No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Which brings me to my question

I got some issues with a few things Pulumi does before we can actually start migrating over, I am hoping I could get some eyes on this and maybe even suggestions.
I am not comfortable with secrets stored in the repo. Encrypted or not.
We do store the secrets on Github, but not in the repo, but as Github Action secrets.
In fact, we also store configs there as clear text.
In the future we would like to store our configs as an .env file and read that into the CI.

Is there a way Pulumi could work without config and secrets being defined in the stack.yml file?