I agree on the separation of concern even if the same person has dev and ops duty. Once the app interface (port) is defined and shared with the infrastructure code then the concern is to maintain the infrastructure state, organize it for scaling, etc.

After using Helm and tried ksonnet, I’m bothered by the fact that in the case of Helm, Tillier keeps a state, it creates another point of desynchronization: if the infrastructure state is modified outside of using helm, helm still uses its version of the truth and will not apply changes. This design is redundant with the way kubernetes reconcile the desired state and error prone (why my deployment replicas s still at 0). With ksonnet (or plain yaml resources files) the code for desired state stays only in git and when you apply it, it will update the desired state in k8s, I like that idempotence.