diff --git a/.github/actions/setup-project/action.yml b/.github/actions/setup-project/action.yml
index 9fdf27414..3b4c4d911 100644
--- a/.github/actions/setup-project/action.yml
+++ b/.github/actions/setup-project/action.yml
@@ -13,6 +13,9 @@ runs:
       uses: actions/setup-python@v3
       with:
         python-version: "3.9"
+    - name: Install pipenv  
+      shell: bash
+      run: pip install --upgrade pipenv
     - name: Install application dependencies
       shell: bash
       run: make bootstrap
diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml
index f72ecceb7..3ef5b7208 100644
--- a/.github/workflows/checks.yml
+++ b/.github/workflows/checks.yml
@@ -21,21 +21,23 @@ jobs:
       - uses: actions/checkout@v3
       - uses: ./.github/actions/setup-project
       - name: Run style checks
-        run: flake8 .
+        run: pipenv run flake8 .
       - name: Check imports alphabetized
-        run: isort --check-only ./app ./tests
+        run: pipenv run isort --check-only ./app ./tests
       - name: Run js lint
         run: npm run lint
       - name: Run js tests
         run: npm test
       - name: Run py tests
-        run: pytest -n4 --maxfail=10
+        run: pipenv run pytest -n4 --maxfail=10
 
   dependency-audits:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - uses: ./.github/actions/setup-project
+      - name: Create requirements.txt
+        run: pipenv requirements > requirements.txt
       - uses: trailofbits/gh-action-pip-audit@v1.0.0
         with:
           inputs: requirements.txt
@@ -48,10 +50,8 @@ jobs:
     steps:
       - uses: actions/checkout@v3
       - uses: ./.github/actions/setup-project
-      - name: Install bandit
-        run: pip install bandit
       - name: Run scan
-        run: bandit -r app/ --confidence-level medium
+        run: pipenv run bandit -r app/ --confidence-level medium
 
   dynamic-scan:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/daily_checks.yml b/.github/workflows/daily_checks.yml
index f2fda47e1..adbcdca9b 100644
--- a/.github/workflows/daily_checks.yml
+++ b/.github/workflows/daily_checks.yml
@@ -24,6 +24,8 @@ jobs:
     steps:
     - uses: actions/checkout@v3
     - uses: ./.github/actions/setup-project
+    - name: Create requirements.txt
+      run: pipenv requirements > requirements.txt
     - uses: trailofbits/gh-action-pip-audit@v1.0.0
       with:
         inputs: requirements.txt
@@ -36,10 +38,8 @@ jobs:
     steps:
       - uses: actions/checkout@v3
       - uses: ./.github/actions/setup-project
-      - name: Install bandit
-        run: pip install bandit
       - name: Run scan
-        run: bandit -r app/ --confidence-level medium
+        run: pipenv run bandit -r app/ --confidence-level medium
 
   dynamic-scan:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/deploy-demo.yml b/.github/workflows/deploy-demo.yml
index 16ba95627..41a15b5e4 100644
--- a/.github/workflows/deploy-demo.yml
+++ b/.github/workflows/deploy-demo.yml
@@ -40,6 +40,9 @@ jobs:
 
       - uses: ./.github/actions/setup-project
 
+      - name: Create requirements.txt because Cloud Foundry does a weird pipenv thing
+        run: pipenv requirements > requirements.txt
+
       - name: Deploy to cloud.gov
         uses: 18f/cg-deploy-action@main
         env:
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 5795c1f15..5e46ca1c4 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -45,6 +45,9 @@ jobs:
 
       - uses: ./.github/actions/setup-project
 
+      - name: Create requirements.txt because Cloud Foundry does a weird pipenv thing
+        run: pipenv requirements > requirements.txt
+
       - name: Deploy to cloud.gov
         uses: 18f/cg-deploy-action@main
         env: