DoodleScheduling
diff --git a/‎.github/workflows/main.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/main.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/pr-build.yaml‎
Lines changed: 8 additions & 53 deletions b/‎.github/workflows/pr-build.yaml‎
Lines changed: 8 additions & 53 deletions
diff --git a/‎.github/workflows/release.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/release.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Makefile‎
Lines changed: 3 additions & 3 deletions b/‎Makefile‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎PROJECT‎
Lines changed: 2 additions & 2 deletions b/‎PROJECT‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎README.md‎
Lines changed: 152 additions & 31 deletions b/‎README.md‎
Lines changed: 152 additions & 31 deletions
diff --git a/‎api/v1beta1/groupversion_info.go‎
Lines changed: 3 additions & 3 deletions b/‎api/v1beta1/groupversion_info.go‎
Lines changed: 3 additions & 3 deletions
@@ -20,7 +20,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
         with:
-          go-version: 1.24.x
+          go-version: 1.25.x
       - name: Tests
         run: make test
       - name: Send go coverage report
 
@@ -56,7 +56,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
         with:
-          go-version: 1.24.x
+          go-version: 1.25.x
       - name: fmt
         run: make fmt
       - name: vet
@@ -76,10 +76,10 @@ jobs:
     strategy:
       matrix:
         kubernetes-version:
-        - "1.27"
-        - "1.28"
-        - "1.29"
-        - "1.30"
+        - "1.31"
+        - "1.32"
+        - "1.33"
+        - "1.34"
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
@@ -90,7 +90,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
         with:
-          go-version: 1.24.x
+          go-version: 1.25.x
       - name: run test
         run: make test ENVTEST_K8S_VERSION=${{ matrix.kubernetes-version }}
 
@@ -108,7 +108,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
         with:
-          go-version: 1.24.x
+          go-version: 1.25.x
       - name: build
         run: make build
       - name: Check if working tree is dirty
@@ -136,51 +136,6 @@ jobs:
           echo $profiles
           echo "::set-output name=matrix::$profiles"
 
-  e2e-tests:
-    runs-on: ubuntu-latest
-    needs:
-    - build
-    strategy:
-      matrix:
-        profile: ${{ fromJson(needs.build.outputs.profiles) }}
-    steps:
-      - name: Harden Runner
-        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
-        with:
-          egress-policy: audit
-      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
-      - name: Setup Go
-        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
-        with:
-          go-version: 1.24.x
-      - name: Setup Kubernetes
-        uses: engineerd/setup-kind@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0 #v0.5.0
-        with:
-          version: v0.17.0
-      - name: Download webhook-controller container
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
-        with:
-          name: webhook-controller-container
-          path: /tmp
-      - name: Load images
-        run: |
-          docker load --input /tmp/webhook-controller-container.tar
-          docker image ls -a
-      - name: Setup Kustomize
-        uses: imranismail/setup-kustomize@2ba527d4d055ab63514ba50a99456fc35684947f # v2.1.0
-      - name: Run test
-        run: |
-          make kind-test TEST_PROFILE=${{ matrix.profile }}
-      - name: Debug failure
-        if: failure()
-        run: |
-          kubectl -n kube-system describe pods
-          kubectl -n webhook-system describe pods
-          kubectl -n webhook-system get all
-          kubectl -n webhook-system logs deploy/webhook-controller
-          kubectl -n webhook-system get webhookinstance -o yaml
-
   test-chart: 
     runs-on: ubuntu-latest
     needs:
@@ -227,6 +182,6 @@ jobs:
 
   test-success:
     runs-on: ubuntu-latest
-    needs: [test, e2e-tests]
+    needs: [test]
     steps:
     - run: echo "all tests succeeded"
@@ -24,7 +24,7 @@ jobs:
           fetch-depth: 0
       - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
         with:
-          go-version: '1.24.x'
+          go-version: '1.25.x'
       - name: Docker Login
         uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
         with:
 
@@ -41,7 +41,7 @@ help: ## Display this help.
 
 .PHONY: manifests
 manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
-	$(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/base/crd/bases
+	$(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:rbac:artifacts:config=config/base/rbac output:crd:artifacts:config=config/base/crd/bases
 	cp config/base/crd/bases/* chart/webhook-controller/crds/
 
 .PHONY: generate
@@ -134,7 +134,7 @@ undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/confi
 CONTROLLER_GEN = $(GOBIN)/controller-gen
 .PHONY: controller-gen
 controller-gen: ## Download controller-gen locally if necessary.
-	$(call go-install-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.16.1)
+	$(call go-install-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.18.0)
 
 GOLANGCI_LINT = $(GOBIN)/golangci-lint
 .PHONY: golangci-lint
@@ -149,7 +149,7 @@ kustomize: ## Download kustomize locally if necessary.
 ENVTEST = $(GOBIN)/setup-envtest
 .PHONY: envtest
 envtest: ## Download envtest-setup locally if necessary.
-	$(call go-install-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@release-0.17)
+	$(call go-install-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@release-0.22)
 
 # go-install-tool will 'go install' any package $2 and install it to $1
 define go-install-tool
 
@@ -9,8 +9,8 @@ resources:
     namespaced: true
   controller: true
   domain: doodle.com
-  group: proxy.infra.doodle.com
-  kind: RequestClone
+  group: webhook.infra.doodle.com
+  kind: Receiver
   path: github.com/doodlescheduling/webhook-controller/api/v1beta1
   version: v1beta1
 version: "3"
@@ -8,56 +8,179 @@
 [![license](https://img.shields.io/github/license/DoodleScheduling/webhook-controller.svg)](https://github.com/DoodleScheduling/webhook-controller/blob/master/LICENSE)
 
 This HTTP proxy duplicates incoming requests and sends concurrently to multiple targets.
-The response will be HTTP 202 Accepted if at least one matching target was found. The responses from the targets are not exposed
-to upstream by design.
+The response is asynchronous by default `HTTP 202 Accepted` if at least one matching target was found.
+However alternatively synchronous processing is also supported (see bellow).
 
 ## Why?
 This proxy is especially useful for handling incoming webhooks which need to be distributed to multiple targets.
 However it can be used for any other use case where a request needs to be duplicated.
 
-## Example RequestClone
+## Setup
+
+The proxy should not be exposed directly to the public. Rather should traffic be routed via an ingress controller
+to the webhook-controller.
 
-These two targets both match `webhook-receiver.example.com`, meaning any incoming request will be sent to both endpoints.
-In this case to `webhook-receiver-app-1:80` and `webhook-receiver-app-2:80`.
+## Example Receiver
+
+In this example an incoming http request will be cloned and forwarded to `podinfo:http` and `podinfo-v2:9091`.
+The response will be `HTTP 202 Accepted` no matter what these targets will respond.
 
 ```yaml
-apiVersion: proxy.infra.doodle.com/v1beta1
-kind: RequestClone
+apiVersion: webhook.infra.doodle.com/v1beta1
+kind: Receiver
 metadata:
   name: webhook-receiver
-  namespace: apps
 spec:
-  host: webhook-receiver.example.com
-  backend:
-    serviceName: webhook-receiver-app-1
-    servicePort: http
----
-apiVersion: proxy.infra.doodle.com/v1beta1
-kind: RequestClone
+  targets:
+  - service:
+      name: podinfo
+      port:
+        name: http
+  - service:
+      name: podinfo-v2
+      port:
+        number: 9091
+```
+
+Once the controller reconciled the receiver it will be registered in the proxy which by default processes incoming requests at port `8080`.
+Each receiver will receive its own dedicated http path to which webhooks can be send to. See `.status.webhookPath`.
+Usually the webhook-controller is exposed via an ingress. In this case the the webhooks must sent to `http://ingress-host/hooks/ixuxbmoofkiq9s2l61h6i2sl6hdgwnud`.
+**Note**: The webhookPath will not change anymore once it was set.
+
+```
+apiVersion: webhook.infra.doodle.com/v1beta1
+kind: Receiver
 metadata:
   name: webhook-receiver
-  namespace: apps
 spec:
-  host: webhook-receiver.example.com
-  backend:
-    serviceName: webhook-receiver-app-2
-    servicePort: http
+  type: Async
+  targets:
+  - service:
+      name: podinfo
+      port:
+        name: http
+  - service:
+      name: podinfo-v2
+      port:
+        name: http
+  spec:
+    responseType: Async
+    targets:
+    - service:
+        name: podinfo
+        port:
+          name: http
+  status:
+    conditions:
+    - lastTransitionTime: "2025-12-15T07:41:02Z"
+      message: receiver successfully registered
+      reason: ServiceBackendReady
+      status: "True"
+      type: Ready
+    webhookPath: /hooks/ixuxbmoofkiq9s2l61h6i2sl6hdgwnud
+```
+
+## More configurations
 
+### Response type
+Besides async responses a receiver can also be synchronous. Meaning it will await the upstream responses.
+In this case `AwaitAllPreferSuccessful` will wait for both upstream targets and will send downstream the first successful http response from either targets once all targets
+were processed.
+
+```yaml
+apiVersion: webhook.infra.doodle.com/v1beta1
+kind: Receiver
+metadata:
+  name: webhook-receiver
+spec:
+  type: AwaitAllPreferSuccessful
+  targets:
+  - service:
+      name: podinfo
+      port:
+        name: http
+  - service:
+      name: podinfo-v2
+      port:
+        number: 9091
 ```
-North south routing looks like this:
+
+The following types are supported:
+* `Async` - The default, does not await reponses from upstream and immeadiately acknowledges incoming requests with a `HTTP 202 Accepted`.
+* `AwaitAllPreferSuccessful` - Await all upstream responses and send back the first successful repsonse (>= 200 && < 400). If all of them are not successful it will send back the first error response.
+* `AwaitAllPreferFailed` - Await all upstream responses and send back the first failed repsonse (< 200 && >= 400). If all of them are successful it will send back the first sucessful response.
+* `AwaitAllReport` - Await all upstream responses and send back a json object containing all target responses including status code, body and headers. The status code of this type will always be `HTTP 200 OK`.
+
+### Path rewrite
+
+By default http requests are sent upstream to `/`. The target path can be rewritten like:
+
+```yaml
+apiVersion: webhook.infra.doodle.com/v1beta1
+kind: Receiver
+metadata:
+  name: webhook-receiver
+spec:
+  timeout: 3s
+  targets:
+  - path: /new/path
+    service:
+      name: podinfo
+      port:
+        name: http
+  - path: /another/path
+    service:
+      name: podinfo-v2
+      port:
+        number: 9091
 ```
-                                                                      
-                                => Ingress controller proxy =>          => webhook-receiver-app-1:80
-              client                                            webhook      
-[webhook-receiver.example.com]  <=                          <=          => webhook-receiver-app-2:80
-                                          202 Accepted
+
+### Timeout
+
+The default timeout for upstream requests is `10s`, this can be changed however:
+
+```yaml
+apiVersion: webhook.infra.doodle.com/v1beta1
+kind: Receiver
+metadata:
+  name: webhook-receiver
+spec:
+  timeout: 3s
+  targets:
+  - service:
+      name: podinfo
+      port:
+        name: http
+  - service:
+      name: podinfo-v2
+      port:
+        number: 9091
 ```
 
+### Cross namespace targets
 
-## Setup
+By default target services are only selected in the same namespace the receiver lives. A receiver can discover services across namespaces by defining a namespace selector on the target. In this case a service called `podinfo` will be disovered in any namespace on the cluster.
 
-The proxy should not be exposed directly to the public. Rather should traffic be routed via an ingress controller
-and only hosts which are used to duplicate requests should be routed via this proxy.
+```yaml
+apiVersion: webhook.infra.doodle.com/v1beta1
+kind: Receiver
+metadata:
+  name: webhook-receiver
+spec:
+  type: AwaitAllPreferSuccessful
+  targets:
+  - service:
+      name: podinfo
+      port:
+        name: http
+    namespaceSelector: {}
+
+```
+
+### OpenTelemetry distributed tracing
+The controller supports http traces for the requests. See the `--otel-*` controller flags bellow. 
+
+## Installation
 
 ### Helm chart
 
@@ -95,8 +218,6 @@ The controller can be configured using cmd args:
 --otel-tls-client-cert-path string          Opentelemetry gRPC mTLS client cert path
 --otel-tls-client-key-path string           Opentelemetry gRPC mTLS client key path
 --otel-tls-root-ca-path string              Opentelemetry gRPC mTLS root CA path
---proxy-read-timeout duration               Read timeout for proxy requests. (default 10s)
---proxy-write-timeout duration              Write timeout for proxy requests. (default 10s)
 --watch-all-namespaces                      Watch for resources in all namespaces, if set to false it will only watch the runtime namespace. (default true)
 --watch-label-selector string               Watch for resources with matching labels e.g. 'sharding.fluxcd.io/shard=shard1'.
 ```
@@ -14,9 +14,9 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// Package v1beta1 contains API Schema definitions for the request.infra.doodle.com v1beta1 API group
+// Package v1beta1 contains API Schema definitions for the webhook.infra.doodle.com v1beta1 API group
 // +kubebuilder:object:generate=true
-// +groupName=proxy.infra.doodle.com
+// +groupName=webhook.infra.doodle.com
 package v1beta1
 
 import (
@@ -26,7 +26,7 @@ import (
 
 var (
 	// GroupVersion is group version used to register these objects
-	GroupVersion = schema.GroupVersion{Group: "proxy.infra.doodle.com", Version: "v1beta1"}
+	GroupVersion = schema.GroupVersion{Group: "webhook.infra.doodle.com", Version: "v1beta1"}
 
 	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
 	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}