diff --git a/.github/workflows/cd-preview.yml b/.github/workflows/cd-preview.yml
index 16f2c40653..e99637ab1f 100644
--- a/.github/workflows/cd-preview.yml
+++ b/.github/workflows/cd-preview.yml
@@ -1,16 +1,17 @@
 name: CD-preview
 
-on:
-  push:
-    branches-ignore:
-      - dependabot/*
+on: [push, workflow_dispatch]
 
 env:
   CI: true
 jobs:
   dev-release-npm:
     name: "NPM release under a dev tag"
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
+    # Dependabot cannot access secrets, so it doesn't have a token to publish to NPM.
+    # Since all the other jobs of this workflow depend on this one, skipping it should
+    # skip the entire workflow.
+    if: ${{ github.actor != 'dependabot' }}
     outputs:
       version-nr: ${{ steps.determine-npm-version.outputs.version-nr }}
     steps:
diff --git a/.github/workflows/cd-teardown.yml b/.github/workflows/cd-teardown.yml
index 47a92fa7b0..3cc8beb992 100644
--- a/.github/workflows/cd-teardown.yml
+++ b/.github/workflows/cd-teardown.yml
@@ -7,7 +7,10 @@ env:
 jobs:
   unpublish-npm:
     runs-on: ubuntu-20.04
-    if: github.event.ref_type == 'branch'
+    # Dependabot cannot access secrets, so it doesn't have a token to publish to NPM.
+    # Since all the other jobs of this workflow depend on this one, skipping it should
+    # skip the entire workflow.
+    if: ${{github.event.ref_type == 'branch' && github.actor != 'dependabot'}} 
     steps:
     - name: Prepare for unpublication from npm
       uses: actions/setup-node@v2.1.5
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9ccabe7412..e5841a7644 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,6 +1,6 @@
 name: CI
 
-on: [push]
+on: [push, workflow_dispatch]
 
 env:
   CI: true
@@ -29,7 +29,11 @@ jobs:
       - run: npm run bootstrap -- --ci
       - run: npm run build
       - run: npm run test
-      - run: npm run e2e-test
+      - # Dependabot cannot access secrets, so it doesn't have a token to authenticate to ESS.
+        # Since all the other jobs of this workflow depend on this one, skipping it should
+        # skip the entire workflow.
+        if: ${{ github.actor != 'dependabot' }}
+        run: npm run e2e-test
         env: 
           E2E_TEST_REFRESH_TOKEN: ${{ secrets.E2E_TEST_REFRESH_TOKEN }}
           E2E_TEST_CLIENT_ID: ${{ secrets.E2E_TEST_CLIENT_ID }}
diff --git a/.github/workflows/e2e-browser.yml b/.github/workflows/e2e-browser.yml
index 5dcb1fca9c..4b889ec0f1 100644
--- a/.github/workflows/e2e-browser.yml
+++ b/.github/workflows/e2e-browser.yml
@@ -20,6 +20,10 @@ jobs:
           path: e2e/browser/node_modules
           key: ${{ runner.os }}-node${{ runner.node-version }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
       - name: Run tests
+        # Dependabot cannot access secrets, so it doesn't have a token to authenticate to ESS.
+        # Since all the other jobs of this workflow depend on this one, skipping it should
+        # skip the entire workflow.
+        if: ${{ github.actor != 'dependabot' }}
         run: |
           cd e2e/browser;
           npm ci;