# general


10/20/2021, 5:22 PM
For the users of the Pulumi GitOps operator, how do you solve the problem of being able to see infra diff in a PR before merging it, without granting the CI job access to cloud resources? Can the operator scan PRs and comment the
pulumi preview
output? Or am I limited to running
pulumi preview
within my CI and granting the CI service user read access to my cloud resources and Pulumi state?