Test 3:
From a fresh trusty system, no uat installed, no ubuntu-minimal installed
a) install uat from updates, enable esm, upgrade to proposed
b) install uat from proposed, enable esm (via ua attach)

Result: PASS

Details:
At the end, confirmed that both chroots have esm enabled and with a positive pinning:
# chroot /tank/trusty-3a/ apt-cache policy | grep esm
 500 https://esm.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages
     origin esm.ubuntu.com
 500 https://esm.ubuntu.com/ubuntu/ trusty-security/main amd64 Packages
     origin esm.ubuntu.com
# chroot /tank/trusty-3b/ apt-cache policy | grep esm
 500 https://esm.ubuntu.com/ubuntu/ trusty-infra-updates/main amd64 Packages
     origin esm.ubuntu.com
 500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64 Packages
     origin esm.ubuntu.com

Note how (3b) is using the new infra pocket names, however. That's because "ua attach" was run in that case, and it wasn't run in (3a). Both work, though, and it's expected that users will eventually run "ua attach" after upgrading even if they had esm enabled before. This is mentioned in the [Other Info] section of the bug description.

Filesystem differences:
# diff -uNr /tank/trusty-3{a,b}/ 2>/dev/null | diffstat -l
etc/apt/auth.conf.d/90ubuntu-advantage
etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list
var/cache/apt/archives/ubuntu-advantage-tools_10ubuntu0.14.04.4_all.deb
var/cache/apt/pkgcache.bin
var/cache/apt/srcpkgcache.bin
var/cache/ldconfig/aux-cache
var/lib/apt/extended_states
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-security_InRelease
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-security_main_binary-amd64_Packages
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-updates_InRelease
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-updates_main_binary-amd64_Packages
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_InRelease
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_main_binary-amd64_Packages
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-updates_InRelease
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-updates_main_binary-amd64_Packages
var/lib/dpkg/available
var/lib/dpkg/available-old
var/lib/dpkg/status-old
var/lib/ubuntu-advantage/machine-id
var/lib/ubuntu-advantage/private/machine-access-cc-eal.json
var/lib/ubuntu-advantage/private/machine-access-esm-infra.json
var/lib/ubuntu-advantage/private/machine-access-fips-updates.json
var/lib/ubuntu-advantage/private/machine-access-fips.json
var/lib/ubuntu-advantage/private/machine-access-livepatch.json
var/lib/ubuntu-advantage/private/machine-access-support.json
var/lib/ubuntu-advantage/private/machine-token.json
var/lib/ubuntu-advantage/status.json
var/log/apt/history.log
var/log/apt/term.log
var/log/dpkg.log
var/log/ubuntu-advantage.log

Of the above, only /etc/apt is of interest, so let's take a closer look:
# diff -uNr /tank/trusty-3{a,b}/etc/apt
diff -uNr /tank/trusty-3a/etc/apt/auth.conf.d/90ubuntu-advantage /tank/trusty-3b/etc/apt/auth.conf.d/90ubuntu-advantage
--- /tank/trusty-3a/etc/apt/auth.conf.d/90ubuntu-advantage	2019-10-31 15:04:20.083887502 -0300
+++ /tank/trusty-3b/etc/apt/auth.conf.d/90ubuntu-advantage	2019-10-31 15:06:51.943489600 -0300
@@ -1 +1 @@
-machine esm.ubuntu.com/ login myuser password mypass
+machine esm.ubuntu.com/ login bearer password verylongrandompass  # ubuntu-advantage-tools

The above confirms that ua attach was run on (3b), because the old style credentials were removed and the new style was put in place.

diff -uNr /tank/trusty-3a/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list /tank/trusty-3b/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list
--- /tank/trusty-3a/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list	2019-10-31 15:04:20.083887502 -0300
+++ /tank/trusty-3b/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list	2019-10-31 15:06:51.935489610 -0300
@@ -1,5 +1,4 @@
-deb https://esm.ubuntu.com/ubuntu trusty-security main
-# deb-src https://esm.ubuntu.com/ubuntu trusty-security main
-
-deb https://esm.ubuntu.com/ubuntu trusty-updates main
-# deb-src https://esm.ubuntu.com/ubuntu trusty-updates main
+deb https://esm.ubuntu.com/ubuntu trusty-infra-security main
+# deb-src https://esm.ubuntu.com/ubuntu trusty-infra-security main
+deb https://esm.ubuntu.com/ubuntu trusty-infra-updates main
+# deb-src https://esm.ubuntu.com/ubuntu trusty-infra-updates main

This also confirms that ua attach was run on (3b), since we now have the new infra pocket names.

Like with test (2), absolute symlinks in the chroot get broken when looked at from the outside, so here is a list of what was suppressed from the full diff output: https://paste.ubuntu.com/p/7BmfzQjtqt/