And like Dockerfiles aren't even yaml, they are their own syntax. Which again you could object model it, but most people are happy enough with Dockerfiles.

writing is one dockerfile for each configuration is a pain, better annotations say what range of versions the app is supported that way at place in code i can say it supports jdk 11 to 18 etc..let CI tools do all it requires check the code under various versions..

if pulumi supports Dockerfile with API IaC code can handle such scenarios with ease.

Looks like error in config file that is used error: Command failed: kubectl apply -f C:\Users\RAJANA~1\AppData\Local\Temp\tmp-18792Z1iRoQX3lvAx.tmp --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: aws-node rules: - apiGroups: - crd.k8s.amazonaws.com resources: - eniconfigs verbs: - get - list - watch - apiGroups: - '' resources: - pods - namespaces verbs: - list - watch - get - apiGroups: - '' resources: - nodes verbs: - list - watch - get - update - apiGroups: - extensions resources: - '*' verbs: - list - watch --- apiVersion: v1 kind: ServiceAccount metadata: name: aws-node namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: aws-node roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: aws-node subjects: - kind: ServiceAccount name: aws-node namespace: kube-system --- kind: DaemonSet apiVersion: apps/v1 metadata: name: aws-node namespace: kube-system labels: k8s-app: aws-node spec: updateStrategy: type: RollingUpdate rollingUpdate: maxUnavailable: 10% selector: matchLabels: k8s-app: aws-node template: metadata: labels: k8s-app: aws-node spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: beta.kubernetes.io/os operator: In values: - linux - key: beta.kubernetes.io/arch operator: In values: - amd64 - arm64 - key: eks.amazonaws.com/compute-type operator: NotIn values: - fargate - matchExpressions: - key: kubernetes.io/os operator: In values: - linux - key: kubernetes.io/arch operator: In values: - amd64 - arm64 - key: eks.amazonaws.com/compute-type operator: NotIn values: - fargate containers: - env: - name: MY_NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - name: WARM_ENI_TARGET value: '1' - name: AWS_VPC_K8S_CNI_LOGLEVEL value: DEBUG - name: AWS_VPC_K8S_CNI_LOG_FILE value: /host/var/log/aws-routed-eni/ipamd.log - name: AWS_VPC_K8S_CNI_VETHPREFIX value: eni - name: AWS_VPC_ENI_MTU value: '9001' - name: AWS_VPC_K8S_PLUGIN_LOG_LEVEL value: DEBUG - name: AWS_VPC_K8S_PLUGIN_LOG_FILE value: /var/log/aws-routed-eni/plugin.log - name: ENABLE_POD_ENI value: 'false' - name: AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER value: 'false' - name: AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG value: 'false' - name: AWS_VPC_K8S_CNI_EXTERNALSNAT value: 'false' image: '602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.7.5' imagePullPolicy: Always livenessProbe: exec: command: - /app/grpc-health-probe - '-addr=:50051' initialDelaySeconds: 60 name: aws-node ports: - containerPort: 61678 name: metrics readinessProbe: exec: command: - /app/grpc-health-probe - '-addr=:50051' initialDelaySeconds: 1 resources: requests: cpu: 10m securityContext: capabilities: add: - NET_ADMIN volumeMounts: - mountPath: /host/opt/cni/bin name: cni-bin-dir - mountPath: /host/etc/cni/net.d name: cni-net-dir - mountPath: /host/var/log/aws-routed-eni name: log-dir - mountPath: /var/run/aws-node name: run-dir - mountPath: /var/run/dockershim.sock name: dockershim - mountPath: /run/xtables.lock name: xtables-lock hostNetwork: true initContainers: - env: - name: DISABLE_TCP_EARLY_DEMUX value: 'false' image: >- 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.7.5 imagePullPolicy: Always name: aws-vpc-cni-init securityContext: privileged: true volumeMounts: - mountPath: /host/opt/cni/bin name: cni-bin-dir priorityClassName: system-node-critical serviceAccountName: aws-node terminationGracePeriodSeconds: 10 tolerations: - operator: Exists volumes: - hostPath: path: /opt/cni/bin name: cni-bin-dir - hostPath: path: /etc/cni/net.d name: cni-net-dir - hostPath: path: /var/run/dockershim.sock name: dockershim - hostPath: path: /run/xtables.lock name: xtables-lock - hostPath: path: /var/log/aws-routed-eni type: DirectoryOrCreate name: log-dir - hostPath: path: /var/run/aws-node type: DirectoryOrCreate name: run-dir --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: eniconfigs.crd.k8s.amazonaws.com spec: group: crd.k8s.amazonaws.com names: kind: ENIConfig plural: eniconfigs singular: eniconfig scope: Cluster versions: - name: v1alpha1 served: true storage: true

error: Command failed: kubectl apply -f C:\Users\RAJANA~1\AppData\Local\Temp\tmp-18792Z1iRoQX3lvAx.tmp Kubeconfig user entry is using deprecated API version client.authentication.k8s.io/v1alpha1. Run 'aws eks update-kubeconfig' to update. Warning: spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key: beta.kubernetes.io/os is deprecated since v1.14; use "kubernetes.io/os" instead Warning: spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[1].key: beta.kubernetes.io/arch is deprecated since v1.14; use "kubernetes.io/arch" instead error: unable to recognize "C:\\Users\\RAJANA~1\\AppData\\Local\\Temp\\tmp-18792Z1iRoQX3lvAx.tmp": no matches for kind "CustomResourceDefinition" in version "apiextensions.k8s.io/v1beta1" pulumipulumiStack (eks-dev): Kubeconfig user entry is using deprecated API version client.authentication.k8s.io/v1alpha1. Run 'aws eks update-kubeconfig' to update. Warning: spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key: beta.kubernetes.io/os is deprecated since v1.14; use "kubernetes.io/os" instead Warning: spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[1].key: beta.kubernetes.io/arch is deprecated since v1.14; use "kubernetes.io/arch" instead error: unable to recognize "C:\\Users\\RAJANA~1\\AppData\\Local\\Temp\\tmp-18792Z1iRoQX3lvAx.tmp": no matches for kind "CustomResourceDefinition" in version "apiextensions.k8s.io/v1beta1" error: Running program [PID: 10844](unknown) failed with an unhandled exception: io.grpc.StatusRuntimeException: UNAVAILABLE: error reading from server: read tcp 127.0.0.164789 >127.0.0.164788: use of closed network connection at io.grpc.Status.asRuntimeException(Status.java:535) at io.grpc.stub.ClientCalls$UnaryStreamToFuture.onClose(ClientCalls.java:533) at io.grpc.internal.ClientCallImpl.closeObserver(ClientCallImpl.java:553) at io.grpc.internal.ClientCallImpl.access$300(ClientCallImpl.java:68) at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInternal(ClientCallImpl.java:739) at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInContext(ClientCallImpl.java:718) at io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37) at io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:123) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.base/java.lang.Thread.run(Thread.java:833) kubernetescore/v1ConfigMap (eks-cluster-nodeAccess): error: failed to initialize discovery client: exec plugin: invalid apiVersion "client.authentication.k8s.io/v1alpha1" Resources: + 18 created Duration: 8m54s

Any issue related to this https://www.pulumi.com/registry/packages/kubernetes/api-docs/apiextensions/v1beta1/customresourcedefinition/