Permissions – Is it safe to authorize the use of sudo to users created by the application?

I have a jenkins configuration on my server that automatically created the Jenkins user, which is used for its os operations. However, I need Jenkins to stop and start a service (via systemctl) after a specific construction is completed.

My current script (which is executed after a compilation of frontend) looks like this:

sudo systemctl stop myapp
rm -f /opt/myapp/myapp.jar
target mv / myapp.jar / opt / myapp
sudo systemctl start myapp

For this to work, I simply added the Jenkins user in sudoers file for all commands without password prompt:


Is it safe to do that? Which vulnerabilities do I expose? Is there a better way to do this? If yes, how?