No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

With source code and IaaC within the same project and residing in pulumi, if security is concerned just have IaaC inside pulumi and source code in Gitlab? But then separately into different repos defects the purpose of having source and IaaC nicely together as one...?

I don’t quite follow. Pulumi is source code. It can live in GitLab. It defines your infrastructure as code. You do not need to split anything. 