From 57177145f23b022d416cccd973720503254602cf Mon Sep 17 00:00:00 2001
From: JJGadgets <git@jjgadgets.tech>
Date: Tue, 26 Dec 2023 15:10:57 +0800
Subject: [PATCH] fix(kubevirt): allow apiserver/nodes ingress

---
 kube/deploy/vm/_kubevirt/netpol.yaml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/kube/deploy/vm/_kubevirt/netpol.yaml b/kube/deploy/vm/_kubevirt/netpol.yaml
index c70f6926..38b03bcd 100644
--- a/kube/deploy/vm/_kubevirt/netpol.yaml
+++ b/kube/deploy/vm/_kubevirt/netpol.yaml
@@ -7,7 +7,11 @@ metadata:
   namespace: *app
 spec:
   endpointSelector: {}
-  ingress: [{}] # deny all
+  ingress:
+    - fromEntities:
+        - kube-apiserver
+        - host
+        - remote-node
   egress:
     # kube-apiserver
     - toEntities: