bootdotdev · mariemcharef · Mar 18, 2026 · Mar 18, 2026 · Mar 18, 2026 · Mar 18, 2026
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,38 @@
+name: ci
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  tests:
+    name: Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.26.0"
+
+      - name: Run tests with coverage
+        run: go test ./... -cover
+
+  style:
+    name: Style
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.25.1"
+
+      - name: Check formatting
+        run: test -z $(go fmt ./...)
diff --git a/README.md b/README.md
@@ -1,5 +1,7 @@
 # learn-cicd-starter (Notely)
 
+![CI](https://github.com/mariemcharef/learn-cicd-starter/actions/workflows/ci.yml/badge.svg)
+
 This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev).
 
 ## Local Development
@@ -21,3 +23,4 @@ go build -o notely && ./notely
 *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`.
 
 You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course!
+MARIEM's version of Boot.dev's Notely app.
diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go
@@ -0,0 +1,61 @@
+package auth
+
+import (
+	"net/http"
+	"testing"
+)
+
+func TestGetAPIKey(t *testing.T) {
+	tests := []struct {
+		name       string
+		headers    http.Header
+		wantKey    string
+		wantErr    bool
+		errMessage string
+	}{
+		{
+			name:       "valid API key",
+			headers:    http.Header{"Authorization": []string{"ApiKey my-secret-key"}},
+			wantKey:    "my-secret-key",
+			wantErr:    false,
+			errMessage: "",
+		},
+		{
+			name:       "missing Authorization header",
+			headers:    http.Header{},
+			wantKey:    "",
+			wantErr:    true,
+			errMessage: ErrNoAuthHeaderIncluded.Error(),
+		},
+		{
+			name:       "malformed Authorization header",
+			headers:    http.Header{"Authorization": []string{"Bearer token"}},
+			wantKey:    "",
+			wantErr:    true,
+			errMessage: "malformed authorization header",
+		},
+		{
+			name:       "only keyword no key",
+			headers:    http.Header{"Authorization": []string{"ApiKey"}},
+			wantKey:    "",
+			wantErr:    true,
+			errMessage: "malformed authorization header",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			gotKey, err := GetAPIKey(tt.headers)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("GetAPIKey() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if err != nil && err.Error() != tt.errMessage {
+				t.Errorf("GetAPIKey() error = %v, want %v", err, tt.errMessage)
+			}
+			if gotKey != tt.wantKey {
+				t.Errorf("GetAPIKey() = %v, want %v", gotKey, tt.wantKey)
+			}
+		})
+	}
+}