func runPushTests(appName, appUrl string, testConfig *smoke.Config) {
	if testConfig.SkipSSLValidation {
		Expect(runner.Curl("-k", appUrl).Wait(CF_TIMEOUT_IN_SECONDS)).To(Say("It just needed to be restarted!"))
	} else {
		Expect(runner.Curl(appUrl).Wait(CF_TIMEOUT_IN_SECONDS)).To(Say("It just needed to be restarted!"))
	}

	instances := 2
	maxAttempts := 30

	ExpectAppToScale(appName, instances)

	ExpectAllAppInstancesToStart(appName, instances, maxAttempts)

	ExpectAllAppInstancesToBeReachable(appUrl, instances, maxAttempts)

	if testConfig.Cleanup {
		Expect(cf.Cf("delete", appName, "-f", "-r").Wait(CF_TIMEOUT_IN_SECONDS)).To(Exit(0))

		Eventually(func() *Session {
			appStatusSession := cf.Cf("app", appName)
			Expect(appStatusSession.Wait(CF_TIMEOUT_IN_SECONDS)).To(Exit(1))
			return appStatusSession
		}, 5).Should(Say("not found"))

		Eventually(func() *Session {
			if testConfig.SkipSSLValidation {
				return runner.Curl("-k", appUrl).Wait(CF_TIMEOUT_IN_SECONDS)
			} else {
				return runner.Curl(appUrl).Wait(CF_TIMEOUT_IN_SECONDS)
			}
		}, 5).Should(Say("404"))
	}
}

func AuthenticateUser(authorizationEndpoint string, username string, password string) (cookie string) {
	loginCsrfUri := fmt.Sprintf("%v/login", authorizationEndpoint)

	cookieFile, err := ioutil.TempFile("", "cats-csrf-cookie"+generator.RandomName())
	Expect(err).ToNot(HaveOccurred())
	cookiePath := cookieFile.Name()
	defer func() {
		cookieFile.Close()
		os.Remove(cookiePath)
	}()

	curl := runner.Curl(loginCsrfUri, `--insecure`, `-i`, `-v`, `-c`, cookiePath).Wait(DEFAULT_TIMEOUT)
	apiResponse := string(curl.Out.Contents())
	csrfRegEx, _ := regexp.Compile(`name="X-Uaa-Csrf" value="(.*)"`)
	csrfToken := csrfRegEx.FindStringSubmatch(apiResponse)[1]

	loginUri := fmt.Sprintf("%v/login.do", authorizationEndpoint)
	usernameEncoded := url.QueryEscape(username)
	passwordEncoded := url.QueryEscape(password)
	csrfTokenEncoded := url.QueryEscape(csrfToken)
	loginCredentials := fmt.Sprintf("username=%v&password=%v&X-Uaa-Csrf=%v", usernameEncoded, passwordEncoded, csrfTokenEncoded)

	curl = runner.Curl(loginUri, `--data`, loginCredentials, `--insecure`, `-i`, `-v`, `-b`, cookiePath).Wait(DEFAULT_TIMEOUT)
	Expect(curl).To(Exit(0))
	apiResponse = string(curl.Out.Contents())

	jsessionRegEx, _ := regexp.Compile(`JSESSIONID([^;]*)`)
	vcapidRegEx, _ := regexp.Compile(`__VCAP_ID__([^;]*)`)
	sessionId := jsessionRegEx.FindString(apiResponse)
	vcapId := vcapidRegEx.FindString(apiResponse)
	cookie = fmt.Sprintf("%v;%v", sessionId, vcapId)
	return
}

// Curls an app's endpoint and exit successfully before the specified timeout
func CurlAppWithTimeout(appName, path string, timeout time.Duration) string {
	config := LoadConfig()
	uri := AppUri(appName, path)

	var curlCmd *gexec.Session
	if config.SkipSSLValidation {
		curlCmd = runner.Curl("-k", uri)
	} else {
		curlCmd = runner.Curl(uri)
	}

	runner.NewCmdRunner(curlCmd, timeout).Run()
	Expect(string(curlCmd.Err.Contents())).To(HaveLen(0))
	return string(curlCmd.Out.Contents())
}

// Curls an app's endpoint and exit successfully before the specified timeout
func CurlAppWithTimeout(appName, path string, timeout time.Duration) string {
	uri := AppUri(appName, path)
	curlCmd := runner.Curl(uri)
	runner.NewCmdRunner(curlCmd, timeout).Run()
	Expect(string(curlCmd.Err.Contents())).To(HaveLen(0))
	return string(curlCmd.Out.Contents())
}

// Curls an app's endpoint and exit successfully before the specified timeout
func CurlAppWithTimeout(appName, path string, timeout time.Duration) string {
	uri := AppUri(appName, path)
	curl := runner.Curl(uri).Wait(timeout)
	Expect(curl).To(Exit(0))
	Expect(string(curl.Err.Contents())).To(HaveLen(0))
	return string(curl.Out.Contents())
}

func SetOauthEndpoints(apiEndpoint string, config *OAuthConfig) {
	url := fmt.Sprintf("%v/info", apiEndpoint)
	curl := runner.Curl(url).Wait(DEFAULT_TIMEOUT)
	Expect(curl).To(Exit(0))
	apiResponse := curl.Out.Contents()
	jsonResult := ParseJsonResponse(apiResponse)

	config.TokenEndpoint = fmt.Sprintf("%v", jsonResult[`token_endpoint`])
	config.AuthorizationEndpoint = fmt.Sprintf("%v", jsonResult[`authorization_endpoint`])
	return
}

func AuthorizeScopes(cookie string, config OAuthConfig) (authCode string) {
	authorizedScopes := `scope.0=scope.openid&scope.1=scope.cloud_controller.read&scope.2=scope.cloud_controller.write&user_oauth_approval=true`
	authorizeScopesUri := fmt.Sprintf("%v/oauth/authorize", config.AuthorizationEndpoint)

	curl := runner.Curl(authorizeScopesUri, `-i`, `--data`, authorizedScopes, `--cookie`, cookie, `--insecure`, `-v`).Wait(DEFAULT_TIMEOUT)
	Expect(curl).To(Exit(0))
	apiResponse := string(curl.Out.Contents())

	pattern := fmt.Sprintf(`%v\?code=([a-zA-Z0-9]+)`, regexp.QuoteMeta(config.RedirectUri))
	regEx, _ := regexp.Compile(pattern)
	authCode = regEx.FindStringSubmatch(apiResponse)[1]

	return
}

// Curls the appUrl (up to maxAttempts) until all instances have been seen
func ExpectAllAppInstancesToBeReachable(appUrl string, instances int, maxAttempts int) {
	matcher := regexp.MustCompile(`instance[ _]index["]{0,1}:[ ]{0,1}(\d+)`)

	branchesSeen := make([]bool, instances)
	var sawAll bool
	var testConfig = smoke.GetConfig()
	var session *Session
	for i := 0; i < maxAttempts; i++ {
		if testConfig.SkipSSLValidation {
			session = runner.Curl("-k", appUrl)
		} else {
			session = runner.Curl(appUrl)
		}
		Expect(session.Wait(CF_TIMEOUT_IN_SECONDS)).To(Exit(0))

		output := string(session.Out.Contents())

		matches := matcher.FindStringSubmatch(output)
		if matches == nil {
			Fail("Expected app curl output to include an instance_index; got " + output)
		}
		indexString := matches[1]
		index, err := strconv.Atoi(indexString)
		if err != nil {
			Fail("Failed to parse instance index value " + indexString)
		}
		branchesSeen[index] = true

		if allTrue(branchesSeen) {
			sawAll = true
			break
		}
	}

	Expect(sawAll).To(BeTrue(), fmt.Sprintf("Expected to hit all %d app instances in %d attempts, but didn't", instances, maxAttempts))
}

func GetAccessToken(authCode string, config OAuthConfig) (accessToken string) {
	clientCredentials := []byte(fmt.Sprintf("%v:%v", config.ClientId, config.ClientSecret))
	encodedClientCredentials := base64.StdEncoding.EncodeToString(clientCredentials)
	authHeader := fmt.Sprintf("Authorization: Basic %v", encodedClientCredentials)
	requestTokenUri := fmt.Sprintf("%v/oauth/token", config.TokenEndpoint)
	requestTokenData := fmt.Sprintf("scope=%v&code=%v&grant_type=authorization_code&redirect_uri=%v", config.RequestedScopes, authCode, config.RedirectUri)

	curl := runner.Curl(requestTokenUri, `-H`, authHeader, `--data`, requestTokenData, `--insecure`, `-v`).Wait(DEFAULT_TIMEOUT)
	Expect(curl).To(Exit(0))
	apiResponse := curl.Out.Contents()
	jsonResult := ParseJsonResponse(apiResponse)

	accessToken = fmt.Sprintf("%v", jsonResult[`access_token`])
	return
}

func SetOauthEndpoints(apiEndpoint string, config *OAuthConfig) {
	args := []string{}
	if helpers.LoadConfig().SkipSSLValidation {
		args = append(args, "--insecure")
	}
	args = append(args, fmt.Sprintf("%v/info", apiEndpoint))
	curl := runner.Curl(args...).Wait(DEFAULT_TIMEOUT)
	Expect(curl).To(Exit(0))
	apiResponse := curl.Out.Contents()
	jsonResult := ParseJsonResponse(apiResponse)

	config.TokenEndpoint = fmt.Sprintf("%v", jsonResult[`token_endpoint`])
	config.AuthorizationEndpoint = fmt.Sprintf("%v", jsonResult[`authorization_endpoint`])
	return
}

func curlApexDomainUrl() textproto.MIMEHeader {
	appsDomain := config.AppsDomain
	apexDomainUrl := config.Protocol() + appsDomain + "/"
	curlCmd := runner.Curl(apexDomainUrl, "-I").Wait(helpers.CURL_TIMEOUT)
	Expect(curlCmd).To(Exit(0))
	Expect(string(curlCmd.Err.Contents())).To(HaveLen(0))
	curlResponse := string(curlCmd.Out.Contents())

	reader := textproto.NewReader(bufio.NewReader(bytes.NewBufferString(curlResponse)))
	reader.ReadLine()

	m, err := reader.ReadMIMEHeader()
	Expect(err).ShouldNot(HaveOccurred())

	return m
}

func AuthenticateUser(authorizationEndpoint string, username string, password string) (cookie string) {
	loginUri := fmt.Sprintf("%v/login.do", authorizationEndpoint)
	usernameEncoded := url.QueryEscape(username)
	passwordEncoded := url.QueryEscape(password)
	loginCredentials := fmt.Sprintf("username=%v&password=%v", usernameEncoded, passwordEncoded)

	curl := runner.Curl(loginUri, `--data`, loginCredentials, `--insecure`, `-i`, `-v`).Wait(DEFAULT_TIMEOUT)
	Expect(curl).To(Exit(0))
	apiResponse := string(curl.Out.Contents())

	jsessionRegEx, _ := regexp.Compile(`JSESSIONID([^;]*)`)
	vcapidRegEx, _ := regexp.Compile(`__VCAP_ID__([^;]*)`)
	sessionId := jsessionRegEx.FindString(apiResponse)
	vcapId := vcapidRegEx.FindString(apiResponse)
	cookie = fmt.Sprintf("%v;%v", sessionId, vcapId)
	return
}

func QueryServiceInstancePermissionEndpoint(apiEndpoint string, accessToken string, serviceInstanceGuid string) (canManage string, httpCode string) {
	canManage = `not populated`
	authHeader := fmt.Sprintf("Authorization: bearer %v", accessToken)
	permissionsUri := fmt.Sprintf("%v/v2/service_instances/%v/permissions", apiEndpoint, serviceInstanceGuid)

	curl := runner.Curl(permissionsUri, `-H`, authHeader, `-w`, `:TestReponseCode:%{http_code}`, `--insecure`, `-v`).Wait(DEFAULT_TIMEOUT)
	Expect(curl).To(Exit(0))
	apiResponse := string(curl.Out.Contents())
	resultMap := strings.Split(apiResponse, `:TestReponseCode:`)

	resultText := resultMap[0]
	httpCode = resultMap[1]

	if httpCode == `200` {
		jsonResult := ParseJsonResponse([]byte(resultText))
		canManage = fmt.Sprintf("%v", jsonResult[`manage`])
	}

	return
}

func RequestScopes(cookie string, config OAuthConfig) (authCode string, httpCode string) {
	authCode = `initialized`

	requestScopesUri := fmt.Sprintf("%v/oauth/authorize?client_id=%v&response_type=code+id_token&redirect_uri=%v&scope=%v",
		config.AuthorizationEndpoint,
		url.QueryEscape(config.ClientId),
		config.RedirectUri,
		config.RequestedScopes)

	curl := runner.Curl(requestScopesUri, `-L`, `--cookie`, cookie, `--insecure`, `-w`, `:TestReponseCode:%{http_code}`, `-v`).Wait(DEFAULT_TIMEOUT)
	Expect(curl).To(Exit(0))
	apiResponse := string(curl.Out.Contents())
	resultMap := strings.Split(apiResponse, `:TestReponseCode:`)

	httpCode = resultMap[1]

	if httpCode == `200` {
		authCode = AuthorizeScopes(cookie, config)
	}

	return
}

			createServiceStdout := createServiceSession.Out

			select {
			case <-createServiceStdout.Detect("FAILED"):
				Eventually(createServiceSession, config.ScaledTimeout(timeout)).Should(Say("instance limit for this service has been reached"))
				Eventually(createServiceSession, config.ScaledTimeout(timeout)).Should(Exit(1))
				fmt.Println("No Plan Instances available for testing plan:", planName)
			case <-createServiceStdout.Detect("OK"):
				Eventually(createServiceSession, config.ScaledTimeout(timeout)).Should(Exit(0))
				Eventually(cf.Cf("bind-service", appName, serviceInstanceName), config.ScaledTimeout(timeout)).Should(Exit(0))
				Eventually(cf.Cf("start", appName), config.ScaledTimeout(5*time.Minute)).Should(Exit(0))

				uri := appUri(appName) + "/store"
				fmt.Println("Posting to url: ", uri)
				Eventually(runner.Curl("-d", "myvalue", "-X", "POST", uri, "-k", "-f"), config.ScaledTimeout(timeout), retryInterval).Should(Exit(0))
				fmt.Println("\n")

				fmt.Println("Getting from url: ", uri)
				Eventually(runner.Curl(uri, "-k"), config.ScaledTimeout(timeout), retryInterval).Should(Say("myvalue"))
				fmt.Println("\n")

				Eventually(cf.Cf("unbind-service", appName, serviceInstanceName), config.ScaledTimeout(timeout)).Should(Exit(0))
				Eventually(cf.Cf("delete-service", "-f", serviceInstanceName), config.ScaledTimeout(timeout)).Should(Exit(0))
			}
			createServiceStdout.CancelDetects()

		})
	}

	Context("for each plan", func() {

//Beginning of the test function.
var _ = Describe("RDPG Service Broker", func() {
	var timeout = time.Second * 60
	var retryInterval = time.Second / 2
	var appPath = "../assets/postgres-test-app"

	var appName string

	randomServiceName := func() string {
		return uuid.NewRandom().String()
	}

	assertAppIsRunning := func(appName string) {
		pingUri := appUri(appName) + "/ping"
		fmt.Println("Checking that the app is responding at url: ", pingUri)
		Eventually(runner.Curl(pingUri, "-k"), config.ScaledTimeout(timeout), retryInterval).Should(Say("SUCCESS"))
		fmt.Println("\n")
	}

	getLocalBackups := func(location, dbname string) []map[string]string {
		uri := rdpgUri(location) + "/backup/list/local"
		resp, err := httpClient.PostForm(uri, url.Values{"dbname": {dbname}})
		Ω(err).ShouldNot(HaveOccurred())
		Ω(resp.StatusCode).Should(Equal(http.StatusOK))
		backupsMap := make(map[string]interface{})
		backupsJSON, err := ioutil.ReadAll(resp.Body)
		fmt.Printf("backupsJSON:\n%s", backupsJSON)
		Ω(err).ShouldNot(HaveOccurred())
		fmt.Println("\n--Unmarshaling JSON")
		err = json.Unmarshal(backupsJSON, &backupsMap)
		Ω(err).ShouldNot(HaveOccurred())

)

const cmdTimeout = 30 * time.Second

var _ = Describe("Run", func() {
	It("runs the given command in a cmdtest Session", func() {
		session := runner.Run("bash", "-c", "echo hi out; echo hi err 1>&2; exit 42").Wait(cmdTimeout)
		Expect(session).To(Exit(42))
		Expect(session.Out).To(Say("hi out"))
		Expect(session.Err).To(Say("hi err"))
	})
})

var _ = Describe("Curl", func() {
	It("outputs the body of the given URL", func() {
		session := runner.Curl("-I", "http://example.com").Wait(cmdTimeout)
		Expect(session).To(Exit(0))
		Expect(session.Out).To(Say("HTTP/1.1 200 OK"))
	})
})

var _ = Describe("cmdRunner", func() {

	Describe("Run with defaults", func() {
		It("does nothing when the command succeeds before the timeout", func() {
			failures := InterceptGomegaFailures(func() {
				session := runner.Run("bash", "-c", "echo hi out; echo hi err 1>&2; exit 0")
				runner.NewCmdRunner(session, cmdTimeout).Run()
			})
			Expect(failures).To(BeEmpty())
		})

func assertReadFromDB(key, value, uri string) {
	curlURI := fmt.Sprintf("%s/%s", uri, key)
	runner.NewCmdRunner(runner.Curl("-k", curlURI), helpers.TestContext.ShortTimeout()).WithOutput(value).Run()
}

func assertAppIsRunning(appName string) {
	pingURI := helpers.TestConfig.AppURI(appName) + "/ping"
	runner.NewCmdRunner(runner.Curl("-k", pingURI), helpers.TestContext.ShortTimeout()).WithOutput("OK").Run()
}

)

const (
	// The quota enforcer sleeps for one second between iterations,
	// so sleeping for 20 seconds is sufficient for it have enforced all quotas
	quotaEnforcerSleepTime = 20 * time.Second
)

var _ = Describe("P-MySQL Service", func() {
	var sinatraPath = "../../assets/sinatra_app"

	assertAppIsRunning := func(appName string) {
		pingURI := helpers.TestConfig.AppURI(appName) + "/ping"
		fmt.Println("\n*** Checking that the app is responding at url: ", pingURI)

		runner.NewCmdRunner(runner.Curl("-k", pingURI), helpers.TestContext.ShortTimeout()).WithAttempts(3).WithOutput("OK").Run()
	}

	Describe("Enforcing MySQL storage and connection quota", func() {
		var appName string
		var serviceInstanceName string
		var serviceURI string
		var plan helpers.Plan

		BeforeEach(func() {
			appName = RandomName()
			serviceInstanceName = RandomName()
			plan = helpers.TestConfig.Plans[0]

			serviceURI = fmt.Sprintf("%s/service/mysql/%s", helpers.TestConfig.AppURI(appName), serviceInstanceName)
			runner.NewCmdRunner(Cf("push", appName, "-m", "256M", "-p", sinatraPath, "-b", "ruby_buildpack", "-no-start"), helpers.TestContext.LongTimeout()).Run()