summary: Run a smoke test on UC22 with encryption enabled

details: |
    This test checks basic snapd commands on UC22 with secure boot and encryption enabled

systems: [ubuntu-22.04-64, ubuntu-24.04-64]

execute: |
    echo "Wait for the system to be seeded first"
    remote.exec "sudo snap wait system seed.loaded"

    echo "Ensure 'snap install' works"
    remote.exec "sudo snap install test-snapd-sh"

    echo "Ensure 'snap list' works and test-snapd-sh snap is installed"
    remote.exec "snap list" | MATCH test-snapd-sh

    echo "Ensure 'snap find' works"
    remote.exec "snap find test-snapd-sh" | MATCH ^test-snapd-sh

    echo "Ensure 'snap info' works"
    remote.exec "snap info test-snapd-sh" | MATCH '^name:\ +test-snapd-sh'

    echo "Ensure 'snap remove' works"
    remote.exec "sudo snap remove test-snapd-sh"

    echo "Ensure 'snap list' works and test-snapd-sh snap is removed"
    remote.exec "! snap list test-snapd-sh"

    echo "Ensure 'snap recovery show-keys' works as root"
    remote.exec "sudo snap recovery --show-keys" | MATCH 'recovery:\s+[0-9]{5}-[0-9]{5}-[0-9]{5}-[0-9]{5}-[0-9]{5}-[0-9]{5}-[0-9]{5}-[0-9]{5}'
    echo "But not as user (normal file permissions prevent this)"
    if remote.exec "snap recovery --show-keys"; then
        echo "snap recovery --show-key should not work as a user"
        exit 1
    fi