These issues don't necessarily need to be done right away, but are tasks which we'll likely eventually want to tackle as things grow more sophisticated.
[ ] Avoid building on the built-in node. Per Jenkins documentation, any builds running on the built-in node have the same level of access to the controller file system as the Jenkins process. Instead, use agents ("statically configured or provided by clouds") to run builds.
[ ] Identify more secure way of storing secrets and environment variables -- currently, in builds, secrets are stored in plain-text within the builds. Since only two people -- administrators -- have access to these at the moment, that's not the worst thing, but should likely be adjusted over the long term.
[ ] Determine more granular forms of user access -- if we want to eventually delegate some of this work, we may want to determine how to create users with different permissions and then how to assign them to others.
[ ] Currently, some parts of setup scripts don't work from Jenkins and have to be performed by an administrator entering the droplet via a console. This is less than desirable, and we'd benefit from figuring out how to work around that. This may relate to...
These issues don't necessarily need to be done right away, but are tasks which we'll likely eventually want to tackle as things grow more sophisticated.