Module 5 / Checkpoint

Phase 5 Checkpoint: Application Readiness

Confirm Phases 0-5 form an application-ready backend story before observability and deployment.

Concept

Phases 0-5 are the application-readiness checkpoint: language basics, Spring skeleton, SQL invariants, Hibernate behavior, cross-database testing, hardened API contracts, and security proof.

Task

  1. Run the hardening and security proof tests.
  2. Confirm the articles link back to tests, ADRs, and the Swagger artifact.
  3. Tag phase-5-done.
  4. Leave observability, CI/CD, and interview mapping for M7.

Run

./gradlew test --tests "*ApiBoundaryArchTest"
./gradlew test --tests "*ProblemDetailContractTest"
./gradlew test --tests "*SecurityAuthorizationTest"
git tag phase-5-done

Expected Result

  • The checkpoint clearly says application readiness, not production deployment.

Common Traps

  • Calling the system production-ready before observability and deployment exist.
  • Skipping the ADRs because tests pass.
  • Pulling accounts or hosted grading out of LATER.md.

Hint Ladder

Hint 1

Application-ready means the code shape is ready for the next operational layer.

Hint 2

Security proof is not the same as deployment proof.

Hint 3

The next milestone starts with observability, not another platform feature.

Solution

See docs/milestone-audit.md for the M6 evidence map.

Boot 3 to 4 Delta

Boot 4 and Framework 7 keep Spring Security's filter-chain model recognizable. The course note should compare configuration idioms without changing the credential-transport reasoning.