From 38e4b25e29bf2d8e7cec3af7ec0f27ff86104c4c Mon Sep 17 00:00:00 2001
From: Victor Cabezas <vcabezas@tuenti.com>
Date: Thu, 16 Apr 2020 18:19:37 +0200
Subject: [PATCH 1/4] Check for CA file existence

---
 lib/puppet_x/ldapquery.rb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/puppet_x/ldapquery.rb b/lib/puppet_x/ldapquery.rb
index c919baf..e6cb24a 100644
--- a/lib/puppet_x/ldapquery.rb
+++ b/lib/puppet_x/ldapquery.rb
@@ -72,6 +72,9 @@ module PuppetX
           method: :simple_tls,
           tls_options: { ca_file: ca_file }
         }
+        if File.file?(ca_file)
+          conf[:encryption][:tls_options] = { ca_file: ca_file }
+        end
       end
 
       conf

From d42bbd1c9bfb7b0212102a47c739dce14dc6d370 Mon Sep 17 00:00:00 2001
From: Victor Cabezas <vcabezas@tuenti.com>
Date: Thu, 16 Apr 2020 18:34:14 +0200
Subject: [PATCH 2/4] Remove setting

---
 lib/puppet_x/ldapquery.rb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/puppet_x/ldapquery.rb b/lib/puppet_x/ldapquery.rb
index e6cb24a..2cf88f7 100644
--- a/lib/puppet_x/ldapquery.rb
+++ b/lib/puppet_x/ldapquery.rb
@@ -69,8 +69,7 @@ module PuppetX
 
       if tls
         conf[:encryption] = {
-          method: :simple_tls,
-          tls_options: { ca_file: ca_file }
+          method: :simple_tls
         }
         if File.file?(ca_file)
           conf[:encryption][:tls_options] = { ca_file: ca_file }

From 5669fde765b1eecb5b696b3d4ac5210f17f8eda3 Mon Sep 17 00:00:00 2001
From: Victor Cabezas <vcabezas@tuenti.com>
Date: Mon, 20 Apr 2020 10:33:03 +0200
Subject: [PATCH 3/4] Emit a debug message with ca_file behavior

---
 lib/puppet_x/ldapquery.rb | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/puppet_x/ldapquery.rb b/lib/puppet_x/ldapquery.rb
index 2cf88f7..6cbe3b9 100644
--- a/lib/puppet_x/ldapquery.rb
+++ b/lib/puppet_x/ldapquery.rb
@@ -52,8 +52,6 @@ module PuppetX
       tls = Puppet[:ldaptls]
       ca_file = "#{Puppet[:confdir]}/ldap_ca.pem"
 
-      # TODO: if not exists ldap_ca.pem fail
-
       conf = {
         host: host,
         port: port
@@ -72,7 +70,10 @@ module PuppetX
           method: :simple_tls
         }
         if File.file?(ca_file)
+          Puppet.debug("Using #{ca_file} as CA for TLS connection")
           conf[:encryption][:tls_options] = { ca_file: ca_file }
+        else
+          Puppet.debug("#{ca_file} not found, using default CAs installed in your system")
         end
       end
 

From 33c4a9e9f1bb4447346c77fd361c78fbb6676236 Mon Sep 17 00:00:00 2001
From: Victor Cabezas <vcabezas@tuenti.com>
Date: Mon, 20 Apr 2020 11:36:07 +0200
Subject: [PATCH 4/4] Add gem pdk version constraint

---
 Gemfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile b/Gemfile
index 5ccf6c6..4cab0cc 100644
--- a/Gemfile
+++ b/Gemfile
@@ -14,7 +14,7 @@ group :test do
   gem 'puppetlabs_spec_helper', '>= 2.14.0',                        :require => false
   gem 'rspec-puppet-facts', '>= 1.9.5',                             :require => false
   gem 'rspec-puppet-utils',                                         :require => false
-  gem 'pdk',                                                        :require => false
+  gem 'pdk', '>= 1.14.0',                                           :require => false
   gem 'puppet-module',                                              :require => false
   gem 'puppet-lint-leading_zero-check',                             :require => false
   gem 'puppet-lint-trailing_comma-check',                           :require => false