The way the test was implemented previously did not make it fail if no
secret was appended to the initrd. Now it is implemented similary to the
initrd-secrets test in Nixpkgs and works correctly.
To minimize the number of arguments passed to `lzbt`, the loader config
is assembled outside `lzbt` and passed as a single argument.
Instead of reimplementing `consoleMode` under the `lanzaboote`
namespace, `config.loader.systemd-boot.consoleMode` is reused as is.
The test attributes and names are simplified and standardized. They now
roughly follow the same structure as the systemd-boot test in Nixpkgs.
Some comments are added and variable names changed to make it more clear
what they actually do.
nikstur