diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 00000000000..e429e31972a
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,52 @@
+name: ci
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  tests:
+    name: Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.26.0"
+
+      - name: Run tests
+        run: go test ./... -cover
+
+      - name: Install gosec
+        run: go install github.com/securego/gosec/v2/cmd/gosec@latest
+
+      - name: Run gosec
+        run: gosec ./...
+  
+  style:
+    name: Style
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.26.0"
+
+      - name: Run style check
+        run: |
+          test -z $(go fmt ./...)
+          echo $?
+
+      - name: Install staticcheck
+        run: go install honnef.co/go/tools/cmd/staticcheck@latest
+      
+      - name: Run staticcheck
+        run: staticcheck ./...
\ No newline at end of file
diff --git a/README.md b/README.md
index c2bec0368b7..a61d69160f9 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,5 @@
+https://github.com/Salimzyanov-Lenar/learn-cicd-starter/actions/workflows/ci.yml/badge.svg
+
 # learn-cicd-starter (Notely)
 
 This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev).
@@ -21,3 +23,4 @@ go build -o notely && ./notely
 *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`.
 
 You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course!
+MYNAME's version of Boot.dev's Notely app.
\ No newline at end of file
diff --git a/internal/auth/get_api_key_test.go b/internal/auth/get_api_key_test.go
new file mode 100644
index 00000000000..75a1a9685db
--- /dev/null
+++ b/internal/auth/get_api_key_test.go
@@ -0,0 +1,57 @@
+package auth
+
+import (
+	"errors"
+	"net/http"
+	"testing"
+)
+
+func TestGetAPIKey(t *testing.T) {
+	tests := []struct {
+		name        string
+		headers     http.Header
+		expectedKey string
+		expectedErr error
+	}{
+		{
+			name:        "No authorization header",
+			headers:     http.Header{}, // пустой заголовок
+			expectedKey: "",
+			expectedErr: ErrNoAuthHeaderIncluded,
+		},
+		{
+			name: "Malformed authorization header",
+			headers: http.Header{
+				"Authorization": []string{"Bearer token"},
+			},
+			expectedKey: "",
+			expectedErr: errors.New("malformed authorization header"),
+		},
+		{
+			name: "Valid authorization header",
+			headers: http.Header{
+				"Authorization": []string{"ApiKey 12345"},
+			},
+			expectedKey: "12345",
+			expectedErr: nil,
+		},
+		{
+			name: "Invalid authorization scheme",
+			headers: http.Header{
+				"Authorization": []string{"Bearer 12345"},
+			},
+			expectedKey: "",
+			expectedErr: errors.New("malformed authorization header"),
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			gotKey, gotErr := GetAPIKey(tt.headers)
+			// Проверяем, что ключ и ошибка совпадают с ожидаемыми значениями
+			if gotKey != tt.expectedKey || (gotErr != nil && gotErr.Error() != tt.expectedErr.Error()) {
+				t.Errorf("GetAPIKey() = (%v, %v), want (%v, %v)", gotKey, gotErr, tt.expectedKey, tt.expectedErr)
+			}
+		})
+	}
+}
diff --git a/json.go b/json.go
index 1e6e7985e18..a0f282e06b9 100644
--- a/json.go
+++ b/json.go
@@ -30,5 +30,7 @@ func respondWithJSON(w http.ResponseWriter, code int, payload interface{}) {
 		return
 	}
 	w.WriteHeader(code)
-	w.Write(dat)
+	if _, err := w.Write(dat); err != nil {
+		log.Printf("write error: %v", err)
+	}
 }
diff --git a/main.go b/main.go
index 19d7366c5f7..fc83c2426a5 100644
--- a/main.go
+++ b/main.go
@@ -7,6 +7,8 @@ import (
 	"log"
 	"net/http"
 	"os"
+	"strconv"
+	"time"
 
 	"github.com/go-chi/chi"
 	"github.com/go-chi/cors"
@@ -30,10 +32,12 @@ func main() {
 		log.Printf("warning: assuming default configuration. .env unreadable: %v", err)
 	}
 
-	port := os.Getenv("PORT")
-	if port == "" {
-		log.Fatal("PORT environment variable is not set")
+	portEnv := os.Getenv("PORT")
+	portInt, err := strconv.Atoi(portEnv)
+	if err != nil {
+		log.Fatal("Invalid port")
 	}
+	port := strconv.Itoa(portInt)
 
 	apiCfg := apiConfig{}
 
@@ -89,10 +93,11 @@ func main() {
 
 	router.Mount("/v1", v1Router)
 	srv := &http.Server{
-		Addr:    ":" + port,
-		Handler: router,
+		Addr:              ":" + port,
+		Handler:           router,
+		ReadHeaderTimeout: 5 * time.Second,
 	}
 
-	log.Printf("Serving on port: %s\n", port)
+	log.Printf("Serving on port: %q\n", port)
 	log.Fatal(srv.ListenAndServe())
 }