From 884350e2bdc534e6e9922273b8f3f5fc14432f06 Mon Sep 17 00:00:00 2001
From: rkoster <hi@rkoster.dev>
Date: Thu, 5 Mar 2026 10:01:19 +0000
Subject: [PATCH 1/8] Update cloud_controller_ng submodule for mTLS app-to-app
 routing

Points to feature/app-to-app-mtls-routing branch which includes:
- mtls_allowed_sources route option for authorization
- GUID existence validation for apps, spaces, and orgs
- Mutual exclusivity enforcement for 'any' vs specific GUIDs
- Feature flag gating via app_to_app_mtls_routing
---
 src/cloud_controller_ng | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cloud_controller_ng b/src/cloud_controller_ng
index 2e401404c7..936d4dd8bd 160000
--- a/src/cloud_controller_ng
+++ b/src/cloud_controller_ng
@@ -1 +1 @@
-Subproject commit 2e401404c7cf941ee86d1eb26808c75d6d2ec999
+Subproject commit 936d4dd8bd0520bfc4a4b4c08d0983f76a103bc3

From ac9ea7d2b0640ec9475ad3eb68ed438ccfb6e024 Mon Sep 17 00:00:00 2001
From: rkoster <hi@rkoster.dev>
Date: Thu, 5 Mar 2026 15:06:19 +0000
Subject: [PATCH 2/8] Update cloud_controller_ng submodule for RFC-0027
 compliant route options

---
 src/cloud_controller_ng | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cloud_controller_ng b/src/cloud_controller_ng
index 936d4dd8bd..97470469ca 160000
--- a/src/cloud_controller_ng
+++ b/src/cloud_controller_ng
@@ -1 +1 @@
-Subproject commit 936d4dd8bd0520bfc4a4b4c08d0983f76a103bc3
+Subproject commit 97470469ca3a223e8616e8a588b17b5fe8d41f80

From 680b9aa3f5ddfaa586762a84fe45c5ccab32fbae Mon Sep 17 00:00:00 2001
From: rkoster <hi@rkoster.dev>
Date: Tue, 21 Apr 2026 08:09:21 +0000
Subject: [PATCH 3/8] =?UTF-8?q?Update=20cloud=5Fcontroller=5Fng=20for=20ac?=
 =?UTF-8?q?cess=20rules=20=E2=86=92=20route=20policies=20rebrand?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Updates cloud_controller_ng submodule to commit fa02d7877 which
completes the terminology shift from 'access rules' to 'route policies'
and 'selector' to 'source' for identity-aware routing RFC-0027.

This aligns with existing CF network policies terminology and
C2C network policy conventions (source → destination).
---
 src/cloud_controller_ng | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cloud_controller_ng b/src/cloud_controller_ng
index 97470469ca..fa02d7877e 160000
--- a/src/cloud_controller_ng
+++ b/src/cloud_controller_ng
@@ -1 +1 @@
-Subproject commit 97470469ca3a223e8616e8a588b17b5fe8d41f80
+Subproject commit fa02d7877e8559b3466b68592c8b007c348104fc

From 897848310ff1d8953e3c3e609097b453b246e6f6 Mon Sep 17 00:00:00 2001
From: rkoster <hi@rkoster.dev>
Date: Tue, 21 Apr 2026 08:30:46 +0000
Subject: [PATCH 4/8] Update cloud_controller_ng: fix test failures

Updates submodule to commit bfd79bef4 which fixes all CI/CD test
failures by completing the terminology rebrand in test files.

Fixes:
- Rubocop style violations (indentation)
- Test require statements
- All test references to old terminology
- Table names in test error messages
---
 src/cloud_controller_ng | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cloud_controller_ng b/src/cloud_controller_ng
index fa02d7877e..bfd79bef45 160000
--- a/src/cloud_controller_ng
+++ b/src/cloud_controller_ng
@@ -1 +1 @@
-Subproject commit fa02d7877e8559b3466b68592c8b007c348104fc
+Subproject commit bfd79bef45acab7d228722b14758731a6e9e2648

From ad11ca0a6817068c92b999e1e1933129ae0fb19f Mon Sep 17 00:00:00 2001
From: rkoster <hi@rkoster.dev>
Date: Tue, 21 Apr 2026 09:13:40 +0000
Subject: [PATCH 5/8] Update cloud_controller_ng: fix routing_info_spec field
 names

---
 src/cloud_controller_ng | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cloud_controller_ng b/src/cloud_controller_ng
index bfd79bef45..07e4872a0c 160000
--- a/src/cloud_controller_ng
+++ b/src/cloud_controller_ng
@@ -1 +1 @@
-Subproject commit bfd79bef45acab7d228722b14758731a6e9e2648
+Subproject commit 07e4872a0ce179638d561ff7db87560b8d4c73e3

From 7f2bbf8c2c4bfade121ca87f0955c0933fe8b942 Mon Sep 17 00:00:00 2001
From: rkoster <hi@rkoster.dev>
Date: Tue, 21 Apr 2026 09:37:30 +0000
Subject: [PATCH 6/8] Update cloud_controller_ng: fix
 domain_create_message_spec field names

---
 src/cloud_controller_ng | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cloud_controller_ng b/src/cloud_controller_ng
index 07e4872a0c..ebd3f00dbe 160000
--- a/src/cloud_controller_ng
+++ b/src/cloud_controller_ng
@@ -1 +1 @@
-Subproject commit 07e4872a0ce179638d561ff7db87560b8d4c73e3
+Subproject commit ebd3f00dbe0c0a5d5c0f0ec68a1d01709070f4af

From 2388764fd2eff53450f3d7b66ed1f4d357a2cb18 Mon Sep 17 00:00:00 2001
From: rkoster <hi@rkoster.dev>
Date: Tue, 21 Apr 2026 10:34:18 +0000
Subject: [PATCH 7/8] Update cloud_controller_ng: fix label_selector regression
 and complete route policy terminology
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- a9c550558: Fix route_policies_spec to use 'Source' and 'sources' query param
- 1a34dfe16: Revert incorrect label_selector→label_source rename

This fixes 13+ test failures caused by accidentally renaming the legitimate
label_selector query parameter during the route policy terminology rebrand.
---
 src/cloud_controller_ng | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cloud_controller_ng b/src/cloud_controller_ng
index ebd3f00dbe..1a34dfe16f 160000
--- a/src/cloud_controller_ng
+++ b/src/cloud_controller_ng
@@ -1 +1 @@
-Subproject commit ebd3f00dbe0c0a5d5c0f0ec68a1d01709070f4af
+Subproject commit 1a34dfe16f44e171ad90689a1ffdc96d7f585714

From c9dd5dc51ac905de9b6348ad590983579340735d Mon Sep 17 00:00:00 2001
From: rkoster <hi@rkoster.dev>
Date: Tue, 21 Apr 2026 12:56:19 +0000
Subject: [PATCH 8/8] Update cloud_controller_ng: rebase onto main for
 storage-cli native types support

Rebased feature/app-to-app-mtls-routing onto origin/main to include:

- 9c338b321: Use storage-cli types instead of legacy fog provider names
  - Adds support for native storage-cli types: azurebs, s3, gcs, alioss
  - Maintains backward compatibility with legacy fog names: AzureRM, AWS, Google, aliyun
  - Explicitly blocks webdav/dav provider (not fully implemented yet)

This fixes production deployment error where capi-release templates
(latest) generate native storage-cli type names (e.g., azurebs) but
cloud_controller_ng code (feature branch) only accepted legacy fog
provider names (e.g., AzureRM).

Rebase also brings in recent upstream changes:
- Dependency updates (rubocop, syslog, mime-types, etc.)
- Performance improvements (reduce db calls in process presenter)
- Bug fixes and refactoring

Feature branch commits (29 total) cleanly rebased with no conflicts.
---
 src/cloud_controller_ng | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cloud_controller_ng b/src/cloud_controller_ng
index 1a34dfe16f..338b2e8bb5 160000
--- a/src/cloud_controller_ng
+++ b/src/cloud_controller_ng
@@ -1 +1 @@
-Subproject commit 1a34dfe16f44e171ad90689a1ffdc96d7f585714
+Subproject commit 338b2e8bb5dd9624a11f7bbcd2ef607353e5207a