[stable/zed] feat: add Cloudflare ACME solver (#1221)

This is an automated cherry-pick of #1217
/assign mnaser
diff --git a/roles/cluster_issuer/defaults/main.yml b/roles/cluster_issuer/defaults/main.yml
index f66a246..407acaf 100644
--- a/roles/cluster_issuer/defaults/main.yml
+++ b/roles/cluster_issuer/defaults/main.yml
@@ -23,6 +23,10 @@
 
 cluster_issuer_acme_http01_ingress_class: "{{ atmosphere_ingress_class_name }}"
 
+cluster_issuer_acme_cloudflare_secret_name: cloudflare-api-token
+cluster_issuer_acme_cloudflare_email: "{{ cluster_issuer_acme_email }}"
+#cluster_issuer_acme_cloudflare_api_token: <CLOUDFLARE_API_TOKEN>
+
 cluster_issuer_acme_rfc2136_secret_name: cert-manager-issuer-tsig-secret-key
 # cluster_issuer_acme_rfc2136_nameserver: <NAMESERVER>:<PORT>
 # cluster_issuer_acme_rfc2136_tsig_algorithm: <ALGORITHM>
diff --git a/roles/cluster_issuer/tasks/type/acme/solver/cloudflare.yml b/roles/cluster_issuer/tasks/type/acme/solver/cloudflare.yml
new file mode 100644
index 0000000..431b08e
--- /dev/null
+++ b/roles/cluster_issuer/tasks/type/acme/solver/cloudflare.yml
@@ -0,0 +1,44 @@
+# Copyright (c) 2024 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Create ClusterIssuer
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      - apiVersion: v1
+        kind: Secret
+        metadata:
+          name: "{{ cluster_issuer_acme_cloudflare_secret_name }}"
+          namespace: cert-manager
+        type: Opaque
+        stringData:
+          api-token: "{{ cluster_issuer_acme_cloudflare_api_token }}"
+
+      - apiVersion: cert-manager.io/v1
+        kind: ClusterIssuer
+        metadata:
+          name: "{{ cluster_issuer_name }}"
+        spec:
+          acme:
+            email: "{{ cluster_issuer_acme_email }}"
+            server: "{{ cluster_issuer_acme_server }}"
+            privateKeySecretRef:
+              name: "{{ cluster_issuer_acme_private_key_secret_name }}"
+            solvers:
+              - dns01:
+                  cloudflare:
+                    email: "{{ cluster_issuer_acme_cloudflare_email }}"
+                    apiTokenSecretRef:
+                      name: "{{ cluster_issuer_acme_cloudflare_secret_name }}"
+                      key: api-token