diff --git a/.github/set_up_cromwell_action/action.yml b/.github/set_up_cromwell_action/action.yml
new file mode 100644
index 00000000000..13cb11601db
--- /dev/null
+++ b/.github/set_up_cromwell_action/action.yml
@@ -0,0 +1,47 @@
+#This is a series of steps that will setup Java/sbt/Cromwell on the local runner.
+#These steps are meant to be re-used and invoked by other Github Action Workflows
+name: 'Set Up Cromwell Steps'
+description: Specific steps that will set up git secrets, java, sbt, and Cromwell on the local machine. 
+inputs:
+  cromwell_repo_token: #As an input to this action, you are required to pass in a token that can be used to authenticate while checking out Cromwell.
+    required: true
+
+runs:
+  using: "composite" # <-- this allows these steps to be used by other workflows.
+  steps:
+      #Allows this github action to use a cache to store stuff like Java and sbt files between runs.
+      - uses: actions/checkout@v3
+        name: Checkout Coursier Cache
+      - uses: coursier/cache-action@v6  
+        name: Enable Coursier Cache
+
+      #Cromwell requires git-secrets be setup. Here, we set up secrets and verify success with a script.
+      - name: Git secrets setup 
+        run: |
+          git clone https://github.com/awslabs/git-secrets.git ~/git-secrets
+          cd ~/git-secrets
+          git checkout ad82d68ee924906a0401dfd48de5057731a9bc84
+          sudo make install
+        shell: bash
+
+      - name: Secrets check
+        run: |
+          sudo ln -s "$(which echo)" /usr/local/bin/say
+          ./minnie-kenny.sh --force
+          git secrets --scan-history
+        shell: bash
+
+      #Clone the cromwell repo to this VM.
+      - name: Clone Cromwell
+        uses: actions/checkout@v3
+        with:
+          repository: broadinstitute/cromwell
+          token: ${{ inputs.cromwell_repo_token }}
+
+      #Install Java to this VM. This Java version and distribution is compatible with Cromwell.
+      - name: Setup JDK
+        uses: actions/setup-java@v3
+        with:
+          distribution: temurin
+          java-version: 11
+
diff --git a/.github/workflows/cromwell_unit_tests.yml b/.github/workflows/cromwell_unit_tests.yml
new file mode 100644
index 00000000000..d0927f8b954
--- /dev/null
+++ b/.github/workflows/cromwell_unit_tests.yml
@@ -0,0 +1,32 @@
+name: 'Cromwell unit tests'
+
+#This github action runs all of Cromwell's unit tests.
+
+#This is what shows up in the github workflows page as the title. 
+run-name: ${{ github.actor }} running Cromwell sbt unit tests.
+
+#What will trigger the workflow to run. 
+on:
+  workflow_dispatch: #Manual trigger from GitHub UI
+  push:
+
+permissions: 
+  contents: read
+
+jobs:
+  build-and-test: 
+    #This action is using a Github free runner, rather than a Broad self-hosted one.
+    #This is because the Broad ones don't have sbt installed by default.
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3 # checkout the cromwell repo
+    - uses: ./.github/set_up_cromwell_action #Exectute this reusable github action. It will set up java/sbt/git-secrets/cromwell.
+      with:
+        cromwell_repo_token: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
+  
+    #Invoke SBT to run all unit tests for Cromwell. 
+    - name: Run tests
+      run: |
+        set -e
+        sbt "test"