Are you using GSuite SAML with your Pulumi account? If yes I am not sure that this will work for you given that you are using SAML with Pulumi. But you could try
connecting your GitLab identity to your existing Pulumi user. Of course, you should ensure that you connect the right GitLab user that has access to the GitLab project in question. That'll allow Pulumi to use your GitLab access token from your identity to create a Merge Request comment.
If you haven't already you should also see the
guide about the GitLab integration. Note that if your Project in GitLab is under a group, that will pose another problem since your
Pulumi org would also need to use GitLab identity as well. This is for security reasons because Pulumi would need to verify your role in the Group and it can't do that if your Pulumi org is not backed by GitLab identity.
An alternative would be switching to GitLab-based auth with Pulumi. You could use SAML with GitLab instead and let Pulumi access be governed by your users still being active on GitLab. That may be an option.