961c1.104,3.401-0.277,9.776-1.494,15.4
+			c-2.037,9.399-4.344,20.054,1.52,28.111c5.912,8.122,16.805,9.218,26.422,10.178L66.661,342.688
+			c-0.871,2.804-0.025,5.857,2.164,7.814c2.188,1.957,5.318,2.456,8.008,1.278l40.315-17.656l23.24,37.377
+			c1.379,2.22,3.799,3.54,6.367,3.54c0.316,0,0.637-0.019,0.957-0.061c2.912-0.373,5.338-2.412,6.207-5.216l33.602-108.279
+			l33.6,108.279c0.871,2.804,3.297,4.843,6.209,5.216c0.32,0.042,0.639,0.061,0.957,0.061c2.568,0,4.986-1.321,6.367-3.54
+			l23.238-37.377l40.316,17.656c2.686,1.178,5.818,0.681,8.006-1.278c2.189-1.957,3.035-5.011,2.166-7.814l-38.959-125.545
+			c9.619-0.961,20.51-2.057,26.422-10.179c5.865-8.058,3.559-18.712,1.523-28.112c-1.219-5.624-2.6-11.999-1.494-15.399
+			C296.878,160.352,301.589,156.175,305.745,152.489z M144.458,349.641l-18-28.952c-1.969-3.167-5.965-4.405-9.379-2.91
+			l-31.227,13.676l34.504-111.194c0.07,0.048,0.148,0.092,0.217,0.141c2.738,1.993,5.301,7.855,7.56,13.028
+			c3.9,8.928,8.322,19.048,18.004,22.19c1.787,0.581,3.688,0.875,5.645,0.875c7.396,0,14.439-4.106,21.25-8.074
+			c1.127-0.657,2.287-1.332,3.453-1.987L144.458,349.641z M257.96,317.778c-3.412-1.494-7.408-0.254-9.377,2.91l-18.002,28.952
+			l-32.025-103.209c1.164,0.654,2.326,1.33,3.453,1.987c6.811,3.971,13.854,8.075,21.25,8.075c1.959,0,3.857-0.294,5.645-0.874
+			c9.682-3.144,14.104-13.264,18.004-22.191c2.26-5.173,4.822-11.035,7.56-13.028c0.066-0.049,0.145-0.093,0.217-0.14
+			l34.504,111.193L257.96,317.778z M281.604,158.82c-2.354,7.25-0.598,15.361,1.1,23.205c1.303,6.009,2.922,13.487,1.012,16.112
+			c-1.965,2.699-9.646,3.466-15.816,4.082c-7.943,0.793-16.158,1.612-22.258,6.053c-6.029,4.387-9.309,11.893-12.479,19.15
+			c-2.506,5.733-5.623,12.869-8.893,13.931c-0.293,0.095-0.623,0.141-1.012,0.141c-3.344,0-8.844-3.206-13.697-6.034
+			c-7.016-4.089-14.27-8.317-22.041-8.317c-7.773,0-15.027,4.229-22.043,8.317c-4.852,2.828-10.352,6.034-13.695,6.034
+			c-0.389,0-0.719-0.046-1.012-0.142c-3.27-1.061-6.387-8.196-8.893-13.93c-3.17-7.258-6.449-14.764-12.479-19.15
+			c-6.102-4.441-14.316-5.261-22.262-6.054c-6.17-0.616-13.848-1.383-15.813-4.081c-1.91-2.625-0.291-10.102,1.01-16.11
+			c1.699-7.844,3.457-15.955,1.102-23.208c-2.266-6.98-8.326-12.354-14.186-17.55c-4.981-4.418-10.625-9.424-10.625-13.021
+			c0-3.597,5.644-8.604,10.625-13.021c5.859-5.197,11.92-10.572,14.188-17.554c2.353-7.251,0.596-15.361-1.102-23.205
+			c-1.303-6.009-2.922-13.485-1.012-16.11c1.965-2.699,9.645-3.466,15.816-4.082c7.943-0.793,16.156-1.612,22.258-6.052
+			c6.029-4.389,9.309-11.895,12.479-19.153c2.506-5.733,5.623-12.868,8.891-13.93C151.06,15.047,151.392,15,151.78,15
+			c3.344,0,8.844,3.207,13.697,6.035c7.016,4.09,14.27,8.318,22.043,8.318c7.771,0,15.025-4.229,22.041-8.318
+			C214.415,18.207,219.915,15,223.259,15c0.389,0,0.719,0.047,1.01,0.142c3.27,1.061,6.387,8.196,8.893,13.931
+			c3.172,7.259,6.451,14.765,12.48,19.152c6.1,4.439,14.314,5.259,22.258,6.052c6.17,0.616,13.852,1.383,15.816,4.082
+			c1.91,2.625,0.291,10.103-1.012,16.11c-1.697,7.844-3.453,15.955-1.1,23.204c2.266,6.982,8.326,12.357,14.188,17.556
+			c4.979,4.416,10.623,9.423,10.623,13.02c0,3.597-5.645,8.603-10.623,13.019C289.931,146.464,283.87,151.839,281.604,158.82z"/>
+		<path d="M187.52,43.244c-46.871,0-85.004,38.133-85.004,85.004s38.133,85.004,85.004,85.004s85.004-38.133,85.004-85.004
+			S234.392,43.244,187.52,43.244z M187.52,198.252c-38.602,0-70.004-31.403-70.004-70.004s31.402-70.004,70.004-70.004
+			c38.6,0,70.004,31.403,70.004,70.004S226.12,198.252,187.52,198.252z"/>
+		<path d="M187.52,69.186c-32.566,0-59.063,26.495-59.063,59.063c0,4.143,3.357,7.5,7.5,7.5c4.143,0,7.5-3.357,7.5-7.5
+			c0-24.296,19.766-44.063,44.063-44.063c4.143,0,7.5-3.357,7.5-7.5S191.663,69.186,187.52,69.186z"/>
+	</g>
+</g>
+</svg>
\ No newline at end of file
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 00000000000..17063ea9fa3
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,38 @@
+name: ci
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  tests:
+    name: Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.26.0"
+
+      - name: Run tests
+        run: go test ./... -cover
+
+  style:
+    name: Style
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.26.0"
+
+      - name: Check formatting
+        run: test -z $(go fmt ./...)
diff --git a/README.md b/README.md
index c2bec0368b7..1f66b420107 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,6 @@
 # learn-cicd-starter (Notely)
 
+![Tests](https://github.com/Simonbunse/learn-cicd-starter/actions/workflows/ci.yml/badge.svg)
 This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev).
 
 ## Local Development
@@ -21,3 +22,5 @@ go build -o notely && ./notely
 *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`.
 
 You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course!
+
+Simon's version of Boot.dev's Notely app.
diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go
new file mode 100644
index 00000000000..cb17fa78938
--- /dev/null
+++ b/internal/auth/auth_test.go
@@ -0,0 +1,58 @@
+package auth
+
+import (
+	"errors"
+	"net/http"
+	"testing"
+)
+
+func TestGetAPIKeyReturnsKey(t *testing.T) {
+	headers := http.Header{}
+	headers.Set("Authorization", "ApiKey secret-key")
+
+	got, err := GetAPIKey(headers)
+	if err != nil {
+		t.Fatalf("expected no error, got %v", err)
+	}
+
+	if got != "secret-key" {
+		t.Fatalf("expected API key %q, got %q", "secret-key", got)
+	}
+}
+
+func TestGetAPIKeyErrors(t *testing.T) {
+	tests := []struct {
+		name    string
+		header  string
+		wantErr error
+	}{
+		{
+			name:    "missing authorization header",
+			header:  "",
+			wantErr: ErrNoAuthHeaderIncluded,
+		},
+		{
+			name:    "malformed authorization header",
+			header:  "Bearer secret-key",
+			wantErr: errors.New("malformed authorization header"),
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			headers := http.Header{}
+			if tt.header != "" {
+				headers.Set("Authorization", tt.header)
+			}
+
+			_, err := GetAPIKey(headers)
+			if err == nil {
+				t.Fatal("expected an error, got nil")
+			}
+
+			if err.Error() != tt.wantErr.Error() {
+				t.Fatalf("expected error %q, got %q", tt.wantErr.Error(), err.Error())
+			}
+		})
+	}
+}