From 18a9ada3b14f521c0487e5a9bab44f4b974e1cb6 Mon Sep 17 00:00:00 2001
From: Sergio Cazzolato <sergio.cazzolato@canonical.com>
Date: Fri, 9 Aug 2024 14:57:11 -0300
Subject: [PATCH] tests: fixes for fde and devmode-snap-seeded-dangerous nested
 tests (#14301)

* tests: fixes for fde and devmode-snap-seeded-dangerous nested tests

This change renames models used for fde tests
Also adapt some nested tests to run in uc24

* revert change related to ubuntu-seed

* fix shellcheck errors

* more fixes for boot dir

* remove support for uc24 on fde-on-classic test

* fix hybrid-remodel test

the test still fails because of this issue
https://paste.ubuntu.com/p/gZvZRtvjTz/

* updating classic models to use pc-kernel from beta by default

* download 23.10 pc snap for uc22 in hybrid-remodel test
---
 tests/lib/assertions/classic-model-22.assert  |  44 +++
 ...assic-model.json => classic-model-22.json} |   2 +-
 tests/lib/assertions/classic-model-24.assert  |  44 +++
 .../assertions/classic-model-24.json}         |  16 +-
 ...v1.assert => classic-model-rev1-22.assert} |   0
 ...l-rev1.json => classic-model-rev1-22.json} |   0
 .../assertions/classic-model-rev1-24.assert   |  50 +++
 .../lib/assertions/classic-model-rev1-24.json |  47 +++
 tests/lib/assertions/classic-model.assert     |  44 ---
 tests/lib/prepare.sh                          |   4 +-
 tests/main/mkimage-uc22/task.yaml             |   2 +-
 .../uc24-devmode/meta/snap.yaml               |   9 +
 .../uc24-devmode/true                         |   3 +
 .../fde-on-classic/classic-model.assert       |  44 ---
 .../nested/manual/fde-on-classic/mk-image.sh  | 333 ------------------
 tests/nested/manual/fde-on-classic/model-etc  |  92 -----
 .../fde-on-classic/replace-image-files.sh     |  81 -----
 tests/nested/manual/fde-on-classic/task.yaml  |  41 ++-
 .../manual/fde-on-classic/tweak-gadget.py     |   7 +-
 tests/nested/manual/hybrid-remodel/task.yaml  |  28 +-
 .../manual/uc20-fde-hooks-ice/task.yaml       |  17 +-
 21 files changed, 265 insertions(+), 643 deletions(-)
 create mode 100644 tests/lib/assertions/classic-model-22.assert
 rename tests/lib/assertions/{classic-model.json => classic-model-22.json} (95%)
 create mode 100644 tests/lib/assertions/classic-model-24.assert
 rename tests/{nested/manual/fde-on-classic/classic-model.json => lib/assertions/classic-model-24.json} (72%)
 rename tests/lib/assertions/{classic-model-rev1.assert => classic-model-rev1-22.assert} (100%)
 rename tests/lib/assertions/{classic-model-rev1.json => classic-model-rev1-22.json} (100%)
 create mode 100644 tests/lib/assertions/classic-model-rev1-24.assert
 create mode 100644 tests/lib/assertions/classic-model-rev1-24.json
 delete mode 100644 tests/lib/assertions/classic-model.assert
 create mode 100644 tests/nested/manual/devmode-snap-seeded-dangerous/uc24-devmode/meta/snap.yaml
 create mode 100755 tests/nested/manual/devmode-snap-seeded-dangerous/uc24-devmode/true
 delete mode 100644 tests/nested/manual/fde-on-classic/classic-model.assert
 delete mode 100755 tests/nested/manual/fde-on-classic/mk-image.sh
 delete mode 100644 tests/nested/manual/fde-on-classic/model-etc
 delete mode 100755 tests/nested/manual/fde-on-classic/replace-image-files.sh

diff --git a/tests/lib/assertions/classic-model-22.assert b/tests/lib/assertions/classic-model-22.assert
new file mode 100644
index 00000000000..e1f6ecb594c
--- /dev/null
+++ b/tests/lib/assertions/classic-model-22.assert
@@ -0,0 +1,44 @@
+type: model
+authority-id: test-snapd
+series: 16
+brand-id: test-snapd
+model: ubuntu-core-22-pc-amd64
+architecture: amd64
+base: core22
+classic: true
+distribution: ubuntu
+grade: dangerous
+serial-authority:
+  - generic
+snaps:
+  -
+    default-channel: 22/edge
+    name: pc
+    type: gadget
+  -
+    default-channel: 22/beta
+    name: pc-kernel
+    type: kernel
+  -
+    default-channel: latest/edge
+    id: amcUKQILKXHHTlmSa7NMdnXSx02dNeeT
+    name: core22
+    type: base
+  -
+    default-channel: latest/edge
+    id: PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4
+    name: snapd
+    type: snapd
+timestamp: 2023-11-09T07:50:10+00:00
+sign-key-sha3-384: 7qWG-Uwck6Dji43a3Z8ZZrm7rAziZAch3xf76iFvqe4GaD0LI7U9lYPWMSJAsEgu
+
+AcLBcwQAAQoAHRYhBGESvKlz1RXG1IBOC0MdJKf2hr9ABQJmtOLMAAoJEEMdJKf2hr9A7rIP/38k
+2dG1jeI9RgPN0nKEE/fbYqD0SxrKhiPqTWsiQOXWqcp9ywgSAF7mTF9m2OaLPWtitnkH6QGXdZk/
+7thgrUZU441oqF/EbLVd6nJWRyjZWr6FWDRYWr6Qe1Y/Ebx6+OubFrLBL1a/FVDWcatce+Es2JVX
+nxFOGgvF3kDF/Tmzy116bgnsi/sP6U/v+dPYLfjEEzV9aLLYqj43cbkVsD8n6tx1DhpVslM6XT1y
+qaBCiwMJRIb3uxYs4wo2bAILjN0WYHxzlaUVsDO2FPl4V9HOuVhYb6SFXrBsgPEYwch8P4GPldgW
+LO3Hwoplv22AIL+MVG3rOR8XmBrfyKcwkl3iQWriJ+i5U1vI/8sNmO5oLFxQN+Y14AYa9NbOdtlm
+8sh9c9ENE3je36asp7OJZOBAZEEJGcx7p2dD7FD58ne2kisdga3VnDfIHE7RAGcbRubLKhYnzPWR
+W6ALKwesPEbfJ6kSoxdHH0EjUxCM9/rESrJ8STH/85yjs7VNp1CTojWiZGq5Z3dTe68yJFRisdgs
+WhOcBzy5e9WHWywUjHAOt/Vw+/sDiplxdtvueLjySqWskFpN5l2wU0O6DeK0ioPL1yR8VRLsBkJa
+0JtRutlDcS0W90b6SOj+QLVL9yGGuKc/zu25N3TOiZD6rKxpiBNYiRWVjVjn6zLzjCjRjsf5
\ No newline at end of file
diff --git a/tests/lib/assertions/classic-model.json b/tests/lib/assertions/classic-model-22.json
similarity index 95%
rename from tests/lib/assertions/classic-model.json
rename to tests/lib/assertions/classic-model-22.json
index f1419de4468..d1168b0ee53 100644
--- a/tests/lib/assertions/classic-model.json
+++ b/tests/lib/assertions/classic-model-22.json
@@ -22,7 +22,7 @@
         {
             "name": "pc-kernel",
             "type": "kernel",
-            "default-channel": "22/edge"
+            "default-channel": "22/beta"
         },
         {
             "name": "core22",
diff --git a/tests/lib/assertions/classic-model-24.assert b/tests/lib/assertions/classic-model-24.assert
new file mode 100644
index 00000000000..4bbc36a415b
--- /dev/null
+++ b/tests/lib/assertions/classic-model-24.assert
@@ -0,0 +1,44 @@
+type: model
+authority-id: test-snapd
+series: 16
+brand-id: test-snapd
+model: ubuntu-core-24-pc-amd64
+architecture: amd64
+base: core24
+classic: true
+distribution: ubuntu
+grade: dangerous
+serial-authority:
+  - generic
+snaps:
+  -
+    default-channel: 24/edge
+    name: pc
+    type: gadget
+  -
+    default-channel: 24/beta
+    name: pc-kernel
+    type: kernel
+  -
+    default-channel: latest/edge
+    id: dwTAh7MZZ01zyriOZErqd1JynQLiOGvM
+    name: core24
+    type: base
+  -
+    default-channel: latest/edge
+    id: PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4
+    name: snapd
+    type: snapd
+timestamp: 2024-08-02T00:00:00+00:00
+sign-key-sha3-384: 7qWG-Uwck6Dji43a3Z8ZZrm7rAziZAch3xf76iFvqe4GaD0LI7U9lYPWMSJAsEgu
+
+AcLBcwQAAQoAHRYhBGESvKlz1RXG1IBOC0MdJKf2hr9ABQJmtOLnAAoJEEMdJKf2hr9ABGMP+QHw
+q7J7KLiz/slrwelWmxzJE8m+odTK23ttFXB5da5UKjFOnpMdY0ZgWDGAPW/d1r3/T8+agsPYGMhM
+EyP0YNaVEhbAoZqd2jrFYPO2185zOtTtpsunnrGklfJv9YhMbXj3qfuSDnzZyKfBbiVMrfcHRV8y
+4EksSGfTE4vvlsqcg4dNnwpRoNEKcGzmaHExS+nOWVV88VxmzpJVc4UCDRV3bTeAEGQ0O1OQ48we
+7Ke8+z+LD46hj7uSCyCtLFxFNWpnTQYdnA/8oJFPZ3+5DIFtgatFqjMONMNZWbSOB1e1eMzIFD97
+9/ilLi14VGBAAB3ULotauYA/hb+YG7f5bZ14/gUyWjaVglsiUZFeHs22uPpEdgrjVQfbMujL8pJN
+hrdb5d8BFkduvNhh/PbbTwalhP5xCE5dWHeec2IVAYgHFI03yX/9jR4x4ddjwNYwo9em2Iu0t0aE
+LvGEjOz6+yPBHWpICRjvapa1hcUMnmWIpsp082bxOjLgKq68NnplHt/fZ4f4DDKETUCvxyIAEQZ8
+75IJvZLg5CJt5cmeJHUE5w0pA//jQv1pTA6PjJ7kLfZZgnDtufHfqcQdGpgtarI3MkWK5vNqhk1m
+z0HPYp1oZpHUq/vxW7MzHtCpHGQ4jHncAc/5ecyIJVFb9dqxnZZWzaAogYXrGOrfdCBQmSeh
\ No newline at end of file
diff --git a/tests/nested/manual/fde-on-classic/classic-model.json b/tests/lib/assertions/classic-model-24.json
similarity index 72%
rename from tests/nested/manual/fde-on-classic/classic-model.json
rename to tests/lib/assertions/classic-model-24.json
index 2a7ce043bc3..b802e39083d 100644
--- a/tests/nested/manual/fde-on-classic/classic-model.json
+++ b/tests/lib/assertions/classic-model-24.json
@@ -3,10 +3,10 @@
     "series": "16",
     "authority-id": "<YOUR_ID_HERE>",
     "brand-id": "<YOUR_ID_HERE>",
-    "model": "ubuntu-core-22-pc-amd64",
+    "model": "ubuntu-core-24-pc-amd64",
     "architecture": "amd64",
-    "timestamp": "2022-03-31T12:00:00.0Z",
-    "base": "core22",
+    "timestamp": "2024-08-02T00:00:00+00:00",
+    "base": "core24",
     "grade": "dangerous",
     "classic": "true",
     "distribution": "ubuntu",
@@ -17,18 +17,18 @@
         {
             "name": "pc",
             "type": "gadget",
-            "default-channel": "22/edge"
+            "default-channel": "24/edge"
         },
         {
             "name": "pc-kernel",
             "type": "kernel",
-            "default-channel": "22/edge"
+            "default-channel": "24/beta"
         },
         {
-            "name": "core22",
+            "name": "core24",
             "type": "base",
             "default-channel": "latest/edge",
-            "id": "amcUKQILKXHHTlmSa7NMdnXSx02dNeeT"
+            "id": "dwTAh7MZZ01zyriOZErqd1JynQLiOGvM"
         },
         {
             "name": "snapd",
@@ -37,4 +37,4 @@
             "id": "PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4"
         }
     ]
-}
+}
\ No newline at end of file
diff --git a/tests/lib/assertions/classic-model-rev1.assert b/tests/lib/assertions/classic-model-rev1-22.assert
similarity index 100%
rename from tests/lib/assertions/classic-model-rev1.assert
rename to tests/lib/assertions/classic-model-rev1-22.assert
diff --git a/tests/lib/assertions/classic-model-rev1.json b/tests/lib/assertions/classic-model-rev1-22.json
similarity index 100%
rename from tests/lib/assertions/classic-model-rev1.json
rename to tests/lib/assertions/classic-model-rev1-22.json
diff --git a/tests/lib/assertions/classic-model-rev1-24.assert b/tests/lib/assertions/classic-model-rev1-24.assert
new file mode 100644
index 00000000000..2d334f15e38
--- /dev/null
+++ b/tests/lib/assertions/classic-model-rev1-24.assert
@@ -0,0 +1,50 @@
+type: model
+authority-id: test-snapd
+revision: 1
+series: 16
+brand-id: test-snapd
+model: ubuntu-core-24-pc-amd64
+architecture: amd64
+base: core24
+classic: true
+distribution: ubuntu
+grade: dangerous
+serial-authority:
+  - generic
+snaps:
+  -
+    default-channel: 24/edge
+    name: pc
+    type: gadget
+  -
+    default-channel: 24-hwe/stable
+    name: pc-kernel
+    type: kernel
+  -
+    default-channel: latest/stable
+    id: dwTAh7MZZ01zyriOZErqd1JynQLiOGvM
+    name: core24
+    type: base
+  -
+    default-channel: latest/edge
+    id: PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4
+    name: snapd
+    type: snapd
+  -
+    default-channel: latest/edge
+    id: zBAzEImJzOAoGxmoG5o6Tl6ELZXMeUlt
+    name: test-snapd-jq-core24
+    type: app
+timestamp: 2024-08-02T00:00:00+00:00
+sign-key-sha3-384: 7qWG-Uwck6Dji43a3Z8ZZrm7rAziZAch3xf76iFvqe4GaD0LI7U9lYPWMSJAsEgu
+
+AcLBcwQAAQoAHRYhBGESvKlz1RXG1IBOC0MdJKf2hr9ABQJmrOmQAAoJEEMdJKf2hr9A5l0P/iJF
+deI0WrNF6njZqlaFMGGO1yKlqpZGedZI7M4qV3y0nFMCrFILxvlNevY2YYEFdtODvz5ZfEJZmg9w
+J+ddyLeHb0Igd30u/DUxjBrxEW4coFNImVkJAqpNp1w3E/YNUBFwiMg2eadEBM6rkKEf+E3hkPql
+UivLKoaXZ2CMHlqFHW34bFMDhj1NdE9AUx077lTyy8Qc+Q/XNOy1Ybq3ldqgTvTdT6yxBXpQvHNH
+4nC5J/B3l/NXGVBdPYmvncZcHsNpREzTMmhu4rADqpPtweXtAV7r0Hqc9TcrvRb/VOwYerIOTIA+
+N0GQ5bxGUnRng900aOAtHIiAqME6LvTDCZVcfC3HBKtIFgM7b254eFslvLRLFJCELDen3+kEXBj0
+PVp1bKOd+ZExM8vKj18h+pfn/Ahy7PkzSqJLI4PvDOdiSx6GbbVoZCVgSrX3cgK2XQu181vJPlu+
+m55JaYAgHYwM0am6Fn+VyQfqPu471X7z3g0+kCCCN7Vb46VsZ6JRhqP/L2nkcyZhHrBtU4a1q8GN
+Qj3GpsnqCzGbLgCbzg/XjSJ6QsneLtWxdXHS6ozDNis3QsCCttkKiFo4tQh2wBRlnsMauoo91TQn
+a5TuoLKppJPcbTZHFvsApQHSwGalogt7x/oYhJrH5493Ta66XivTixFf9prjS3o0HOwnMhEV
\ No newline at end of file
diff --git a/tests/lib/assertions/classic-model-rev1-24.json b/tests/lib/assertions/classic-model-rev1-24.json
new file mode 100644
index 00000000000..fa27cc04700
--- /dev/null
+++ b/tests/lib/assertions/classic-model-rev1-24.json
@@ -0,0 +1,47 @@
+{
+    "type": "model",
+    "series": "16",
+    "authority-id": "test-snapd",
+    "brand-id": "test-snapd",
+    "model": "ubuntu-core-24-pc-amd64",
+    "architecture": "amd64",
+    "timestamp": "2024-08-02T00:00:00+00:00",
+    "base": "core24",
+    "grade": "dangerous",
+    "classic": "true",
+    "distribution": "ubuntu",
+    "revision": "1",
+    "serial-authority": [
+        "generic"
+    ],
+    "snaps": [
+        {
+            "name": "pc",
+            "type": "gadget",
+            "default-channel": "24/edge"
+        },
+        {
+            "name": "pc-kernel",
+            "type": "kernel",
+            "default-channel": "24-hwe/stable"
+        },
+        {
+            "name": "core24",
+            "type": "base",
+            "default-channel": "latest/stable",
+            "id": "dwTAh7MZZ01zyriOZErqd1JynQLiOGvM"
+        },
+        {
+            "name": "snapd",
+            "type": "snapd",
+            "default-channel": "latest/edge",
+            "id": "PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4"
+        },
+        {
+            "default-channel": "latest/edge",
+            "id": "zBAzEImJzOAoGxmoG5o6Tl6ELZXMeUlt",
+            "name": "test-snapd-jq-core24",
+            "type": "app"
+        }
+    ]
+}
diff --git a/tests/lib/assertions/classic-model.assert b/tests/lib/assertions/classic-model.assert
deleted file mode 100644
index c5e4ff0e848..00000000000
--- a/tests/lib/assertions/classic-model.assert
+++ /dev/null
@@ -1,44 +0,0 @@
-type: model
-authority-id: test-snapd
-series: 16
-brand-id: test-snapd
-model: ubuntu-core-22-pc-amd64
-architecture: amd64
-base: core22
-classic: true
-distribution: ubuntu
-grade: dangerous
-serial-authority:
-  - generic
-snaps:
-  -
-    default-channel: 22/edge
-    name: pc
-    type: gadget
-  -
-    default-channel: 22/edge
-    name: pc-kernel
-    type: kernel
-  -
-    default-channel: latest/edge
-    id: amcUKQILKXHHTlmSa7NMdnXSx02dNeeT
-    name: core22
-    type: base
-  -
-    default-channel: latest/edge
-    id: PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4
-    name: snapd
-    type: snapd
-timestamp: 2023-11-09T07:50:10+00:00
-sign-key-sha3-384: 7qWG-Uwck6Dji43a3Z8ZZrm7rAziZAch3xf76iFvqe4GaD0LI7U9lYPWMSJAsEgu
-
-AcLBcwQAAQoAHRYhBGESvKlz1RXG1IBOC0MdJKf2hr9ABQJlnGDnAAoJEEMdJKf2hr9A6VQQAJcm
-YNtmWEfa1lkCmCeAPEgN62fYHoE+hj1MrnkeZ8vj7bM+yJyGu5WiDkK99KQV2ZcrsURebIp+fz3f
-C1B/X361vUoqKDppZoyybrl4pCZPiLGR2/sESble+jIxFAJlmhvgSchAvjrqsQGeOLyib8hbLyyi
-ueK1OiF9ra3lLkF+AaIDmBTsDirj6EkZ649h5WBWoj0D70cMYdIqg8GA99bgI9KzLO0z/twFzui1
-Lj1cPbnSj3bv8ky5fUYoRJGHWd+RhEtfMPTdqy9MQB8H8KanIJLYGtYqKMHCsbU+SAyo4CEvVDBl
-Set23/6m1yj1pZGWW6cDwWvRBq4ZQCTnyr+RnhEULrw41ONngAFuHgTHKwkMCCwgeYF0KbOjpYgq
-+Eu7HxCbqNs9UhnjcAwQLIjhDULMCM5OlDlneo9UurILbUXUyznGTDKGgu4qvR9Xty8NQ0PF/OJp
-jZLMwnFo8z8VXfPD2Sxuzxa0auTkxJqf6MpHKX4dw6bxzMsG9TrGgn9UDKm8MHrs8rIHcGkUtHGE
-oIDlaMOFBkjuXWNpYpA9jpOiBUqT/om7nY1shfctUrhOo4ZQDMhDHbNZlRKhFgByhOLYANGvl54C
-P4yFgKGgAahKi3gatWd0M/zjiTmOTaAZrQ/9xbu+P3NKtE3CzK299WbjSTKdnHYuBHahVB2U
diff --git a/tests/lib/prepare.sh b/tests/lib/prepare.sh
index af91541edf8..6b1bce898b1 100755
--- a/tests/lib/prepare.sh
+++ b/tests/lib/prepare.sh
@@ -497,7 +497,7 @@ build_snapd_snap() {
         if ! [ -f "${snap}" ]; then
             if [ "${USE_PREBUILT_SNAPD_SNAP}" = true ]; then
                 if [ -n "${USE_SNAPD_SNAP_URL}" ]; then
-                    wget "$USE_SNAPD_SNAP_URL" -O "${snapd_snap_cache}/snapd_from_ci.snap"
+                    wget -q "$USE_SNAPD_SNAP_URL" -O "${snapd_snap_cache}/snapd_from_ci.snap"
                 else
                     cp "${PROJECT_PATH}/built-snap"/snapd_1337.*.snap.keep "${snapd_snap_cache}/snapd_from_ci.snap"
                 fi
@@ -531,7 +531,7 @@ build_snapd_snap_with_run_mode_firstboot_tweaks() {
 
     if [ "${USE_PREBUILT_SNAPD_SNAP}" = true ]; then
         if [ -n "${USE_SNAPD_SNAP_URL}" ]; then
-            wget "$USE_SNAPD_SNAP_URL" -O /tmp/snapd_from_snapcraft.snap
+            wget -q "$USE_SNAPD_SNAP_URL" -O /tmp/snapd_from_snapcraft.snap
         else
             cp "${PROJECT_PATH}/built-snap"/snapd_1337.*.snap.keep "/tmp/snapd_from_snapcraft.snap"
         fi
diff --git a/tests/main/mkimage-uc22/task.yaml b/tests/main/mkimage-uc22/task.yaml
index 8bc38e07483..18f848a4da1 100644
--- a/tests/main/mkimage-uc22/task.yaml
+++ b/tests/main/mkimage-uc22/task.yaml
@@ -32,7 +32,7 @@ prepare: |
       SNAP_DEB_PARAM="--snapd-deb $PROJECT_PATH/../$SNAPD_DEB"
   fi
   # shellcheck disable=SC2086
-  "$TESTSTOOLS"/mkimage-uc22 --base-dir "$PWD" --snap pc_x1.snap $SNAP_DEB_PARAM "$TESTSLIB"/assertions/classic-model.assert
+  "$TESTSTOOLS"/mkimage-uc22 --base-dir "$PWD" --snap pc_x1.snap $SNAP_DEB_PARAM "$TESTSLIB"/assertions/classic-model-22.assert
 
   tests.pkgs install qemu qemu-utils genisoimage sshpass qemu-kvm cloud-image-utils ovmf kpartx cpu-checker
 
diff --git a/tests/nested/manual/devmode-snap-seeded-dangerous/uc24-devmode/meta/snap.yaml b/tests/nested/manual/devmode-snap-seeded-dangerous/uc24-devmode/meta/snap.yaml
new file mode 100644
index 00000000000..84f46af4512
--- /dev/null
+++ b/tests/nested/manual/devmode-snap-seeded-dangerous/uc24-devmode/meta/snap.yaml
@@ -0,0 +1,9 @@
+name: test-snapd-devmode-core24
+version: 1.0
+base: core24
+summary: Basic core24 snap with devmode confinement
+description: A basic buildable snap that asks for devmode confinement
+confinement: devmode
+apps:
+  test-snapd-devmode-core24:
+    command: true
diff --git a/tests/nested/manual/devmode-snap-seeded-dangerous/uc24-devmode/true b/tests/nested/manual/devmode-snap-seeded-dangerous/uc24-devmode/true
new file mode 100755
index 00000000000..296ef781c6f
--- /dev/null
+++ b/tests/nested/manual/devmode-snap-seeded-dangerous/uc24-devmode/true
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+true
diff --git a/tests/nested/manual/fde-on-classic/classic-model.assert b/tests/nested/manual/fde-on-classic/classic-model.assert
deleted file mode 100644
index 1a462d54d1e..00000000000
--- a/tests/nested/manual/fde-on-classic/classic-model.assert
+++ /dev/null
@@ -1,44 +0,0 @@
-type: model
-authority-id: tcMZ22pMaY5EVwoLozfjM4fR31bko4yj
-series: 16
-brand-id: tcMZ22pMaY5EVwoLozfjM4fR31bko4yj
-model: ubuntu-core-22-pc-amd64
-architecture: amd64
-base: core22
-classic: true
-distribution: ubuntu
-grade: dangerous
-serial-authority:
-  - generic
-snaps:
-  -
-    default-channel: 22/edge
-    name: pc
-    type: gadget
-  -
-    default-channel: 22/edge
-    name: pc-kernel
-    type: kernel
-  -
-    default-channel: latest/edge
-    id: amcUKQILKXHHTlmSa7NMdnXSx02dNeeT
-    name: core22
-    type: base
-  -
-    default-channel: latest/edge
-    id: PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4
-    name: snapd
-    type: snapd
-timestamp: 2022-03-31T12:00:00.0Z
-sign-key-sha3-384: JGh2mJNy5UeNKQ05MNvphnlDcgteasy0WiJFgk-aJ9XvPyqcKwIm8zomJtWwb-mT
-
-AcLBcwQAAQoAHRYhBAho4l7L210CwlP5EEjPuvv/MykzBQJjhJAOAAoJEEjPuvv/MykzyRkQAK/+
-e5UOBHhpfYZdI+ulEecGES45tT+F/tm3zWxiEqw98rx5yAiPOvzcxeJkWybVOWZAWZuKhxEtr9mr
-mnYLXurtFIz/kDZsF/qbnOR0/qVXw8nSemGJW9eTAoUpgI20AEuIuNcBFWvZbM9QpJzEARIbxUHD
-R/tzeAIFD3rd5qth9O8DRpIKZzx4kZvXzDs5aIoteDCCjqY2WHNbcHtZqR4NJ52VuRfCWjHelbLA
-+DRZssZjih5ni0OAYVl0xuwHGDJuOecw0x2Hgb148N1mM+Ehd2pmjs1JjlmswlLqeA9byw8SakDo
-eT3fn4PD9a3guPw7Ct5YRJFa3BL2xG8XtK71pmRRbxwEYsJPUbRyHPaqnhVYjdqg8YUgCjyQRD/c
-EuF8SsYeGmeVnUgVk5GGl1e/TmHA63RhThwnJV0VdUHIzqjkOafr79F0tv+ijOK48pAbrr2vfLCw
-mIewlj96WhhKGchbr2B+YAtREDJpRcnkDoib7bzi4nE5Km4nLka0SaG4ALj/A59yE52GZlfSWCs8
-d0lJNaKMmjeDaZLBpYJaMIKagFMrOhWYbKAlE/inXEGnSSNgkq9LM5QvYtuH1tChcmS/vupJcUYj
-yr1ywdw9jQ3SHQalskqG9+hp0yz1Xwe3U3QvQZFAOqxkqVTplP0TFIZ/dUTc+ZSB+ZPHCy1d
diff --git a/tests/nested/manual/fde-on-classic/mk-image.sh b/tests/nested/manual/fde-on-classic/mk-image.sh
deleted file mode 100755
index 24affe8a853..00000000000
--- a/tests/nested/manual/fde-on-classic/mk-image.sh
+++ /dev/null
@@ -1,333 +0,0 @@
-#!/bin/bash
-
-set -e
-
-get_assets() {
-    CACHE="$1"
-
-    if [ -d "$CACHE" ]; then
-        echo "Using existing cache dir $CACHE"
-        return
-    fi
-
-    mkdir -p "$CACHE"
-    # get the snaps
-    for snap in pc-kernel pc; do
-        snap download --channel=22 --target-directory="$CACHE" "$snap"
-        unsquashfs -n -d "$CACHE"/snap-"$snap" "$CACHE"/"$snap"_*.snap
-    done
-    for snap in snapd core22; do
-        snap download --target-directory="$CACHE" "$snap"
-    done
-
-    # get the ubuntu classic base
-    (cd "$CACHE" && wget -c http://cdimage.ubuntu.com/ubuntu-base/releases/22.04/release/ubuntu-base-22.04-base-amd64.tar.gz)
-}
-
-cleanup() {
-    IMG="$(readlink -f "$1")"
-    MNT="$(readlink -f "$2")"
-
-    sleep 1
-    sudo umount "$MNT"/* || true
-    sleep 1
-    sudo kpartx -d "$IMG" || true
-}
-
-create_image() {
-    IMG="$(readlink -f "$1")"
-
-    rm -f "$IMG"
-    truncate --size=6G "$IMG"
-    echo "Creating partition on $IMG"
-    cat <<EOF | sfdisk -q "$IMG"
-label: gpt
-device: boot.img
-unit: sectors
-first-lba: 34
-last-lba: 12453854
-sector-size: 512
-
-boot.img1 : start=        2048, size=        2048, type=21686148-6449-6E6F-744E-656564454649, uuid=ECD24EAE-A687-4177-9223-6DDB4FCFF842, name="BIOS Boot"
-##### no ubuntu-seed on the initial version but we need a EFI system
-boot.img2 : start=        4096, size=     202752, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=21A0079F-3E45-4669-8FF2-B3917819279F, name="EFI System partition"
-boot.img3 : start=     2461696, size=     1536000, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=338DD9E7-CFE1-524A-A8B6-7D87DA8A4B34, name="ubuntu-boot"
-boot.img4 : start=     3997696, size=       65536, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=1144DFB5-DFC2-0745-A1F2-AD311FEBE0DB, name="ubuntu-save"
-boot.img5 : start=     4063232, size=     8388608, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=B84565A3-E9F8-8A40-AB04-810A4B891F8C, name="ubuntu-data"
-EOF
-}
-
-install_data_partition() {
-    set -x
-    local DESTDIR=$1
-    local CACHE=$2
-    local SEED_LABEL
-    SEED_LABEL="classic"
-
-    snap_idx=(kernel gadget base snapd)
-    declare -A SNAP_NAME SNAP_F SNAP_P
-    SNAP_NAME[kernel]=pc-kernel
-    SNAP_NAME[gadget]=pc
-    SNAP_NAME[base]=core22
-    SNAP_NAME[snapd]=snapd
-    for i in "${snap_idx[@]}"; do
-        snap_n=${SNAP_NAME[$i]}
-        if [ "${IN_SNAP_F[$snap_n]}" != "" ]; then
-            SNAP_F[$i]=${IN_SNAP_F[$snap_n]}
-            SNAP_P[$i]=${IN_SNAP_P[$snap_n]}
-        else
-            SNAP_F[$i]=$(find "$CACHE" -maxdepth 1 -name "${SNAP_NAME[$i]}_*.snap" -printf "%f\n")
-            SNAP_P[$i]="$CACHE/${SNAP_F[$i]}"
-        fi
-    done
-
-    # Copy base filesystem
-    sudo tar -C "$DESTDIR" -xf "$CACHE"/ubuntu-base-22.04-base-amd64.tar.gz
-
-    # Create basic devices to be able to install packages
-    [ -e "$DESTDIR"/dev/null ] || sudo mknod -m 666 "$DESTDIR"/dev/null c 1 3
-    [ -e "$DESTDIR"/dev/zero ] || sudo mknod -m 666 "$DESTDIR"/dev/zero c 1 5
-    [ -e "$DESTDIR"/dev/random ] || sudo mknod -m 666 "$DESTDIR"/dev/random c 1 8
-    [ -e "$DESTDIR"/dev/urandom ] || sudo mknod -m 666 "$DESTDIR"/dev/urandom c 1 9
-    # ensure resolving works inside the chroot
-    echo "nameserver 8.8.8.8" | sudo tee -a "$DESTDIR"/etc/resolv.conf
-    # install additional packages
-    sudo chroot "$DESTDIR" /usr/bin/sh -c "DEBIAN_FRONTEND=noninteractive apt update"
-    local pkgs="snapd ssh openssh-server sudo iproute2 iputils-ping isc-dhcp-client netplan.io vim-tiny kmod cloud-init jq update-notifier-common"
-    sudo chroot "$DESTDIR" /usr/bin/sh -c \
-         "DEBIAN_FRONTEND=noninteractive apt install --no-install-recommends -y $pkgs"
-    # netplan config
-    cat > "$CACHE"/00-ethernet.yaml <<'EOF'
-network:
-  ethernets:
-    any:
-      match:
-        name: e*
-      dhcp4: true
-  version: 2
-EOF
-    sudo cp "$CACHE"/00-ethernet.yaml "$DESTDIR"/etc/netplan
-
-    # mount bits needed to be able to update boot assets
-    sudo mkdir -p "$DESTDIR"/boot/grub "$DESTDIR"/boot/efi
-    sudo tee "$DESTDIR"/etc/fstab <<'EOF'
-/run/mnt/ubuntu-boot/EFI/ubuntu /boot/grub none bind 0 0
-EOF
-
-    # ensure we can login
-    sudo chroot "$DESTDIR" /usr/sbin/adduser --disabled-password --gecos "" user1
-    printf "ubuntu\nubuntu\n" | sudo chroot "$DESTDIR" /usr/bin/passwd user1
-    echo "user1 ALL=(ALL) NOPASSWD:ALL" | sudo tee -a "$DESTDIR"/etc/sudoers
-
-    # set password for root user
-    sudo chroot "$DESTDIR" /usr/bin/sh -c 'echo root:root | chpasswd'
-    sudo tee -a "$DESTDIR/etc/ssh/sshd_config" <<'EOF'
-PermitRootLogin yes
-PasswordAuthentication yes
-EOF
-
-    # Populate snapd data
-    cat > modeenv <<EOF
-mode=run
-recovery_system=$SEED_LABEL
-current_recovery_systems=$SEED_LABEL
-good_recovery_systems=$SEED_LABEL
-base=${SNAP_F[base]}
-gadget=${SNAP_F[gadget]}
-current_kernels=${SNAP_F[kernel]}
-model=canonical/ubuntu-core-22-pc-amd64
-grade=dangerous
-model_sign_key_id=9tydnLa6MTJ-jaQTFUXEwHl1yRx7ZS4K5cyFDhYDcPzhS7uyEkDxdUjg9g08BtNn
-current_kernel_command_lines=["snapd_recovery_mode=run console=ttyS0 console=tty1 panic=-1"]
-EOF
-    sudo cp modeenv "$DESTDIR"/var/lib/snapd/
-    # needed from the beginning in ubuntu-data as these are mounted by snap-bootstrap
-    # (UC also has base here, but we do not mount it from initramfs in classic)
-    sudo mkdir -p "$DESTDIR"/var/lib/snapd/snaps/
-    sudo cp "${SNAP_P[kernel]}" "${SNAP_P[gadget]}" \
-         "$DESTDIR"/var/lib/snapd/snaps/
-    # create the seed
-    snap prepare-image --classic \
-         --channel=edge \
-         --snap "${SNAP_P[kernel]}" \
-         --snap "${SNAP_P[gadget]}" \
-         --snap "${SNAP_P[base]}" \
-         --snap "${SNAP_P[snapd]}" \
-         classic-model.assert \
-         ./classic-seed
-    # rename seed-label
-    mv ./classic-seed/system-seed/systems/"$(date +%Y%m%d)" ./classic-seed/system-seed/systems/"$SEED_LABEL"
-    # and put the seed in place
-    mkdir -p "$DESTDIR"/var/lib/snapd/
-    mv ./classic-seed/system-seed "$DESTDIR"/var/lib/snapd/seed
-}
-
-populate_image() {
-    IMG="$(readlink -f "$1")"
-    CACHE="$(readlink -f "$2")"
-    MNT="$(readlink -f "$3")"
-    local KERNEL_SNAP
-    KERNEL_SNAP=$(find "$CACHE" -maxdepth 1 -name 'pc-kernel_*.snap' -printf "%f\n")
-
-    mkdir -p "$MNT"
-    loop=$(sudo kpartx -asv "$IMG" | head -n1 | cut -d' ' -f3)
-    loop=${loop%p*}
-
-    loop_esp="${loop}"p2
-    loop_boot="${loop}"p3
-    loop_save="${loop}"p4
-    loop_data="${loop}"p5
-    # XXX: on a real UC device this the ESP is "ubuntu-seed"
-    sudo mkfs.fat -n ubuntu-seed /dev/mapper/"$loop_esp"
-    sudo mkfs.ext4 -L ubuntu-boot -q /dev/mapper/"$loop_boot"
-    sudo mkfs.ext4 -L ubuntu-save -q /dev/mapper/"$loop_save"
-    sudo mkfs.ext4 -L ubuntu-data -q /dev/mapper/"$loop_data"
-    for name in esp ubuntu-boot ubuntu-save ubuntu-data; do
-        mkdir -p "$MNT"/"$name"
-    done
-    sudo mount /dev/mapper/"$loop_esp" "$MNT"/esp
-    sudo mount /dev/mapper/"$loop_boot" "$MNT"/ubuntu-boot
-    sudo mount /dev/mapper/"$loop_save" "$MNT"/ubuntu-save
-    sudo mount /dev/mapper/"$loop_data" "$MNT"/ubuntu-data
-
-    # install things into the image
-    install_data_partition "$MNT"/ubuntu-data/ "$CACHE"
-
-    # ESP partition just chainloads into ubuntu-boot
-    # XXX: do we want this given that we don't have recovery systems?
-    sudo mkdir -p "$MNT"/esp/EFI/boot
-    sudo cp "$CACHE"/snap-pc/grubx64.efi "$MNT"/esp/EFI/boot
-    sudo cp "$CACHE"/snap-pc/shim.efi.signed "$MNT"/esp/EFI/boot/bootx64.efi
-    cat > "$CACHE"/esp-grub.cfg <<'EOF'
-set default=0
-set timeout=3
-
-search --no-floppy --set=boot_fs --label ubuntu-boot
-menuentry "Continue to run mode" --hotkey=n --id=run {
-    chainloader ($boot_fs)/EFI/boot/grubx64.efi
-}
-EOF
-    sudo mkdir -p "$MNT"/esp/EFI/ubuntu
-    sudo cp "$CACHE"/esp-grub.cfg "$MNT"/esp/EFI/ubuntu/grub.cfg
-
-    # ubuntu-boot
-    sudo mkdir -p "$MNT"/ubuntu-boot/EFI/boot
-    sudo cp -a "$CACHE"/snap-pc/grubx64.efi "$MNT"/ubuntu-boot/EFI/boot
-    sudo cp -a "$CACHE"/snap-pc/shim.efi.signed "$MNT"/ubuntu-boot/EFI/boot/bootx64.efi
-
-    sudo mkdir -p "$MNT"/ubuntu-boot/EFI/ubuntu
-    cat > "$CACHE"/grub.cfg <<'EOF'
-set default=0
-set timeout=3
-
-# load only kernel_status and kernel command line variables set by snapd from
-# the bootenv
-load_env --file /EFI/ubuntu/grubenv kernel_status snapd_extra_cmdline_args snapd_full_cmdline_args
-
-set snapd_static_cmdline_args='console=ttyS0 console=tty1 panic=-1'
-set cmdline_args="$snapd_static_cmdline_args $snapd_extra_cmdline_args"
-if [ -n "$snapd_full_cmdline_args" ]; then
-    set cmdline_args="$snapd_full_cmdline_args"
-fi
-
-set kernel=kernel.efi
-
-if [ "$kernel_status" = "try" ]; then
-    # a new kernel got installed
-    set kernel_status="trying"
-    save_env kernel_status
-
-    # use try-kernel.efi
-    set kernel=try-kernel.efi
-elif [ "$kernel_status" = "trying" ]; then
-    # nothing cleared the "trying snap" so the boot failed
-    # we clear the mode and boot normally
-    set kernel_status=""
-    save_env kernel_status
-elif [ -n "$kernel_status" ]; then
-    # ERROR invalid kernel_status state, reset to empty
-    echo "invalid kernel_status!!!"
-    echo "resetting to empty"
-    set kernel_status=""
-    save_env kernel_status
-fi
-
-if [ -e $prefix/$kernel ]; then
-menuentry "Run Ubuntu Core 22" {
-    # use $prefix because the symlink manipulation at runtime for kernel snap
-    # upgrades, etc. should only need the /boot/grub/ directory, not the
-    # /EFI/ubuntu/ directory
-    chainloader $prefix/$kernel snapd_recovery_mode=run $cmdline_args
-}
-else
-    # nothing to boot :-/
-    echo "missing kernel at $prefix/$kernel!"
-fi
-EOF
-    sudo cp -a "$CACHE"/grub.cfg "$MNT"/ubuntu-boot/EFI/ubuntu/
-    # This must be exactly 1024 bytes
-    GRUBENV="# GRUB Environment Block
-#######################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################"
-    printf "%s" "$GRUBENV" > "$CACHE"/grubenv
-    sudo cp -a "$CACHE"/grubenv "$MNT"/ubuntu-boot/EFI/ubuntu/grubenv
-    local assert_p=classic-model.assert
-    if [ ! -f "$assert_p" ]; then
-        printf "%s not found, please sign an assertion using classic-model.json as model\n" \
-               "$assert_p"
-        exit 1
-    fi
-    sudo mkdir -p "$MNT"/ubuntu-boot/device/
-    sudo cp -a "$assert_p" "$MNT"/ubuntu-boot/device/model
-
-    # kernel
-    sudo mkdir -p "$MNT"/ubuntu-boot/EFI/ubuntu/"$KERNEL_SNAP"
-    sudo cp -a "$CACHE"/snap-pc-kernel/kernel.efi "$MNT"/ubuntu-boot/EFI/ubuntu/"$KERNEL_SNAP"
-    sudo ln -sf "$KERNEL_SNAP"/kernel.efi "$MNT"/ubuntu-boot/EFI/ubuntu/kernel.efi
-
-    # cleanup
-    sync
-    sudo umount "$MNT"/ubuntu-*
-}
-
-show_how_to_run_qemu() {
-    IMG="$1"
-
-    echo "Image ready, run as"
-    echo kvm -m 1500 -snapshot \
-         -netdev user,id=net.0,hostfwd=tcp::10022-:22 \
-        -device rtl8139,netdev=net.0 \
-        -bios /usr/share/OVMF/OVMF_CODE.fd \
-        -drive file="$1",if=virtio \
-        -serial stdio
-
-    echo "grub will chainload from ESP to ubuntu-boot"
-    echo "there press ESC and add 'dangerous rd.systemd.debug-shell=1' after kernel.efi"
-}
-
-main() {
-    # shellcheck disable=SC2064
-    trap "cleanup \"$BOOT_IMG\" \"$MNT_DIR\"" EXIT INT
-
-    get_assets "$CACHE_DIR"
-    create_image "$BOOT_IMG"
-    populate_image "$BOOT_IMG" "$CACHE_DIR" "$MNT_DIR"
-
-    show_how_to_run_qemu "$BOOT_IMG"
-    # XXX: show how to mount/chroot into the dir to test seeding
-}
-
-# 4th and later are optional local snaps
-set -x
-BOOT_IMG="${1:-./boot.img}"
-CACHE_DIR="${2:-./cache}"
-MNT_DIR="${3:-./mnt}"
-shift 3 || true
-declare -A IN_SNAP_P IN_SNAP_F
-for sn_p in "$@"; do
-    sn_f=${sn_p##*/}
-    sn_name=${sn_f%%_*}
-    IN_SNAP_P[$sn_name]=$sn_p
-    IN_SNAP_F[$sn_name]=$sn_f
-done
-
-main "$BOOT_IMG" "$CACHE_DIR" "$MNT_DIR"
diff --git a/tests/nested/manual/fde-on-classic/model-etc b/tests/nested/manual/fde-on-classic/model-etc
deleted file mode 100644
index 1438082f8ac..00000000000
--- a/tests/nested/manual/fde-on-classic/model-etc
+++ /dev/null
@@ -1,92 +0,0 @@
-type: account-key
-authority-id: canonical
-revision: 2
-public-key-sha3-384: BWDEoaqyr25nF5SNCvEv2v7QnM9QsfCc0PBMYD_i2NGSQ32EF2d4D0hqUel3m8ul
-account-id: canonical
-name: store
-since: 2016-04-01T00:00:00.0Z
-body-length: 717
-sign-key-sha3-384: -CvQKAwRQ5h3Ffn10FILJoEZUXOv6km9FwA80-Rcj-f-6jadQ89VRswHNiEB9Lxk
-
-AcbBTQRWhcGAARAA0KKYYQWuHOrsFVi4p4l7ZzSvX7kLgJFFeFgOkzdWKBTHEnsMKjl5mefFe9ji
-qe8NlmJdfY7BenP7XeBtwKp700H/t9lLrZbpTNAPHXYxEWFJp5bPqIcJYBZ+29oLVLN1Tc5X482R
-vCiDqL8+pPYqBrK2fNlyPlNNSum9wI70rDDL4r6FVvr+osTnGejibdV8JphWX+lrSQDnRSdM8KJi
-UM43vTgLGTi9W54oRhsA2OFexRfRksTrnqGoonCjqX5wO3OFSaMDzMsO2MJ/hPfLgDqw53qjzuKL
-Iec9OL3k5basvu2cj5u9tKwVFDsCKK2GbKUsWWpx2KTpOifmhmiAbzkTHbH9KaoMS7p0kJwhTQGA
-o9aJ9VMTWHJc/NCBx7eu451u6d46sBPCXS/OMUh2766fQmoRtO1OwCTxsRKG2kkjbMn54UdFULl9
-VfzvyghMNRKIezsEkmM8wueTqGUGZWa6CEZqZKwhe/PROxOPYzqtDH18XZknbU1n5lNb7vNfem9F
-2ai+3+JyFnW9UhfvpVF7gzAgdyCqNli4C6BIN43uwoS8HkykocZS/+Gv52aUQ/NZ8BKOHLw+7ant
-Q0o8W9ltSLZbEMxFIPSN0stiZlkXAp6DLyvh1Y4wXSynDjUondTpej2fSvSlCz/W5v5V7qA4nIcG
-vUvV7RjVzv17ut0AEQEAAQ==
-
-AcLDXAQAAQoABgUCV83k9QAKCRDUpVvql9g3IBT8IACKZ7XpiBZ3W4lqbPssY6On81WmxQLtvsMV
-WTp6zZpl/wWOSt2vMNUk9pvcmrNq1jG9CuhDfWFLGXEjcrrmVkN3YuCOajMSPFCGrxsIBLSRt/bP
-nrKykdLAAzMfG8rP1d82bjFFiIieE+urQ0Kcv09Jtdvavq3JT1Tek5mFyyfhHNlQEKOzWqmRWiLg
-3c3VOZUs1ZD8TSlnuq/x+5T0X0YtOyGjSlVxk7UybbyMNd6MZfNaMpIG4x+mxD3KHFtBAC7O6kLe
-eX3i6j5nCY5UABfA3DZEAkWP4zlmdBEOvZ9t293NaDdOpzsUHRkoi0Zez/9BHQ/kwx/uNc2WqrYm
-inCmu16JGNeXqsyinnLl7Ghn2RwhvDMlLxF6RTx8xdx1yk6p3PBTwhZMUvuZGjUtN/AG8BmVJQ19
-rsGSRkkSywvnhVJRB2sudnrMBmNS2goJbzSbmJnOlBrd2WsV0T9SgNMWZBiov3LvU4o2SmAb6b+k
-rYwh8H5QHcuuYJuxDjFhPswIp6Wes5T6hUicf3SWtObcDS4HSkVS4ImBjjX9YgCuFy7QdnooOWEY
-aPvkRw3XCVeYq0K6w9GRsk1YFErD4XmXXZjDYY650MX9v42Sz5MmphHV8jdIY5ssbadwFSe2rCQI
-6UX08zy7RsIb19hTndE6ncvSNDChUR9eEnCm73eYaWTWTnq1cxdVP/s52r8uss++OYOkPWqh5nOu
-haRn7INjH/yZX4qXjNXlTjo0PnHH0q08vNKDwLhxS+D9du+70FeacXFyLIbcWllSbJ7DmbumGpFo
-yYbtj3FDDPzachFQdIG3lSt+cSUGeyfSs6wVtc3cIPka/2Urx7RprfmoWSI6+a5NcLdj0u2z8O96
-HxeIgxDpg/3gT8ZIuFKePMcLDM19Fh/p0ysCsX+84B9chNWtsMSmIaE57V+959MVtsLu7SLb9gi7
-skrju0pQCwsu2wHMLTNd1f3PTHmrr49hxetTus07HSQUApMtAGKzQilF5zqFjbyaTd4xgQbd+PKW
-CjFyzQTDOcUhXpuUGt/IzlqiFfsCsmbj2K4KdSNYMlqIgZ3Azu8KvZLIhsyN7v5vNIZSPfEbjdeu
-ClU9r0VRiJmtYBUjcSghD9LWn+yRLwOxhfQVjm0cBwIt5R/yPF/qC76yIVuWUtM5Y2/zJR1J8OFq
-qWchvlImHtvDzS9FQeLyzJAOjvZ2CnWp2gILgUz0WQdOk1Dq8ax7KS9BQ42zxw9EZAEPw3PEFqRy
-IQsRTONp+iVS8YxSmoYZjDlCgRMWUmawez/Fv5b9Fb/XkO5Eq4e+KfrpUujXItaipb+tV8h5v3tr
-oG3Ie3WOHrVjCLXIdYslpL1O4nadqR6Xv58pHj6k
-
-type: account
-authority-id: canonical
-revision: 4
-account-id: tcMZ22pMaY5EVwoLozfjM4fR31bko4yj
-display-name: Alfonso Sanchez-Beato
-timestamp: 2016-09-19T08:47:02.448689Z
-username: abeato
-validation: unproven
-sign-key-sha3-384: BWDEoaqyr25nF5SNCvEv2v7QnM9QsfCc0PBMYD_i2NGSQ32EF2d4D0hqUel3m8ul
-
-AcLBUgQAAQoABgUCV9+mBgAA1IwQAIDrLvNaqq4kADcCRjwggdhPQpx6CqGfoBWL3jeWNoSwKhMW
-HZxwxwOFckViRpeYHIsV+ECC/aibG76E2NZzLB0VAvExzBS9lUArtg8VY2zbRz/368qlV0HVrqjO
-tcibpwjS6g03vuvvVMTWhIlw/hZuLAPtAA1CSJXEtaPzQ9zmq/GMqHng2tA+M40i+18PpdG761vF
-cSWdQl6WjSPaK464fcDv7fY1ysVOwMweyVunJpYiZFuil0ZNDEHbDgVuMnsfCL1qrZUrYyp/skbE
-gC3lKnaSq/7TTf47dZTXcEmKoeIqOJUz8cGySZ83spcBy0MakFBjjQH5MdCchoEyaDxdpMlOEhRp
-8DYokuYIovr4GTUFZ/ODa1/a+TzeSy3dg9d6aGPCoAgKBKFUzvvXpCO7uho95V35vQsMSuOogP5M
-gFc12rmpGMVF4FSTyYFDFjYJm5GUNhZk5NMPZzgft5RRuMWDBHvCfefN4iVagFRMGZp039T6kh7U
-XpOxLwJ1WMk5lbqSxAijLLJj2+32E74M8gDRAzWeJm8/QJvAqDpLi+tECsRiJuNOjM/P3TtOp97r
-KD+ONi0jgYDVKYag+tCGJyP/6eUHrtnTiYuQbCYaNNtRDAEMo3J3Jis0EVnEP3ZdX9xla7CwpCoq
-pDkH/drn+y8eYnDPRW2c+m8okFgr
-
-type: account-key
-authority-id: canonical
-public-key-sha3-384: JGh2mJNy5UeNKQ05MNvphnlDcgteasy0WiJFgk-aJ9XvPyqcKwIm8zomJtWwb-mT
-account-id: tcMZ22pMaY5EVwoLozfjM4fR31bko4yj
-name: asus3
-since: 2019-03-21T17:19:09Z
-body-length: 717
-sign-key-sha3-384: BWDEoaqyr25nF5SNCvEv2v7QnM9QsfCc0PBMYD_i2NGSQ32EF2d4D0hqUel3m8ul
-
-AcbBTQRWhcGAARAA98bL9ZlGmZjFRNFrG3hA9cfmw+Axb8TNtFqqSMJVKaeLgb43CO2EirRsYNk+
-8Ut0qY6luOnvlNDQbcJY7Rer0X2Axcl6Bfx8WMYya9Uf5yQeAtCQ28L8xq/Q0b3lg+CN2955Twys
-CtxYrIdt4pIEAflw2Okx3RmiKqafkho090r3LAElYtcrULE2JYqaw3wMei7ZKyFCFVAO9HGbDOYW
-ZAwOpkMhKbDiLuYu4oj68Ot3q2E8FBk9p00MSNumxrMTuuBanjRz8W4C3SJx7wDUVSFKf8EOXA0f
-cMJndhNCTe1f3ZwCHE9Xtxh/nVjNClfZrG+bxXwCc4mU+bunlvo1Rq76VF+N95OCzh52tKEBn1tZ
-+VmK6/yPc2vyxfEaaKI5DBSBqR1OYNrGLjFQGnP1UwcoMdRQ0Qlpo34XdmKQwGxAzMTgshQaNprw
-4C57UcHXHfAKWI3KEitReDQnQn8HyP8anaafB7CJUknwMXBtm5PIfqFuoQbyyhPOliE8RpRQAn5u
-mI0zGVxswp6qW7xQOcwZp6jIol5F5TWqhhbvdi7ZFbDB//D6z2DY8BLUVjoz+o2XBcTZMGK0TV9f
-u26IBa4vQDyGHHYtE1UFWoF/IxUpSUqcxu5NId9RquCXb0sjuUuFtrvZqyv64RjFWNs6Dm/T+/XX
-oCRNXhoUKxvhLBcAEQEAAQ==
-
-AcLBUgQAAQoABgUCXJPHlAAAdagQAGivJ3mdgQhU71+BCS1x2UUlTyxdjUUjIxniJLMQFtJA+5KF
-FY2cZ3JSVLVSah7xiDEakcoR/iSc4zSxX9IIDzeMYMXu0rnfkKylP+d3pIKpUak/T2zLGeJrWtlv
-JbJOJWr4XORW2rwmQG9Eu0fyZ6oMFXgl/Lcga6WMVWJthNHhxiA9rLUxtqPqkmVLkLlL5cp8ivUU
-Xz3poX2t/CTJc/RQxiIlFgtsiqqHKo71Ojtto4+mDhYqMVzMoogki+MJGBkqJhSDuv8TnViFlP70
-YAo6yk55jsz1dd8fqNC1eO375gHvgxSrm2A4YVwLgFkxW1i6W1EvgRwdT+RtCqNjPKk8tCXiXQzx
-orLZGsNSKshj51SchE6zHZwQJIMbq5E8b6hJKFaa8ymUC+zbjtuEZZwEOutiB7LPrkPRDXBSEDwx
-6SLuet1sQXw/wm2KGe9wXAGF1Ai/vZDwY1rljUM69j+mbRsRPltxXoV2ARWH27RzMbn/Mtt8EnbD
-I4rDNRwH2q/mj3Yacorhc0LxaFhi5sZ/uAr3bsusutmnHq32+TSwajBXhwHiMxXxp9PVfeayKeDl
-T5bEUheyMvInBvnk0D8VwdMq0Qb2MV5F48v0lEp2ptyuZ43ucxXDXy6Gpv5ZVmdTfAfSZYiFO8EV
-ogZmOGwM6M3bxB4HIytabVeeG6h0
diff --git a/tests/nested/manual/fde-on-classic/replace-image-files.sh b/tests/nested/manual/fde-on-classic/replace-image-files.sh
deleted file mode 100755
index 39eec4427cc..00000000000
--- a/tests/nested/manual/fde-on-classic/replace-image-files.sh
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/bash -exu
-
-replace_initramfs_bits() {
-    # TODO is there code to share with uc20_build_initramfs_kernel_snap in prepare.sh?
-    KERNEL_EFI_ORIG="$CACHE_DIR"/snap-pc-kernel/kernel.efi
-    if [ ! -d initrd ]; then
-        objcopy -O binary -j .initrd "$KERNEL_EFI_ORIG" initrd.img
-        unmkinitramfs initrd.img initrd
-    fi
-
-    # Retrieve efi stub from ppa so we can rebuild kernel.efi
-    sudo DEBIAN_FRONTEND=noninteractive apt install -y --no-install-recommends ubuntu-dev-tools
-    codename=$(lsb_release -cs)
-    arch=$(dpkg-architecture -q DEB_BUILD_ARCH)
-    pull-lp-debs -a "$arch" -D ppa \
-                 --ppa ppa:snappy-dev/image ubuntu-core-initramfs "$codename"
-    dpkg --fsys-tarfile ubuntu-core-initramfs_*.deb |
-        tar --wildcards -xf - './usr/lib/ubuntu-core-initramfs/efi/linux*.efi.stub'
-
-    cp "$SNAPD_BINPATH"/snap-bootstrap initrd/main/usr/lib/snapd/
-    cd initrd/main
-    find . | cpio --create --quiet --format=newc --owner=0:0 | lz4 -l -7 > ../../initrd.img.new
-    cd -
-
-    objcopy -O binary -j .linux "$KERNEL_EFI_ORIG" linux
-    # Replace kernel.efi in unsquashed snap
-    objcopy --add-section .linux=linux --change-section-vma .linux=0x2000000 \
-            --add-section .initrd=initrd.img.new --change-section-vma .initrd=0x3000000 \
-            usr/lib/ubuntu-core-initramfs/efi/linux*.efi.stub \
-            "$KERNEL_EFI_ORIG"
-}
-
-cleanup() {
-    IMG="$(readlink -f "$1")"
-    MNT="$(readlink -f "$2")"
-
-    sync
-    sleep 1
-    sudo umount "$MNT"/* || true
-    sleep 1
-    sudo kpartx -d "$IMG" || true
-}
-
-main() {
-    MNT=mnt-replace
-
-    mkdir -p "$MNT"/ubuntu-boot "$MNT"/data
-
-    replace_initramfs_bits
-
-    # shellcheck disable=SC2064
-    trap "cleanup \"$IMG\" \"$MNT\"" EXIT
-
-    loop=$(sudo kpartx -asv "$IMG" | head -n1 | cut -d' ' -f3)
-    loop=${loop%p*}
-    loop_boot="$loop"p3
-    sudo mount /dev/mapper/"$loop_boot" "$MNT"/ubuntu-boot
-
-    # copy kernel.efi with modified initramfs
-    subpath=$(readlink "$MNT"/ubuntu-boot/EFI/ubuntu/kernel.efi)
-    # TODO we should also repack kernel snap and replace the one in the rootfs too, and also re-sign
-    cp -a "$CACHE_DIR"/snap-pc-kernel/kernel.efi "$MNT"/ubuntu-boot/EFI/ubuntu/"$subpath"
-
-    # replace snapd in data partition with the one compiled in the test
-    data_mnt="$loop"p5
-    sudo mount /dev/mapper/"$data_mnt" "$MNT"/data
-    sudo cp ../../../../../snapd_*.deb "$MNT"/data/snapd.deb
-    sudo chroot "$MNT"/data apt install -y --no-install-recommends ./snapd.deb
-    sudo rm "$MNT"/data/snapd.deb
-    # enable debug traces
-    sudo mkdir -p "$MNT"/data/etc/systemd/system/snapd.service.d/
-    sudo tee "$MNT"/data/etc/systemd/system/snapd.service.d/override.conf <<'EOF'
-[Service]
-Environment=SNAPD_DEBUG=1
-EOF
-}
-
-IMG="${1:-./boot.img}"
-CACHE_DIR="${2:-./cache}"
-SNAPD_BINPATH="${3:-/usr/lib/snapd}"
-main
diff --git a/tests/nested/manual/fde-on-classic/task.yaml b/tests/nested/manual/fde-on-classic/task.yaml
index 5779f8c1f65..2d167dcd246 100644
--- a/tests/nested/manual/fde-on-classic/task.yaml
+++ b/tests/nested/manual/fde-on-classic/task.yaml
@@ -4,7 +4,8 @@ details: |
   This test creates a classic image that looks like what the installer
   would create and we boot into it.
 
-systems: [ubuntu-22.04-64, ubuntu-24.04-64]
+# TODO: make this test work for ubuntu-24.04-64
+systems: [ubuntu-22.04-64]
 
 environment:
   NESTED_ENABLE_SECURE_BOOT: false
@@ -34,9 +35,9 @@ prepare: |
   # create an image that looks like a classic image
   # Note that "mk-image" is left as a script so that it can also be
   # run outside of spread easily for quick interactive testing
-  ./mk-image.sh ./boot.img "$CACHE_D" "./mnt" ./pc_x1.snap
-  # replaces snap-bootstrap in initramfs and snapd in rootfs
-  ./replace-image-files.sh ./boot.img "$CACHE_D"
+  # shellcheck disable=SC2086
+  "$TESTSTOOLS"/mkimage-uc"$VERSION" --boot-img ./boot.img --cache-dir "$CACHE_D" --mnt-dir ./mnt --base-dir "$PWD" --snap pc_x1.snap "$TESTSLIB"/assertions/classic-model-"${VERSION}".assert
+
   # We will need yq
   snap install yq
 
@@ -60,10 +61,12 @@ execute: |
   # validate that the image boots and seeds
   remote.exec "sudo snap wait system seed.loaded"
 
-  remote.exec 'cat /etc/os-release | MATCH VERSION_ID=\"22.04\"'
+  VERSION="$(tests.nested show version)"
+
+  remote.exec "cat /etc/os-release" | MATCH "VERSION_ID=\"${VERSION}.04\""
   remote.exec "snap list pc-kernel"
   remote.exec "snap list pc"
-  remote.exec "snap list core22"
+  remote.exec "snap list core${VERSION}"
   remote.exec "snap list snapd"
 
   # no reboot required
@@ -72,8 +75,8 @@ execute: |
   # Check for the generic serial assertion
   retry -n 100 sh -c 'remote.exec "snap changes" | MATCH "Done.*Initialize device"'
   remote.exec "snap model --serial --assertion" | MATCH "authority-id: generic"
-  remote.exec "snap model --serial --assertion" | MATCH "brand-id: tcMZ22pMaY5EVwoLozfjM4fR31bko4yj"
-  remote.exec "snap model --serial --assertion" | MATCH "model: ubuntu-core-22-pc-amd64"
+  remote.exec "snap model --serial --assertion" | MATCH "brand-id: test-snapd"
+  remote.exec "snap model --serial --assertion" | MATCH "model: ubuntu-core-${VERSION}-pc-amd64"
 
   # refresh kernel snap
   # $1: path to snap file
@@ -156,22 +159,22 @@ execute: |
   # Test that installing a different base and a reboot cause no reverts
   # (regression test for SNAPDENG-4975)
 
-  # precondition, the core22 is not a local version
-  remote.exec snap list core22 | NOMATCH " x1 "
-  # create modified core22
-  unsquashfs -d core22 "$CACHE_D"/core22_*.snap
-  touch core22/empty-file
-  snap pack --filename=core22-new.snap core22
-  remote.push "core22-new.snap"
+  # precondition, the coreXX is not a local version
+  remote.exec snap list "core${VERSION}" | NOMATCH " x1 "
+  # create modified coreXX
+  unsquashfs -d corebase "$CACHE_D"/core"${VERSION}"_*.snap
+  touch corebase/empty-file
+  snap pack --filename=corebase-new.snap corebase
+  remote.push "corebase-new.snap"
   # install and validate it is now a local version
-  remote.exec sudo snap install --dangerous "core22-new.snap"
-  remote.exec sudo snap list core22 | MATCH " x1 "
+  remote.exec sudo snap install --dangerous "corebase-new.snap"
+  remote.exec sudo snap list "core${VERSION}" | MATCH " x1 "
   # wait for reboot
   boot_id=$(tests.nested boot-id)
   remote.exec sudo reboot || true
   tests.nested wait-for reboot "$boot_id"
-  # ensure that no revert of core22 happened after the reboot
+  # ensure that no revert of coreXX happened after the reboot
   remote.exec sudo snap changes | NOMATCH "Update kernel and core snap revisions"
-  remote.exec sudo snap list core22 | MATCH " x1 "
+  remote.exec sudo snap list "core${VERSION}" | MATCH " x1 "
 
   rm -rf "$CACHE_D"
diff --git a/tests/nested/manual/fde-on-classic/tweak-gadget.py b/tests/nested/manual/fde-on-classic/tweak-gadget.py
index c4be2d54939..f567e2593bc 100644
--- a/tests/nested/manual/fde-on-classic/tweak-gadget.py
+++ b/tests/nested/manual/fde-on-classic/tweak-gadget.py
@@ -10,10 +10,15 @@
         entry['name'] = 'EFI System partition'
         # TODO make this realistically smaller?
         entry['size'] = '99M'
+        content = [{'source': 'grubx64.efi',
+                    'target': 'EFI/boot/grubx64.efi'},
+                   {'source': 'shim.efi.signed',
+                    'target': 'EFI/boot/bootx64.efi'}]
+        entry['content'] = content
     if entry.get('role') == 'system-boot':
         # Such that potentially there is space to later slot-in 1200M
         # large ubuntu-seed partition
         entry['offset'] = '1202M'
 
 with open(sys.argv[1], 'w') as f:
-    yaml.dump(data, f)
+    yaml.dump(data, f)
\ No newline at end of file
diff --git a/tests/nested/manual/hybrid-remodel/task.yaml b/tests/nested/manual/hybrid-remodel/task.yaml
index 8a8a70a2312..44595010de4 100644
--- a/tests/nested/manual/hybrid-remodel/task.yaml
+++ b/tests/nested/manual/hybrid-remodel/task.yaml
@@ -15,13 +15,21 @@ environment:
   STORE_DIR: $(pwd)/fake-store-blobdir
 
 prepare: |
-  # shellcheck source=tests/lib/prepare.sh
-  . "$TESTSLIB/prepare.sh"
-  # shellcheck source=tests/lib/nested.sh
-  . "$TESTSLIB"/nested.sh
+  VERSION="$(tests.nested show version)"
+  snap download --basename=pc-kernel --channel="$VERSION/stable" pc-kernel
+  if [ "$VERSION" == 22 ]; then
+    PC_VERSION="23.10"
+  else
+    PC_VERSION="${VERSION}.04"
+  fi
+  snap download --basename=pc --channel="classic-${PC_VERSION}/stable" pc
 
   "${TESTSTOOLS}"/setup_nested_hybrid_system.sh \
-     --model "${TESTSLIB}/assertions/classic-model.assert"
+     --model "${TESTSLIB}/assertions/classic-model-${VERSION}.assert" \
+     --gadget pc.snap \
+     --gadget-assertion pc.assert \
+     --kernel pc-kernel.snap \
+     --kernel-assertion pc-kernel.assert
 
 restore: |
   tests.systemd stop-unit --remove "nested-vm"
@@ -32,10 +40,12 @@ execute: |
   # install this so that we get reboot notifications
   remote.exec "sudo apt install -y update-notifier-common"
 
-  remote.push "${TESTSLIB}/assertions/classic-model-rev1.assert"
+  VERSION="$(tests.nested show version)"
+
+  remote.push "${TESTSLIB}/assertions/classic-model-rev1-${VERSION}.assert"
 
   # remodel and reboot. we need to reboot because we swapped the kernel snap
-  change_id=$(remote.exec 'sudo snap remodel --no-wait classic-model-rev1.assert')
+  change_id=$(remote.exec "sudo snap remodel --no-wait classic-model-rev1-${VERSION}.assert")
   retry -n 100 --wait 5 remote.exec "snap tasks ${change_id} | grep 'INFO Task set to wait until a system restart allows to continue'"
   remote.exec 'test -f /run/reboot-required'
 
@@ -45,8 +55,8 @@ execute: |
   remote.exec snap watch "${change_id}"
   remote.exec 'snap changes' | MATCH "${change_id}\s+Done.+Refresh model assertion from revision 0 to 1"
 
-  remote.exec 'snap list jq-core22'
-  remote.exec 'snap list pc-kernel' | awk 'NR != 1 { print $4 }' | MATCH '22-hwe/stable'
+  remote.exec "snap list" | MATCH "jq-core${VERSION}"
+  remote.exec 'snap list pc-kernel' | awk 'NR != 1 { print $4 }' | MATCH "${VERSION}-hwe/stable"
 
   # TODO: once we support installing recovery systems during the hybrid install,
   # we should switch this test to use a gadget that does not use "system-seed-null"
diff --git a/tests/nested/manual/uc20-fde-hooks-ice/task.yaml b/tests/nested/manual/uc20-fde-hooks-ice/task.yaml
index 042f2f0c91c..a9c785f142a 100644
--- a/tests/nested/manual/uc20-fde-hooks-ice/task.yaml
+++ b/tests/nested/manual/uc20-fde-hooks-ice/task.yaml
@@ -19,10 +19,11 @@ prepare: |
 
   # add wrapper around cryptsetup that filters "--inline-crypto-engine"
   # as qemu has no ICE driver
-  snap download --basename=core22 core22
-  unsquashfs -d core22 core22.snap
-  mv core22/sbin/cryptsetup core22/sbin/cryptsetup.real
-  cat >core22/sbin/cryptsetup <<'EOF'
+  VERSION="$(tests.nested show version)"
+  snap download --basename=corebase "core$VERSION"
+  unsquashfs -d corebase corebase.snap
+  mv corebase/sbin/cryptsetup corebase/sbin/cryptsetup.real
+  cat >corebase/sbin/cryptsetup <<'EOF'
   #!/usr/bin/python3
   import os,sys
   with open("/run/mnt/ubuntu-seed/cryptsetup.calls", "a") as fp:
@@ -32,11 +33,11 @@ prepare: |
     sys.argv.remove(needle)
   os.execv("/sbin/cryptsetup.real", sys.argv)
   EOF
-  chmod +x core22/sbin/cryptsetup
+  chmod +x corebase/sbin/cryptsetup
   # ensure the install-mode.log.gz contains all DEBUG messages
-  echo "SNAPD_DEBUG=1" >> core22/etc/environment
-  snap pack ./core22 --filename=core22-new.snap
-  mv core22-new.snap "$(tests.nested get extra-snaps-path)" 
+  echo "SNAPD_DEBUG=1" >> corebase/etc/environment
+  snap pack ./corebase --filename=corebase-new.snap
+  mv corebase-new.snap "$(tests.nested get extra-snaps-path)/core${VERSION}-new.snap" 
 
   # build fde-reveal-key hook into the "extra-initrd"
   # nested_create_core_vm picks this up