Revamp the sign in and register pages

[janfaracik]

Sign in - Before

After

Register - Before

After

This PR introduces bolder, more visual sign in/register pages. They adopt the same starburst/gradient stylings from the About page and Design Library.

Also removes the inline JS in the register page, resolving https://issues.jenkins.io/browse/JENKINS-71039.

Testing done

• User can register
• User can sign in
• Error messages display correctly

Proposed changelog entries

• Revamp the sign in and register pages. Add support for browser-native themes like darkmode.

Proposed upgrade guidelines

N/A

Submitter checklist

• The Jira issue, if it exists, is well-described.
• The changelog entries and upgrade guidelines are appropriate for the audience affected by the change (users or developers, depending on the change) and are in the imperative mood (see examples).
  • Fill in the Proposed upgrade guidelines section only if there are breaking changes or changes that may require extra steps from users during upgrade.
• There is automated testing or an explanation as to why this change has no tests.
• New public classes, fields, and methods are annotated with @Restricted or have @since TODO Javadocs, as appropriate.
• New deprecations are annotated with @Deprecated(since = "TODO") or @Deprecated(forRemoval = true, since = "TODO"), if applicable.
• New or substantially changed JavaScript is not defined inline and does not call eval to ease future introduction of Content Security Policy (CSP) directives (see documentation).
• For dependency updates, there are links to external changelogs and, if possible, full differentials.
• For new APIs and extension points, there is a link to at least one consumer.

Desired reviewers

@jenkinsci/sig-ux

Maintainer checklist

Before the changes are marked as ready-for-merge:

• There are at least two (2) approvals for the pull request and no outstanding requests for change.
• Conversations in the pull request are over, or it is explicit that a reviewer is not blocking the change.
• Changelog entries in the pull request title and/or Proposed changelog entries are accurate, human-readable, and in the imperative mood.
• Proper changelog labels are set so that the changelog can be generated automatically.
• If the change needs additional upgrade steps from users, the upgrade-guide-needed label is set and there is a Proposed upgrade guidelines section in the pull request title (see example).
• If it would make sense to backport the change to LTS, a Jira issue must exist, be a Bug or Improvement, and be labeled as lts-candidate to be considered (see query).

[timja]

Worth posting this on community.Jenkins.io for feedback?

[janfaracik]

Worth posting this on community.Jenkins.io for feedback?

I've posted it https://community.jenkins.io/t/an-updated-sign-in-and-register-page/6982

What are your thoughts/feedback?

[NotMyFault]

I like the proposed design a lot, but I'm not a big fan of the new inline JS, such as https://github.com/jenkinsci/jenkins/pull/7872/files#diff-b1c3edf5abaac4d83594131e9e59e0ccdc259c4800b88cecd6e281f71ba4efb2R270, causing the need of follow-up PRs.
We generally avoid introducing new CSP violations.

[janfaracik]

I like the proposed design a lot, but I'm not a big fan of the new inline JS, such as https://github.com/jenkinsci/jenkins/pull/7872/files#diff-b1c3edf5abaac4d83594131e9e59e0ccdc259c4800b88cecd6e281f71ba4efb2R270, causing the need of follow-up PRs.

We generally avoid introducing new CSP violations.

Agreed, want me to split the JS as part of this PR?

[NotMyFault]

Agreed, want me to split the JS as part of this PR?

Preferably, if that is not too much work? At least the part you added 👀

[janfaracik]

Agreed, want me to split the JS as part of this PR?

Preferably, if that is not too much work? At least the part you added 👀

Happy to do so 🙌

[yaroslavafenkin]

This looks like it's also addressing https://issues.jenkins.io/browse/JENKINS-71039, is that correct?

[NotMyFault]

This looks like it's also addressing https://issues.jenkins.io/browse/JENKINS-71039, is that correct?

Seems so, if this PR is merged, there's no inline JS left in signup.jelly.

[yaroslavafenkin]

Tested manually, functionally seems alright to me.
Looks fine security wise too, thanks a lot for improving CSP situation!

[NotMyFault]

Thanks!

[timja]

/label ready-for-merge

---

This PR is now ready for merge, after ~24 hours, we will merge it if there's no negative feedback.

Thanks!

[basil]

Causes JENKINS-71238.

[lemeurherve]

Also JENKINS-71253

[daniel-beck]

Causes JENKINS-71246

[basil]

Causes JENKINS-71238; therefore, adding the upgrade-guide-needed label.