build: first version of JReleaser config

Author: quintesse

.github/workflows/ci.yml

@@ -24,8 +24,12 @@ jobs:
         distribution: 'temurin'
         cache: maven
 
+    - name: Grant execute permission for mvnw
+      if: runner.os != 'Windows'
+      run: chmod +x mvnw
+    
     - name: Build with Maven
-      run: mvn -B verify --file pom.xml
+      run: ./mvnw -B verify --file pom.xml
 
     - name: Publish Test Results
       uses: EnricoMi/publish-unit-test-result-action@v2

.github/workflows/release.yml

@@ -0,0 +1,79 @@
+name: Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Release version (e.g., 1.0.0)'
+        required: true
+        type: string
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    
+    permissions:
+      contents: write  # Required to create releases and push commits
+    
+    # Optional: Use environment for additional protection
+    # environment: jreleaser
+    
+    env:
+      # GitHub token (automatically provided)
+      JRELEASER_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      
+      # Required for Maven Central deployment
+      JRELEASER_GPG_PUBLIC_KEY: ${{ secrets.GPG_PUBLIC_KEY }}
+      JRELEASER_GPG_SECRET_KEY: ${{ secrets.GPG_SECRET_KEY }}
+      JRELEASER_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+      JRELEASER_MAVENCENTRAL_USERNAME: ${{ secrets.MAVENCENTRAL_USERNAME }}
+      JRELEASER_MAVENCENTRAL_PASSWORD: ${{ secrets.MAVENCENTRAL_PASSWORD }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Full history for changelog generation
+
+      - name: Set up JDK 21
+        uses: actions/setup-java@v4
+        with:
+          java-version: '21'
+          distribution: 'temurin'
+          cache: maven
+
+      - name: Set release version
+        run: ./mvnw --no-transfer-progress --batch-mode versions:set -DnewVersion=${{ github.event.inputs.version }}
+
+      - name: Build and assemble
+        run: ./mvnw --no-transfer-progress --batch-mode clean deploy jreleaser:assemble -Prelease
+
+      - name: Commit & Push changes
+        run: |
+          git config --global user.name "github-actions[bot]"
+          git config --global user.email "github-actions[bot]@users.noreply.github.com"
+          git add pom.xml
+          git commit -m "ci: Releasing version ${{ github.event.inputs.version }}"
+          git push
+
+      - name: Run JReleaser
+        run: ./mvnw jreleaser:full-release
+
+      - name: Set next development version
+        run: ./mvnw --no-transfer-progress --batch-mode build-helper:parse-version versions:set -DnewVersion=\${parsedVersion.majorVersion}.\${parsedVersion.minorVersion}.\${parsedVersion.nextIncrementalVersion}-SNAPSHOT versions:commit
+
+      - name: Commit & Push changes
+        run: |
+          git add pom.xml
+          git commit -m "ci: Prepare for next development iteration"
+          git push
+
+      - name: Upload JReleaser output
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: jreleaser-output
+          path: |
+            target/jreleaser/trace.log
+            target/jreleaser/output.properties
+          retention-days: 7

README.md

@@ -1,21 +1,15 @@
 # Java Transparent Proxy
 
-A lightweight HTTP/HTTPS proxy library with pluggable interceptors and full MITM HTTPS support, built on Jetty 11 and Java 21 virtual threads.
+A lightweight HTTP/HTTPS proxy library with pluggable interceptors and full MITM HTTPS support.
 
 ## Features
 
-- **HTTP Proxy** — Full HTTP/1.1 proxy with RFC 7230 hop-by-hop header filtering
+- **HTTP Proxy** — Full HTTP/1.1 proxy
 - **HTTPS Interception** — Man-in-the-Middle mode with on-the-fly certificate generation
 - **HTTPS Pass-through** — Secure tunneling via CONNECT (no decryption)
 - **Pluggable Interceptors** — Chain-of-responsibility for inspecting/modifying requests and responses
-- **Virtual Threads** — Java 21 virtual threads for high concurrency
 - **Certificate Authority** — Auto-generated CA with per-hostname server certificates (BouncyCastle)
 
-## Requirements
-
-- Java 21+
-- Maven 3.6+
-
 ## Usage
 
 ### Basic HTTP Proxy
@@ -145,29 +139,10 @@ proxy.start(8080); // HTTPS passes through unmodified
 ./mvnw package     # Package JAR
 ```
 
-## Project Structure
-
-```
-src/main/java/org/codejive/tproxy/
-├── HttpProxy.java                      # Main proxy class
-├── ProxyServer.java                    # Jetty server setup
-├── Interceptor.java                    # Interceptor interface
-├── InterceptorChain.java               # Chain-of-responsibility
-├── ProxyRequest.java                   # Immutable request model
-├── ProxyResponse.java                  # Immutable response model
-├── Headers.java                        # Case-insensitive header map
-├── HeaderFilter.java                   # RFC 7230 header filtering
-├── CertificateAuthority.java           # CA and cert generation
-├── CertificateGeneratingKeyManager.java # SNI-based dynamic certs
-└── InterceptingConnectHandler.java     # MITM CONNECT handler
-```
-
-## Dependencies
+## Requirements
 
-- **Jetty 11.0.24** — HTTP server, proxy, servlet
-- **BouncyCastle 1.78.1** — Certificate generation
-- **SLF4J 2.0.17** — Logging
-- **JUnit 5 / AssertJ / WireMock 3.4.2** — Testing
+- Java 21+
+- Maven 3.6+
 
 ## License
 

RELEASE.md

@@ -0,0 +1,112 @@
+# Release Process
+
+This project uses [JReleaser](https://jreleaser.org/) for automated releases to GitHub and Maven Central.
+
+## Prerequisites
+
+Ensure GitHub secrets are configured (see First-Time Setup below if not already configured).
+
+## Creating a Release
+
+1. **Ensure all changes are committed and pushed**
+
+   ```bash
+   git status  # Should be clean
+   ```
+
+2. **Trigger the release workflow**
+   - Go to [Actions → Release](../../actions/workflows/release.yml)
+   - Click **Run workflow**
+   - Enter the release version (e.g., `1.0.0`)
+   - Click **Run workflow**
+
+3. **Monitor the workflow**
+   - The workflow will:
+     - Update version in pom.xml
+     - Build and sign artifacts
+     - Deploy to Maven Central
+     - Create GitHub release with changelog
+     - Bump to next SNAPSHOT version
+
+4. **Verify the release**
+   - Check [GitHub Releases](../../releases)
+   - Check Maven Central (may take ~30 minutes)
+
+## Local Testing (Optional)
+
+Test the configuration before releasing:
+
+```bash
+# Validate configuration
+./mvnw jreleaser:config
+
+# Test build with release profile
+./mvnw clean install -Prelease
+
+# Check assembled artifacts
+ls -la target/staging-deploy/
+```
+
+## First-Time Setup
+
+### 1. Generate GPG Keys
+
+```bash
+# Generate key
+gpg --gen-key
+
+# Get key ID
+gpg --list-secret-keys --keyid-format=long
+
+# Export keys
+gpg --armor --export YOUR_KEY_ID > public.key
+gpg --armor --export-secret-keys YOUR_KEY_ID > private.key
+
+# Publish to key server
+gpg --keyserver keyserver.ubuntu.com --send-keys YOUR_KEY_ID
+```
+
+### 2. Register at Maven Central
+
+1. Sign up at https://central.sonatype.com/
+2. Verify ownership of your namespace (e.g., `org.codejive.tproxy`)
+3. Get username and password/token
+
+### 3. Configure GitHub Secrets
+
+Add these secrets at [Settings → Secrets and variables → Actions](../../settings/secrets/actions):
+
+| Secret Name | Description | How to Get It |
+| ----------- | ----------- | ------------- |
+| `GPG_PUBLIC_KEY` | Your GPG public key | Copy entire contents of `public.key` file |
+| `GPG_SECRET_KEY` | Your GPG private key | Copy entire contents of `private.key` file |
+| `GPG_PASSPHRASE` | Passphrase for your GPG key | The passphrase you entered when generating the key |
+| `MAVENCENTRAL_USERNAME` | Maven Central username | From your Maven Central account token |
+| `MAVENCENTRAL_PASSWORD` | Maven Central password | From your Maven Central account token |
+
+**Note:** The `GITHUB_TOKEN` is automatically provided by GitHub Actions and doesn't need to be configured.
+
+### 4. Optional: Create a Protected Environment
+
+For additional security, you can create a protected environment:
+
+1. Go to Settings → Environments
+2. Click "New environment"
+3. Name it `jreleaser`
+4. Add protection rules:
+   - ✅ Required reviewers (recommended for production releases)
+   - ✅ Wait timer (optional delay before deployment)
+5. Add the same secrets to this environment
+
+Then uncomment this line in `.github/workflows/release.yml`:
+
+```yaml
+# environment: jreleaser
+```
+
+## Version Management
+
+- Development versions use `-SNAPSHOT` suffix (e.g., `1.0.0-SNAPSHOT`)
+- Release versions have no suffix (e.g., `1.0.0`)
+- The workflow automatically bumps to next SNAPSHOT after release
+- Use [semantic versioning](https://semver.org/): MAJOR.MINOR.PATCH

jreleaser.yml

@@ -0,0 +1,71 @@
+# JReleaser configuration for java-tproxy library
+# Publishes to Maven Central and GitHub Releases
+# Requires GPG signing for Maven Central
+
+project:
+  name: tproxy
+  description: A lightweight HTTP/HTTPS proxy library with pluggable interceptors and full MITM HTTPS support
+  longDescription: |
+    Java Transparent Proxy is a lightweight HTTP/HTTPS proxy library.
+    
+    Key features:
+    - Full HTTP/1.1 proxy
+    - Man-in-the-Middle mode with on-the-fly certificate generation for HTTPS interception
+    - Secure tunneling via CONNECT for HTTPS pass-through (no decryption)
+    - Pluggable interceptors with chain-of-responsibility pattern
+    - Auto-generated CA with per-hostname server certificates using BouncyCastle
+  authors:
+    - Tako Schotanus
+  tags:
+    - java
+    - proxy
+    - http
+    - https
+    - mitm
+    - interceptor
+    - library
+  license: Apache-2.0
+  links:
+    homepage: https://github.com/codejive/java-tproxy
+  java:
+    groupId: org.codejive.tproxy
+    version: '21'
+  inceptionYear: '2026'
+  stereotype: NONE
+
+# No assembly needed for libraries - Maven handles JARs
+assemble:
+  enabled: false
+
+# Maven Central deployment configuration
+deploy:
+  maven:
+    mavenCentral:
+      tproxy:
+        active: RELEASE  # Only deploy non-SNAPSHOT versions
+        url: https://central.sonatype.com/api/v1/publisher
+        stagingRepositories:
+          - target/staging-deploy
+
+# GitHub release configuration
+release:
+  github:
+    owner: codejive
+    name: java-tproxy
+    overwrite: true
+    changelog:
+      formatted: ALWAYS
+      preset: conventional-commits
+      contributors:
+        format: '- {{contributorName}}{{#contributorUsernameAsLink}} ({{.}}){{/contributorUsernameAsLink}}'
+
+# Checksum generation
+checksum:
+  individual: true
+
+# GPG signing - REQUIRED for Maven Central
+signing:
+  active: ALWAYS
+  armored: true
+
+# No distributions section needed for library-only projects