Yes, review stacks are designed to be substantially more flexible. The deployments REST API the review stacks is built ontop of is quite flexbile and powerful, enabling you to build your own custom workflow.
Review stacks aren't currently supported for GitLab, but you can still use the REST API to trigger deployments using standard git credentials as you mention.
We will eventually build deep GitLab support including review stacks and push to deploy. Feel free to give this issue a 👍 to follow along;
https://github.com/pulumi/pulumi-cloud-requests/issues/280