diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
new file mode 100644
index 0000000..d973520
--- /dev/null
+++ b/.github/workflows/tests.yml
@@ -0,0 +1,37 @@
+name: Tests
+
+on:
+    push:
+        branches: [ "master" ]
+    pull_request:
+        branches: [ "master" ]
+    workflow_dispatch:
+
+jobs:
+    test:
+        runs-on: ubuntu-latest
+
+        steps:
+            - name: Checkout code
+              uses: actions/checkout@v4
+
+            - name: Set up Python
+              uses: actions/setup-python@v5
+              id: cp312
+              with:
+                python-version-file: ".python-version"
+                cache: "pip"
+                cache-dependency-path: "requirements-test.txt"
+
+            # for testing
+            - name: Check cache hit
+              run: echo "${{ steps.cp312.outputs.cache-hit }}" # true if cache-hit occurred on the primary key
+
+            - name: Install dependencies
+              run: |
+                  python -m pip install --upgrade pip
+                  pip install -r requirements-test.txt
+
+            - name: Run tests
+              run: |
+                  pytest --disable-warnings -q -rA
diff --git a/tests/conftest.py b/tests/conftest.py
index 84da186..a8b6c3d 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -4,6 +4,7 @@
 
 # TODO: Fix hack. Changes the env var before initializing the db for testing
 os.environ["SQLALCHEMY_DATABASE_URI"] = "sqlite:///:memory:"
+os.environ["JWT_SECRET_KEY"] = os.urandom(24).hex()
 
 from app import app, db