diff --git a/.github/.codecov.yml b/.github/.codecov.yml
new file mode 100644
index 0000000..463365d
--- /dev/null
+++ b/.github/.codecov.yml
@@ -0,0 +1,35 @@
+# To validate:
+#   cat codecov.yml | curl --data-binary @- https://codecov.io/validate
+
+codecov:
+  # Avoid "Missing base report"
+  # https://docs.codecov.io/docs/comparing-commits
+  allow_coverage_offsets: true
+  notify:
+    require_ci_to_pass: yes
+
+coverage:
+  precision: 2
+  round: down
+  range: "50...75"
+
+  status:
+    project:
+      default:
+        threshold: 1
+      unittest:
+        threshold: 1
+        only_pulls: true
+        flags:
+          - "unittest"
+    # Disable patch since it is noisy and not correct
+    patch:
+      default:
+        enabled: no
+        if_not_found: success
+
+comment: false
+
+ignore:
+  - "api/v1alpha1/**/*"
+  - "hack/**/*"
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
new file mode 100644
index 0000000..267ca72
--- /dev/null
+++ b/.github/dependabot.yaml
@@ -0,0 +1,7 @@
+# See https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates#package-ecosystem
+version: 2
+updates:
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "monthly"
diff --git a/.github/workflows/pr-tests.yaml b/.github/workflows/pr-tests.yaml
new file mode 100644
index 0000000..8f234b5
--- /dev/null
+++ b/.github/workflows/pr-tests.yaml
@@ -0,0 +1,51 @@
+name: Automatic Pull Request test
+
+on:
+  pull_request:
+    branches:
+      - "main"
+
+permissions:
+  contents: read
+
+jobs:
+  unit-test:
+    name: Unit test
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout latest commit in the PR
+        uses: actions/checkout@v3
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: "1.20"
+      - name: Set up tools
+        run: |
+          go install golang.org/x/lint/golint@latest
+          go install golang.org/x/tools/cmd/goimports@latest
+      - name: Run code checks
+        run: |
+          make check-format
+          make vet
+      - name: Build
+        run: make build
+      - name: Unit test
+        run: make test
+      - name: Upload code coverage
+        uses: codecov/codecov-action@v3
+docker-build:
+    name: Build Docker images
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout latest commit in the PR
+        uses: actions/checkout@v3
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: "1.20"
+      - name: Build Network Policy Controller images
+        run: make docker-buildx          
diff --git a/CODEOWNERS b/CODEOWNERS
new file mode 100644
index 0000000..9228aad
--- /dev/null
+++ b/CODEOWNERS
@@ -0,0 +1 @@
+* @aws/eks-networking
diff --git a/Makefile b/Makefile
index 207f5eb..993a860 100644
--- a/Makefile
+++ b/Makefile
@@ -176,3 +176,14 @@ GO_RUNNER_IMAGE=public.ecr.aws/eks-distro/kubernetes/go-runner:v0.15.0-eks-1-27-
 .PHONY: docker-buildx
 docker-buildx: test
 	docker buildx build --platform=$(PLATFORMS) -t $(IMG)-$(GOARCH) --build-arg BASE_IMAGE=$(BASE_IMAGE) --build-arg BUILD_IMAGE=$(BUILD_IMAGE) --build-arg $(GOARCH) --load .
+
+# Check formatting of source code files without modification.
+check-format: FORMAT_FLAGS = -l
+check-format: format
+
+format:       ## Format all Go source code files.
+	@command -v goimports >/dev/null || { echo "ERROR: goimports not installed"; exit 1; }
+	@exit $(shell find ./* \
+	  -type f \
+	  -name '*.go' \
+	  -print0 | sort -z | xargs -0 -- goimports $(or $(FORMAT_FLAGS),-w) | wc -l | bc)
diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
index fa31984..d7d3c3a 100644
--- a/api/v1alpha1/zz_generated.deepcopy.go
+++ b/api/v1alpha1/zz_generated.deepcopy.go
@@ -22,7 +22,7 @@ limitations under the License.
 package v1alpha1
 
 import (
-	"k8s.io/api/core/v1"
+	v1 "k8s.io/api/core/v1"
 	networkingv1 "k8s.io/api/networking/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
diff --git a/internal/eventhandlers/namespace.go b/internal/eventhandlers/namespace.go
index fcc4df4..96b00e2 100644
--- a/internal/eventhandlers/namespace.go
+++ b/internal/eventhandlers/namespace.go
@@ -2,6 +2,7 @@ package eventhandlers
 
 import (
 	"context"
+
 	"github.com/aws/amazon-network-policy-controller-k8s/pkg/k8s"
 	"github.com/aws/amazon-network-policy-controller-k8s/pkg/resolvers"
 
diff --git a/internal/eventhandlers/policy.go b/internal/eventhandlers/policy.go
index f9c93d8..f092dde 100644
--- a/internal/eventhandlers/policy.go
+++ b/internal/eventhandlers/policy.go
@@ -18,9 +18,10 @@ package eventhandlers
 
 import (
 	"context"
-	"github.com/aws/amazon-network-policy-controller-k8s/pkg/resolvers"
 	"time"
 
+	"github.com/aws/amazon-network-policy-controller-k8s/pkg/resolvers"
+
 	"github.com/aws/amazon-network-policy-controller-k8s/pkg/k8s"
 	"github.com/go-logr/logr"
 	networking "k8s.io/api/networking/v1"
diff --git a/internal/eventhandlers/service.go b/internal/eventhandlers/service.go
index ea66068..4876ab7 100644
--- a/internal/eventhandlers/service.go
+++ b/internal/eventhandlers/service.go
@@ -18,6 +18,7 @@ package eventhandlers
 
 import (
 	"context"
+
 	"github.com/aws/amazon-network-policy-controller-k8s/pkg/k8s"
 	"github.com/aws/amazon-network-policy-controller-k8s/pkg/resolvers"
 	"github.com/go-logr/logr"
diff --git a/pkg/config/runtime_config.go b/pkg/config/runtime_config.go
index f7940b8..9d09bec 100644
--- a/pkg/config/runtime_config.go
+++ b/pkg/config/runtime_config.go
@@ -1,12 +1,13 @@
 package config
 
 import (
+	"time"
+
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
 	ctrl "sigs.k8s.io/controller-runtime"
-	"time"
 
 	"github.com/spf13/pflag"
 )
diff --git a/pkg/k8s/pod_utils_test.go b/pkg/k8s/pod_utils_test.go
index 08444ab..1e7166e 100644
--- a/pkg/k8s/pod_utils_test.go
+++ b/pkg/k8s/pod_utils_test.go
@@ -1,11 +1,12 @@
 package k8s
 
 import (
+	"testing"
+
 	"github.com/stretchr/testify/assert"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/intstr"
-	"testing"
 )
 
 func Test_GetPodIP(t *testing.T) {
diff --git a/pkg/k8s/service_utils_test.go b/pkg/k8s/service_utils_test.go
index 1317858..5e98ec0 100644
--- a/pkg/k8s/service_utils_test.go
+++ b/pkg/k8s/service_utils_test.go
@@ -1,11 +1,12 @@
 package k8s
 
 import (
+	"testing"
+
 	"github.com/stretchr/testify/assert"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/intstr"
-	"testing"
 )
 
 func Test_LookupServicePort(t *testing.T) {
diff --git a/pkg/k8s/utils_test.go b/pkg/k8s/utils_test.go
index d0d4bc8..8f59531 100644
--- a/pkg/k8s/utils_test.go
+++ b/pkg/k8s/utils_test.go
@@ -1,9 +1,10 @@
 package k8s
 
 import (
-	"sigs.k8s.io/controller-runtime/pkg/client"
 	"testing"
 
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
 	"github.com/stretchr/testify/assert"
 	networking "k8s.io/api/networking/v1"
 	rbac "k8s.io/api/rbac/v1"
diff --git a/pkg/policyendpoints/manager.go b/pkg/policyendpoints/manager.go
index ad86353..14b68e9 100644
--- a/pkg/policyendpoints/manager.go
+++ b/pkg/policyendpoints/manager.go
@@ -4,9 +4,10 @@ import (
 	"context"
 	"crypto/sha256"
 	"encoding/hex"
-	"golang.org/x/exp/maps"
 	"strconv"
 
+	"golang.org/x/exp/maps"
+
 	"github.com/go-logr/logr"
 	"github.com/pkg/errors"
 	"github.com/samber/lo"
diff --git a/pkg/resolvers/policies.go b/pkg/resolvers/policies.go
index 68adae2..b61f0b9 100644
--- a/pkg/resolvers/policies.go
+++ b/pkg/resolvers/policies.go
@@ -2,6 +2,7 @@ package resolvers
 
 import (
 	"context"
+
 	"github.com/go-logr/logr"
 	corev1 "k8s.io/api/core/v1"
 	networking "k8s.io/api/networking/v1"
diff --git a/pkg/resolvers/policies_for_pod.go b/pkg/resolvers/policies_for_pod.go
index 257ef1a..0411f33 100644
--- a/pkg/resolvers/policies_for_pod.go
+++ b/pkg/resolvers/policies_for_pod.go
@@ -2,6 +2,7 @@ package resolvers
 
 import (
 	"context"
+
 	"github.com/aws/amazon-network-policy-controller-k8s/pkg/k8s"
 	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
diff --git a/pkg/resolvers/policies_for_service_test.go b/pkg/resolvers/policies_for_service_test.go
index b79a92f..4bc2dd3 100644
--- a/pkg/resolvers/policies_for_service_test.go
+++ b/pkg/resolvers/policies_for_service_test.go
@@ -2,6 +2,9 @@ package resolvers
 
 import (
 	"context"
+	"sort"
+	"testing"
+
 	mock_client "github.com/aws/amazon-network-policy-controller-k8s/mocks/controller-runtime/client"
 	"github.com/go-logr/logr"
 	"github.com/golang/mock/gomock"
@@ -12,8 +15,6 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/log"
-	"sort"
-	"testing"
 
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"